Chase Cunningham

Principal Analyst

Forrester Bio

Chase Cunningham

Author Insights

BLOG

The Forrester Wave™: Zero Trust eXtended (ZTX) Ecosystem Providers, Q4 2018 — Truth

Chase Cunningham November 15, 2018

We just wrapped up five months of in-depth research focused on providing some clarity into what technologies from which vendors actually enable Zero Trust (not just talk about it). It didn’t take long to discern those among the vendor community that really embraced the strategic benefits of Zero Trust — and those that seemed to just […]

Read More
BLOG

Computational Propaganda: How Your Organization Could Be Attacked Like A Politician

Chase Cunningham October 18, 2018

Sending malicious payloads and packets is no longer the standard in threat operations. In today’s world of massive social media presence and influence, malicious actors can bring an organization to its knees — 280 characters at a time. This isn’t an attack on your infrastructure but an attack of computational propaganda aimed to shape a divisive […]

Read More
BLOG

Zero Trust Technology Works; Excuses Don't

Chase Cunningham September 4, 2018

I have done a few exercises on implementing Zero Trust and Zero Trust eXtended (ZTX) in enterprises. The impetus behind these exercises from a strategy standpoint is that the participating organizations have leaders that are Forrester clients and had read, or at least breezed through, the research that has been published on the topic of […]

Read More
BLOG

Zero Trust Technology Works; Excuses Don't

Chase Cunningham September 4, 2018

I have done a few exercises on implementing Zero Trust and Zero Trust eXtended (ZTX) in enterprises. The impetus behind these exercises from a strategy standpoint is that the participating organizations have leaders that are Forrester clients and had read, or at least breezed through, the research that has been published on the topic of […]

Read More
BLOG

Security Is Embracing Zero Trust; Get Your Federal Team In Sync

Chase Cunningham August 10, 2018

Historically, industry is more forward-leaning than government when it comes to innovation — at least at the unclassified level. But unlike most industries, the US government is driving the cybersecurity market and has been for almost the last decade. Federal fingerprints are everywhere: Where did cybercompliance start? Where did the first frameworks for cyber operations originate? […]

Read More
BLOG

Cyber Conferences: It Shouldn’t Be This Way

Chase Cunningham June 7, 2018

I recently saw another posting/photo from a friend in the industry that showed what amounts to “booth babes” at yet another conference; this time it wasn’t in Vegas, it was in Europe. This issue is one of importance in an industry rife with failure on lots of levels, a lack of available talent, and that […]

Read More
BLOG

The Self-Licking Ice Cream Cone Of Misery For S&R Pros Starts With Startups

Chase Cunningham April 26, 2018

Over the past two weeks, I was at the annual shenanigan bonanza that is the RSA Conference and was also invited to sit on a “Shark Tank” panel for emerging technology startups in Miami. In the span of two weeks, I went from seeing big, well-established companies with massive marketing budgets and millions of dollars […]

Read More
BLOG

Next-Generation Access and Zero Trust

Chase Cunningham March 27, 2018

A few years ago, the concepts of microsegmentation and microperimeters for Zero Trust were championed by former Forrester analyst John Kindervag. He showed us how those concepts and their technologies could enable a more secure enterprise. Once those concepts and their associated best practices hit the street, organizations from VMware to Cisco Systems to Palo […]

Read More
BLOG

Zero Trust on a Beer Budget

Chase Cunningham February 7, 2018

I have a good friend who has a small business (roughly 100 employees and two office locations; everything lives in the cloud, no real “network” to speak of) that is doing well. A few weeks ago, over barbecue and range time (some folks play golf, we shoot guns . . . it’s a Texas thing), […]

Read More
BLOG

What ZTX means for vendors and users

Chase Cunningham January 23, 2018

I am a huge fan of Zero Trust—the simplicity of the concept resonates with clients that read the research authored previously by John Kindervag and more recently myself. The framework’s intrinsic value to security and business processes is readily evident to those who explore how it benefits their security needs.  If we’re honest about Zero […]

Read More
BLOG

You Deserve What You Tolerate . . .

Chase Cunningham August 18, 2017

After reading through some other blogs and strategy papers over the weekend (don’t judge me; to some of us, this activity constitutes a good time . . . yes, lame . . . I know), I saw what appeared to be an underlying theme across the narratives I’d read: Security tolerates failure. It’s understandable that […]

Read More
BLOG

Black Hat Buzzword Bingo 2017

Chase Cunningham July 24, 2017

Every year at Black Hat, the buzzword factory is in full swing. Last year the word of the day was Artificial Intelligence or Machine Learning (or in the off chance you met with someone who knew what they were talking about, they would call it “AI or ML”).  The year before that, the word of […]

Read More
BLOG

We Don't Need Jedis

Chase Cunningham July 7, 2017

Like every other movie buff, geek, or nerd on the planet I am a Star Wars fan.  I think it’s a stellar series (minus the whole Jar Jar Binks thing, anything with that guy in it could be used as an alternative to waterboarding) that has spun a tale for the ages across the better […]

Read More
BLOG

Simplicity is a strategy that works.

Chase Cunningham June 19, 2017

This last week I was fortunate enough to be invited out to Hollywood to participate in a large exercise for the entertainment industry focusing on cyber security planning and threat management.  There were folks in attendance from a variety of organizations, all of which were very interested in just how exposed they might be to […]

Read More
BLOG

For More Cyber Operations Wins, Cheat…

Chase Cunningham June 6, 2017

Before my last deployment (quite a while ago, thankfully) my unit was training on a variety of tactics to make us all more effective in an operational setting.  That’s the long way of saying we were all getting PT'd repeatedly and learning how terrible we were at stopping the bad guys, luckily we all got […]

Read More
BLOG

Prepare for Increasing Frequency of “Nation-State” Cyberattacks with Strategy, not Technology

Chase Cunningham May 22, 2017

Let me pose a question: “Is it a bad thing to give the average person a hand grenade with the pin pulled?” I think most of us would respond to that question with an emphatic “YES!”  No one in their right mind would think it's a good idea in any possible reality to allow anyone […]

Read More
BLOG

Data is the perimeter, defend it that way

Chase Cunningham May 15, 2017

Data is the perimeter, defend it that way Unless you have been living under a rock or possibly hiding in the mountains of Montana with a giant beard and eating way too many government issued MRE’s you probably heard about the nuclear bomb of a ransomware attack that kicked off last week.  Welcome to the […]

Read More
BLOG

Zero Trust for MeatWare: It Applies to Us Humans Too

Chase Cunningham May 3, 2017

Zero Trust principles have, thus far, been mainly aimed at the network and the technology that makes our interconnected systems “live.” That’s how the concept was originally meant to be applied, but the reality of the threat vectors and need for better security capabilities means that Zero Trust has to adapt just like everything else […]

Read More
BLOG

For Better Security Operations, Speak to the Pack in its Native Tongue

Chase Cunningham April 24, 2017

I have a huge German Shepherd that ranks only slightly behind my human children when it comes to being spoiled and how much attention he gets.  I’ve been working on training him for nearly a year now, and he amazes me with how intelligent he is. He knows all the basics: sit, stay, here, lay […]

Read More