Jeff Pollard

Principal Analyst

Forrester Bio

Jeff Pollard

Author Insights

BLOG

The Fight For Cybersecurity Brand Dominance Intensifies

Jeff Pollard 3 days ago

“Everything Is An Endpoint” Brings BlackBerry Back From The Dead For many, the fact that BlackBerry still exists — and the fact that it spent $1.4 billion of the $2.4 billion in capital it had — is the most surprising part of the Cylance acquisition. BlackBerry hasn’t shirked its mythological status as the case study of what […]

Read More
BLOG

Early Horror Stories Of The Data Economy

Jeff Pollard May 3, 2018

When salacious tales of Cambridge Analytica’s activities emerged in 2018, we thought the company was finished. The many on-air discussions of illegal activities, law enforcement warrants, legal action threats from partners, and questionable ethics appeared to doom it. We then saw multiple suspensions and resignations, and on May 2, Cambridge Analytica announced it would file […]

Read More
BLOG

The Buyer's Guide To Cybersecurity Services

Jeff Pollard March 13, 2018

During every Forrester Wave™ evaluation I conduct, I spend time sifting through vendor responses, data, client surveys, and reference interviews and develop an outline of recurring themes — the good, the bad, the new, the old, etc. After the Wave goes live, I collect all of that information, bundle it together, and produce a “Lessons” […]

Read More
BLOG

Kicking Off The New Year With A MELTDOWN

Jeff Pollard January 5, 2018

What An Interesting Start To The Year I didn’t expect the year to kick off with it raining iguanas in Florida, a gas pumping crisis in Oregon, or the discovery and release of two massive CPU flaws that affected many of the computers we live and work with every day. It appears 2018 has started […]

Read More
BLOG

Inside Infosec Teams

Jeff Pollard November 16, 2017

Announcing Our New Security & Risk Staffing Survey! Information security is one of the hottest fields around. Data abounds about how awesome it is to work in infosec, how many jobs are available, and how much money can be made. That all sounds great, except it’s pretty hard to find great research on what it’s […]

Read More
BLOG

The B2B Breach Trifecta: Equifax, SEC, and Deloitte

Jeff Pollard September 25, 2017

The B2B Breach Trifecta: Equifax, SEC, and Deloitte As rumors emerged this morning about a compromise of consulting firm Deloitte, this becomes the third breach announced in just a few short weeks of organizations that share a similar profile: Each one is primarily – or exclusively – a B2B organization. There are some questions worth […]

Read More
BLOG

Equifax Does More Than Credit Scores

Jeff Pollard September 8, 2017

Our reaction to the Equifax breach was similar to what we imagine many people went through. First, we wanted to know if we were affected. Second, what about our spouse and other immediate family members? Third, better keep an eye on the old credit report or initiate a credit freeze. Since Forrester offers credit monitoring […]

Read More
BLOG

Applying Our Research To Black Hat 2017

Jeff Pollard July 24, 2017

I summarized RSA 2017 in the following way: It’s a bit like the supermarket; you’ll make far healthier choices if you stick to the outer aisles. Well, Las Vegas B-Sides, Black Hat, and DefCon are taking place this week, and since these events differ in tone, audience, and participants, I’ve updated my advice: We’ve gone […]

Read More
BLOG

Victim Blaming Won't Stop Global Ransomware Attacks

Jeff Pollard June 27, 2017

The security industry has an accountability crisis. It’s time to talk about it, then fix it. Whenever a massive cyber attack occurs inevitably a chorus of voices rises to blame the victims. WannaCry on 5/12 and Petya on 6/27 yet again kicked off the familiar refrains of: “If users didn’t click on stuff they shouldn’t….” […]

Read More
BLOG

Massive Ransomware Outbreak Highlights Need For A Digital Extortion Decision Tree

Jeff Pollard May 12, 2017

5/12/2017 might be another day of cyber-infamy based on malware as hospitals and critical infrastructure providers are locked out of their machines due to what appears to be a new variant of ransomware dubbed WannaCry spreading through corporate networks. Like the ransomware outbreaks in mid-2016 here in the US, NHS hospitals are experiencing patient care […]

Read More
BLOG

NIST Is Jealous That PCI (Still) Matters More Than It Does

Jeff Pollard May 11, 2017

The summary of the new Executive Order is a bit of a letdown: Government agencies must complete a risk management report within 90 days. The risk report should align with NIST. Outside of those with a risk fetish, this new EO probably isn’t that exciting from the perspective of any near-term cybersecurity transformation. That said, […]

Read More
BLOG

Exploring The IoT Attack Surface

Jeff Pollard October 13, 2016

Merritt Maxim and I just published our research on the IoT Attack Surface. This report gives a realistic, but not sensationalized, view of how enterprises need to think about IoT. Three factors motivated our research for this topic – attacks on IoT will transcend the digital-physical divide, the sheer scale of IoT will challenge security […]

Read More
BLOG

Automated Malware Analysis Technologies Central To Defense Strategies

Jeff Pollard April 21, 2016

"The most important security alerts we see." That’s how one customer described the importance of Automated Malware Analysis technologies in their security workflow. After months of demonstrations, reference calls, and analysis we are thrilled that The Forrester Wave™: Automated Malware Analysis, Q2 2016 is live! Many clients we talked to used multiple vendors to analyze […]

Read More