Jeff Pollard

Powerful AI tools are now widely available, and many are free or low-cost. This makes it easier for more people to use AI, but it also means that the usual safety checks by governments — such as those done by central IT departments — can be skipped.

President Trump recently issued an executive order on national cybersecurity that amended and struck several provisions in prior EOs related to cybersecurity. Here’s what security leaders need to know.

Microsoft, CrowdStrike, Palo Alto Networks, and Mandiant recently announced a new initiative to create an aggregate and standardized glossary of threat actors. Learn the benefits and limitations of standardizing threat actor names.

Find out what Zscaler's acquisition of Red Canary could mean for the cybersecurity market as a whole as well as for security leaders and their teams.

In a recent example of why managing insider risk is critical, cryptocurrency exchange Coinbase announced that it was the target of an extortion scheme enabled by insiders. Learn more about the incident and how to protect against it in this blog.

RSAC Conference 2025 featured the 20th annual Innovation Sandbox competition. Learn more about the entrants and results in this review of the event.

From live goats and puppies to robot dogs and animal costumes, the RSAC Conference 2025 delivered some unexpected surprises. But it also delivered the usual insight into various trends in the security market today. Find out more in this RSAC review.

A coalition of over 40 chief information security officers (CISOs) from leading companies, including Salesforce, Microsoft, AWS, Mastercard, and Siemens, sent a letter to the G7 and OECD, urging them to take action on aligning international cybersecurity regulations.

Government agencies at the federal, state, and local levels must prepare for a future where they experience uncertainty, headcount reductions, contract cancellations, and budget cuts. This is gut-wrenchingly difficult to process, yet remaining leaders must figure out how to move forward to serve the mission. For public sector cybersecurity leaders, this is even more paramount. […]

As we put together our game plan for what to see at RSA Conference 2025, we wanted to scope out innovation, identify which vendor booths will be a must-see, and (at least for one of us) minimize the number of steps to take around the Moscone Center.

In today’s unpredictable economic climate, CISOs face familiar — but intensified — challenges. Get some actionable insights to help navigate through turbulent times in this preview of a new report.

The security landscape continues to evolve, as does global uncertainty, leaving CISOs preparing for turbulence ahead.

The third installment of The Forrester Wave™: Managed Detection And Response Services is now live, and there’s so much to love about the managed detection and response (MDR) services market: fantastic providers, engaged clients, and meaningful outcomes. This year is no different. Forrester clients can access the full report here. As we mentioned in Choose […]

Managed detection and response (MDR) — without a doubt — has successfully claimed the crown of all managed security services for making and keeping clients happy.

Get a simplified view of the the top three generative AI use cases that security leaders need to worry about and get recommendations for prioritizing them.

Forrester's security and risk research team breaks down the key highlights and implications of former US President Joe Biden’s 2025 Executive Order (EO) 14144 on strengthening security, improving accountability for software and cloud service providers, and promoting innovation, including use of emerging technologies.

Data ingestion into security information and event management (SIEM) have been too expensive for too long. Find out what's driving up the cost and how to manage it better in this post.

Here are the top things you need to know coming out of CrowdStrike's recently held Fal.Con user conference, just two months after its config update took down 8.5 million Windows endpoints.

The July 19 CrowdStrike Falcon outage created major trust issues for the company and the broader security market. What's next for CrowdStrike? Find out as we make several predictions on where the company will go next.