Andras Cser

VP, Principal Analyst

Forrester Bio

Author Insights

Blog

KubeCon And The (Partial) Emergence Of Enterprise Kubernetes

Lee Sustar May 18, 2021
KubeCon events can be hard to assess. Whether live or virtual, they’ve become a sprawling mix of old-school tech trade show, open source project maintainer meetup, and independent user group. KubeCon + CloudNativeCon Europe 2021 was no different. My colleague Brent Ellis led Forrester’s initial appraisal of the online event, noting greater maturity in Kubernetes […]
Read More
Blog

It’s Time For E-Commerce And Security Pros To Collaborate To Combat Bot Fraud

Sandy Carielli May 6, 2021
Bots are bigger than the security team. Conversations with security professionals concerned about bots often start with credential stuffing attacks, but the bot landscape is much broader and can directly impact your top line. Even the defenses have business impacts: A bot management solution that slows down traffic on the biggest shopping day of the […]
Read More
Blog

Four Building Blocks To Help Campaign Leaders Balance Economies Of Scale And Localization Requirements

Mavis Liew March 31, 2021
How can campaign leaders balance their desire for economies of scale with the need to deliver campaigns that resonate in local markets?
Read More
Blog

Okta Acquires Identity Orchestration And CIAM Vendor Auth0 For $6.5B

Andras Cser March 4, 2021
Forrester analysts take a detailed look at what's driving the unprecedented premium being paid in this acquisition.
Read More
Blog

Rotten Phish Spoils Employee Experience

Jinan Budge September 24, 2020
When our colleagues Claire O’Malley and Brian Kime wrote their “Point/Counterpoint: The Ethics Of COVID-19 Phishing” blog in March, it turns out they were inadvertently predicting an event that took place this week: An employee took to social media to speak out about a highly insensitive phishing simulation. Tribune Publishing Company, publisher of newspapers like […]
Read More
Blog

CyberArk Scoops Up Idaptive

Sean Ryan May 14, 2020
Read Forrester's take on CyberArk announcing its acquisition of identity-as-a-service vendor Idaptive.
Read More
Blog

COVID-19 Campaigns Highlight The Need For Phishing Protection

Joseph Blankenship April 21, 2020
Cybercriminals are using the pandemic to dramatically increase phishing attacks, effectively targeting work-from-home employees. Find out how you can minimize the threat.
Read More
Blog

Point/Counterpoint: The Ethics Of COVID-19 Phishing

Brian Kime March 18, 2020
Security awareness testing for employees should be realistic. Yet those overseeing phishing drills should be careful when using coronavirus-related messaging.
Read More
Blog

Employee Safety Is For Sale

Jeff Pollard December 20, 2019
New risks emerge around user location data that may have you rethinking your cybersecurity plan.
Read More
Blog

Look Beyond Compliance When Choosing An Anti-Money Laundering Solution

Andras Cser September 24, 2019
When looking for an AML services provider, there are three primary factors organizations need to keep in mind.
Read More
Blog

Broadcom Buys Symantec’s Enterprise Biz: Good News For Investors, Bad News For Enterprises

Merritt Maxim August 9, 2019
Yesterday, Broadcom announced a definitive deal to acquire the enterprise business of Symantec for $10.7 billion in cash. This deal caps weeks of speculation that Symantec was in play, initiated in May 2019 following the sudden resignation of Symantec CEO Greg Clarke in May and a downward revision to Symantec’s FY 2020 revenue guidance earlier […]
Read More
Blog

Cisco Acquires Duo, Or How Should You Do Two-Factor Authentication (2FA)?

Andras Cser August 2, 2018
The National Institute of Standards and Technology (NIST) has not been recommending SMS OTP 2FA for a while precisely because of SMS inbox takeovers, MITM attacks, etc. From the license cost perspective, the price of moving away from SMS (to Google Authenticator, for example) is minimal. Google publishes guides on how to do this. From […]
Read More
Blog

Welcome Rain Capital

Stephanie Balaouras July 9, 2018
Rain Capital is shaking up the investment side of cybersecurity. Apart from only 11% of cybersecurity professionals being women, venture capital (VC) firms also suffer from a gender disparity with limited diversity. According to TechCrunch, only 8% of partners from the top 100 venture firms were women in 2017, and eight of these top 100 […]
Read More
Blog

Why Is One Woman Not Good Enough?

Stephanie Balaouras May 1, 2018
This weekend, The New York Times released a story detailing a sexist, toxic culture that’s been tormenting Nike employees for years. The story shares instances of sexist comments, work trips to strip clubs, sexually graphic conversations, and unwanted advances that’ve forced many women to quit over the years. But did they go to HR? Yes. […]
Read More
Blog

Bank Of America Lowers Security, Removes One-Time Passwords At Payee Add/Change

Andras Cser April 24, 2018
With the latest change to the BofA online banking bill pay service (which added all sorts of unnecessary and distracting icons and ugly fonts), the bank decided to remove the one-time password two-factor authentication (OTP 2FA) requirement to force the customer to perform a one-time password-based step-up authentication before allowing the change. Instead, by default, […]
Read More
Blog

Palo Alto Networks Acquires Cloud Monitoring And Workload Management Specialist Evident.io

Andras Cser March 14, 2018
Palo Alto Networks (PAN) today announced plans to acquire Evident.io, a predominantly API-based cloud monitoring vendor for $300 million in cash. Evident.io has a large mind share among Forrester’s end user clients and is also regularly mentioned by other cloud workload security management (CWS) vendors as a viable competitor. With PAN expanding Aperture into a […]
Read More
Blog

Let’s Address Cybersecurity’s Gender Disparity

Stephanie Balaouras February 27, 2018
The most infuriating advice I’ve received about succeeding in cybersecurity is to, “Have a thick skin,” usually followed by, “Don’t take him seriously, he doesn’t even realize what he’s saying.” These are not words of wisdom—they’re a defense of predatory behavior that belittles the issues women face every day and normalizes sexual harassment. For my […]
Read More
Blog

McAfee acquires CSG / CASB vendor SkyHigh Networks – two years too late?

Andras Cser November 27, 2017
In the light of large network security vendors (Cisco, Palo Alto, Symantec, Zscaler, etc.) acquiring or building Cloud Security Gateway (CSG, also known CASB) vendors, it comes as little to no surprise that McAfee also invested in this area. In Forrester’s estimates, SkyHigh annual revenues were around USD $40-45 million/year. Looking at similar deals, Forrester […]
Read More
Blog

SAP Buys CIAM Vendor Gigya

Merritt Maxim September 25, 2017
Today, SAP announced it has acquired Mountain View, CA based Customer Identity and Access (CIAM) provider Gigya. Several media outlets placed the purchase price in the $350M range. Gigya has been a CIAM vendor since 2010 and raised ~$105M in venture capital, so if the purchase price is accurate, it reflects a good return for […]
Read More
Blog

Cisco buys Cloud Security Gateway vendor CloudLock for $293M

Andras Cser June 28, 2016
Given Symantec's recent acquisiton of BlueCoat (and with it BlueCoat's earlier acquired Elastica and Perspecsys cloud security gateway (CSG) assets), and IBM's organic buildout of its Cloud Security Enforcer CSG solution it comes hardly as a surprise that Cisco today announced its intent to acquire CloudLock for US$293M (in Forrester's estimation this purchase price represents […]
Read More
More posts