Heidi Shey

In a world of Scattered Spiders and Midnight Blizzards and UNC2452s, why is Arlington’s BEC important? Because it’s happening all the time to towns, municipalities, regional health systems, and small businesses lacking the resources to prepare for such an event.

Cybersecurity breaches continued to rise in 2023. Learn the eight most common incident types and get four key takeaways from our new report.

RSAC gives security startups two structured opportunities to distinguish themselves, and Forrester always finds it revealing to see which startups make the cut.

More than 41,000 attendees, 600 exhibitors, and 425 sessions. Get some of the key themes and takeaways from the Forrester security & risk analysts who attended RSA Conference (RSAC) 2024.

The cybersecurity industry continues to focus almost exclusively on technology at the expense of dealing with the heart of cyberdefenses: the people. Yet the stress of expectations, limited resources, and detriments to well-being continues to cause havoc with the mental and physical health, productivity, and retention of the cybersecurity workforce.

Generative AI offers an opportunity for risk management to reinvent itself from the department of “no” to the discipline of “go.” Find out how in this blog post.

What is Broadcom planning to do with VMware’s Carbon Black unit? Find out in this blog covering the plan to integrate Carbon Black with Broadcom's existing product lineup.

Learn the key takeaways and market impacts from the Biden administration’s executive order to protect Americans’ sensitive personal data.

After a retrospective review of the largest publicly reported breaches and privacy violations in 2023, here's what you need to know for 2024.

A recent cybersecurity incident at Change Healthcare cause the pharmacy claims processors to take its systems offline. Learn the implication of this event and five things firms can do to prepare.

Learn why cyber insurance is a major opportunity in this preview of our upcoming Security & Risk Forum.

Learn some valuable lessons about insider risk management from the New York Knicks and the Toronto Raptors. Really.

Learn some of the key data security trends of the year including the causes of breaches, types of data being compromised, and post-breach effects and impact.

Cyber insurance is a common tool for risk transfer today. It’s also a key driver for cybersecurity program investment today. But who has cyber insurance and what benefits do organizations see from it? Analyzing Forrester data on cyber insurance adoption and breach response trends, we find that: Most organizations do not have standalone cyber insurance […]

As security threats increase, data protection and security practices continue to merge. Data resilience firm Rubrik recently announced its acquisition of Laminar, a data security posture management (DSPM) vendor. Together, they aim to enable consistent and unified data security posture visibility that spans on-premises and cloud-based environments. Modern Data Resilience Is Increasingly A Cybersecurity Issue […]

The European Policy Centre recently published a quantum cybersecurity agenda for Europe in July 2023. This is yet another example of raising awareness and issuing calls to action for post-quantum security preparations. This follows the World Economic Forum and Deloitte issuing a perspective on transitioning to a quantum-secure economy in 2022. Also in late 2022, […]

This week, we are thrilled to release new research: Build Trust And Lasting Emotional Bonds With Empathy. This report delves into empathy, one of the most critical of the seven levers of trust defined in the trust imperative.   Forrester defines empathy as: The perception that an organization is emotionally connected to its customers, employees, […]

Thales announced its agreement to acquire Imperva from private equity firm Thoma Bravo for $3.6 billion, expecting to add $500 million of revenue and expand its data and application security offerings as a result. The overall cybersecurity portfolio will then be structured across three key areas: identity (Thales), data security (Thales and Imperva), and application […]

Data loss prevention (DLP) strategy and approach is an evergreen topic in the ongoing guidance sessions I have with clients, where I hear: 1) We must have this, we already have it, and we are not happy with what we currently have; 2) We have this, and we don’t want it anymore; or 3) We […]