Heidi Shey

In a recent example of why managing insider risk is critical, cryptocurrency exchange Coinbase announced that it was the target of an extortion scheme enabled by insiders. Learn more about the incident and how to protect against it in this blog.

When will quantum computers will be able to break asymmetric cryptography and algorithms? And what steps should you take to prepare? Find out in this preview of a report on quantum security.

RSAC Conference 2025 featured the 20th annual Innovation Sandbox competition. Learn more about the entrants and results in this review of the event.

From live goats and puppies to robot dogs and animal costumes, the RSAC Conference 2025 delivered some unexpected surprises. But it also delivered the usual insight into various trends in the security market today. Find out more in this RSAC review.

The recent introduction of US-imposed tariffs has shaken global trade. While economists and financial analysts debate whether this on-again/off-again trade war fits into their model for geopolitical, economic, or supply chain risks, the result is the same: uncertainty and chaos sure to shake up business strategy for the foreseeable future. This new era of volatility […]

As we put together our game plan for what to see at RSA Conference 2025, we wanted to scope out innovation, identify which vendor booths will be a must-see, and (at least for one of us) minimize the number of steps to take around the Moscone Center.

With the average cost of a data breach at $2.7 million and 33% of enterprises reporting being breached three or more times over the past 12 months, understanding and learning from past incidents is not just beneficial — it’s essential.

The commercial availability of quantum computers that can compromise traditional asymmetric cryptography is still five to 10 years away. But security and risk (S&R) professionals must assess and prepare for the impact of quantum security now.

Forrester's security and risk research team breaks down the key highlights and implications of former US President Joe Biden’s 2025 Executive Order (EO) 14144 on strengthening security, improving accountability for software and cloud service providers, and promoting innovation, including use of emerging technologies.

Data security is both a high priority and struggle for many organizations. Find out why and get some next steps in this preview of our upcoming Security & Risk Summit, December 9–11 in Baltimore.

CrowdStrike's recent global incident underscores businesses' need to have robust crisis communication plans in place before a crisis occurs.

In a world of Scattered Spiders and Midnight Blizzards and UNC2452s, why is Arlington’s BEC important? Because it’s happening all the time to towns, municipalities, regional health systems, and small businesses lacking the resources to prepare for such an event.

Cybersecurity breaches continued to rise in 2023. Learn the eight most common incident types and get four key takeaways from our new report.

RSAC gives security startups two structured opportunities to distinguish themselves, and Forrester always finds it revealing to see which startups make the cut.

More than 41,000 attendees, 600 exhibitors, and 425 sessions. Get some of the key themes and takeaways from the Forrester security & risk analysts who attended RSA Conference (RSAC) 2024.

The cybersecurity industry continues to focus almost exclusively on technology at the expense of dealing with the heart of cyberdefenses: the people. Yet the stress of expectations, limited resources, and detriments to well-being continues to cause havoc with the mental and physical health, productivity, and retention of the cybersecurity workforce.

Generative AI offers an opportunity for risk management to reinvent itself from the department of “no” to the discipline of “go.” Find out how in this blog post.

What is Broadcom planning to do with VMware’s Carbon Black unit? Find out in this blog covering the plan to integrate Carbon Black with Broadcom's existing product lineup.

Learn the key takeaways and market impacts from the Biden administration’s executive order to protect Americans’ sensitive personal data.