Heidi Shey

Principal Analyst

Forrester Bio

Author Insights

Blog

Breaking Down The US Executive Order To Protect Americans’ Sensitive Personal Data

Stephanie Liu 2 days ago
Learn the key takeaways and market impacts from the Biden administration’s executive order to protect Americans’ sensitive personal data.
Blog

What To Know: A Retrospective Of 2023’s Top Breaches And Fines

Sandy Carielli 3 days ago
After a retrospective review of the largest publicly reported breaches and privacy violations in 2023, here's what you need to know for 2024.
Blog

Prescription For Change: Cybersecurity Outage Highlights Critical Vulnerabilities In Healthcare

Jeff Pollard February 23, 2024
A recent cybersecurity incident at Change Healthcare cause the pharmacy claims processors to take its systems offline. Learn the implication of this event and five things firms can do to prepare.
Blog

Make Cyber Insurance Work For You

Heidi Shey September 11, 2023
Learn why cyber insurance is a major opportunity in this preview of our upcoming Security & Risk Forum.
Blog

Prevent Data Turnovers With Insider Risk Management

Joseph Blankenship August 28, 2023
Learn some valuable lessons about insider risk management from the New York Knicks and the Toronto Raptors. Really.
Blog

The State Of Data Security, 2023

Heidi Shey August 28, 2023
Learn some of the key data security trends of the year including the causes of breaches, types of data being compromised, and post-breach effects and impact.
Blog

The State Of Cyber Insurance, 2023

Heidi Shey August 24, 2023
Cyber insurance is a common tool for risk transfer today. It’s also a key driver for cybersecurity program investment today. But who has cyber insurance and what benefits do organizations see from it? Analyzing Forrester data on cyber insurance adoption and breach response trends, we find that: Most organizations do not have standalone cyber insurance […]
Blog

Rubrik Acquires Laminar: Data Resilience And Security Join Forces

Heidi Shey August 22, 2023
As security threats increase, data protection and security practices continue to merge. Data resilience firm Rubrik recently announced its acquisition of Laminar, a data security posture management (DSPM) vendor. Together, they aim to enable consistent and unified data security posture visibility that spans on-premises and cloud-based environments. Modern Data Resilience Is Increasingly A Cybersecurity Issue […]
Blog

Post-Quantum Security: Have You Started Your Journey?

Heidi Shey August 11, 2023
The European Policy Centre recently published a quantum cybersecurity agenda for Europe in July 2023. This is yet another example of raising awareness and issuing calls to action for post-quantum security preparations. This follows the World Economic Forum and Deloitte issuing a perspective on transitioning to a quantum-secure economy in 2022. Also in late 2022, […]
Blog

Reap The Rewards Of Empathy, The Emotional Buoy Of Trust

Allie Mellen August 9, 2023
This week, we are thrilled to release new research: Build Trust And Lasting Emotional Bonds With Empathy. This report delves into empathy, one of the most critical of the seven levers of trust defined in the trust imperative.   Forrester defines empathy as: The perception that an organization is emotionally connected to its customers, employees, […]
Blog

Thales To Acquire Imperva: Building This Dream House Won’t Be Easy

Heidi Shey July 25, 2023
Thales announced its agreement to acquire Imperva from private equity firm Thoma Bravo for $3.6 billion, expecting to add $500 million of revenue and expand its data and application security offerings as a result. The overall cybersecurity portfolio will then be structured across three key areas: identity (Thales), data security (Thales and Imperva), and application […]
Blog

Unpacking DLP: The Concept Versus The Control

Heidi Shey July 18, 2023
Data loss prevention (DLP) strategy and approach is an evergreen topic in the ongoing guidance sessions I have with clients, where I hear: 1) We must have this, we already have it, and we are not happy with what we currently have; 2) We have this, and we don’t want it anymore; or 3) We […]
Blog

Insights From The 2023 RSA Conference: Generative AI, Quantum, And Innovation Sandbox

Allie Mellen May 2, 2023
There's growing hype around generative AI in the security world, some of it warranted, some of it not so much. Learn more by reading the Forrester security and risk team’s key perspectives from RSAC 2023.
Blog

What I’m Looking For At RSA Conference 2023

Heidi Shey March 31, 2023
The countdown begins! I’ve confirmed the last 1:1 meeting spot on my calendar. The Forrester team is preparing for a panel discussion and topic tables at our client meet-and-greet event. I’m glad that track sessions and keynotes will also be available on demand. I aim to attend a few in person, but I know I’ll […]
Blog

Get A Head Start On The National Cybersecurity Strategy

Jeff Pollard March 2, 2023
This blog outlines Forrester’s existing Security & Risk research to help organizations navigate, manage, and prepare their organizations for the implications of the National Cybersecurity Strategy.
Blog

We Need To Talk More About Burnout In Cybersecurity

Jinan Budge February 14, 2023
Forrester predicted that in 2023, a Global 500 firm will be exposed for burning out its cybersecurity employees. In 2022, we saw at a very practical level in Australia that weaknesses in our cyberdefenses can impact society at mass levels. Impacts of breaches at Optus, Medibank, EnergyAustralia, and MyDeal include fines, exposure of millions of […]
Blog

Deciphering Apple’s Recently Announced Data Protection Features

Geoff Cairns December 21, 2022
Earlier this month, Apple announced several important new data protection features for general availability in 2023 that have numerous implications for security teams in all industries and geographies. Here is the Forrester security and risk team’s collective analysis of these new features. Quick Summary The announcement is not particularly noteworthy in terms of the newly […]
Blog

Predictions 2023: Security Pros Face Greater Internal Risks

Heidi Shey October 31, 2022
On top of the usual challenges, in 2023, security pros will see more risk coming from internal forces, such as enabling anywhere work and the future of the office. Learn more in our 2023 predictions.
Blog

It’s More Than Just Emojis: Secure Your Communications

Heidi Shey September 2, 2022
What’s within an employee chat? More than emojis. Employee communications via chat, voice calls, and videoconferencing can include customers’ personal information, insights about business operations, or other highly sensitive material. Consumer apps aren’t suited for such purposes. They lack enterprise controls for management and compliance, have privacy policies and terms of use that can change […]
Blog

Redefining Data Security For The Modern Age

Heidi Shey August 30, 2022
Learn how to redefine data security in an age of multicloud, anywhere work, edge computing, and changing privacy regulations.
More posts