Jeff Pollard
VP, Principal Analyst
Author Insights
Blog
Five Reasons To Buy A Service Before A Product
Products versus services. For many years, every purchase made by security and tech leaders fell into one of these categories. The same tribes existed for vendors: product and service. In this context, we define security services as “managed security services,” not consulting. In contrast to security services, security pros typically use consulting services for three […]
Blog
Threat Hunting 101: A Human-Led Exercise
Here, we clear up some misconceptions about threat hunting and explain why it’s in the best interest of your team to start doing it.
Blog
Choose Apple Lockdown Mode, Choose Security
Users get to make their own choices about security and privacy when using Apple devices, not carriers, application developers, or advertisers.
Blog
If You Can Say It, You Can See It: Dall-E And You
Or, “How a natural language image generation AI used as a meme generator by social media may impact your business.” Welcome To The Future — It’s Got AI-Generated Art Let’s play a quick game. Which of the below images were made by an AI system generating images based on word prompts? Let’s pretend you guessed […]
Blog
The Reaper Comes For Cyber Unicorns
While the economic downturn is in its early stages, it looks as though the hypergrowth phase of the cybersecurity vendor party has reached an abrupt end.
Blog
Microsoft Launches MDR And Hops On The Everything-As-A-Service Bandwagon
Everything-eventually-becomes-a-service which Microsoft demonstrates by launching its own version of managed detection & response. We discuss what CISOs need to know, how it will impact the market, and what to look for next.
Blog
Announcing Analyst Experience: SOC Analysts Finally Escape The Shackles Of Bad UX
The toughest battle SOC analysts face every day should not be with the technology they use. Analyst Experience (AX) will help solve that problem.
Blog
Our 2022 Top Recommendations For Your Security Program: CISOs Get An Offer They Can’t Refuse
The Coppola classic has a few surprising parallels with today's chief information security officer.
Blog
Neem de volgende stappen om u goed voor te bereiden op het cyberveiligheidseffect van de oorlog in Oekraïne
Neem de volgende stappen om u goed voor te bereiden op het cyberveiligheidseffect van de oorlog in Oekraïne
Blog
Mit diesen Schritten können Sie sich auf die Auswirkungen des Krieges in der Ukraine auf die Cybersicherheit vorbereiten und entsprechend handeln
11 Schritte, die Sie jetzt tun können, um Ihre Risiken und die Gefährdung durch Cyber-Bedrohungen im Zusammenhang mit dem Krieg zu verringern.
Blog
Mesures Pour Vous Préparer Et Gérer Les Effets Sur La Cybersécurité De La Guerre En Ukraine
Onze choses que vous pouvez faire maintenant pour réduire vos risques et votre exposition aux cybermenaces liées à la guerre.
Blog
Okta Lapsus$ Compromise: How To Make Sure You’re Protected
On Tuesday, March 22, 2022, identity-as-a-service (IDaaS) provider Okta announced that it had detected an attempt to compromise the account of a partner in January 2022. The announcement came after the hacking group Lapsus$ posted screenshots of a computer used by one of Okta’s third-party customer support engineers. As one of the largest IDaaS providers with […]
Blog
Nontraditional DDoS Attacks Are On The Rise
If you have never heard of “DDoS amplification factor” prior to this week, you’re not alone. A new zero-day attack surfaced a vulnerability from an unlikely source: an internet-facing PBX (private branch exchange) system. Bad actors seized upon this opportunity to create a 4,294,967,296:1 amplification load. Yes, that’s 4 billion to one. This is a […]
Blog
Chronicles Of Mandiant: Google Put A Ring On It
Mandiant trades up from FireEye and finds a home within Google Cloud Platform.
Blog
Take These Steps To Prepare For And Handle The Cybersecurity Effects Of The War In Ukraine
Eleven things you can do now to reduce your risks and exposure to the cyber threats related to the war.
Blog
The Top Seven Most Misused Terms In Cybersecurity
When vendors or practitioners use different words to communicate the same thing, confusion ensues. Let's take steps toward settling on a common vocabulary.
Blog
To Earn Customer Trust, Sell Secure Products
Get tips on how improving application security can help you secure your products and retain the trust of your customers.
Blog
Cybersecurity And Privacy Are Top Of Mind For Tech Execs
Get a preview of some new Forrester research to help evolve your cybersecurity and privacy practices to meet new threats and ensure confident customer and employee interactions.
Blog
Savvy Cybersecurity Programs Focus On Competence, Integrity, And Empathy
As of July 31, 2021, the FBI’s Internet Crime Complaint Center saw a 62% increase in reported ransomware incidents compared with the same time frame in 2020. Intrusions in environments spanned various types of infrastructure, with 35% exploiting software vulnerabilities and 32% using supply chains and third parties to obtain unauthorized access, per Forrester data. […]
Blog
OMB’s Zero Trust Strategy: Government Gets Good
What a time to be alive! Hot on the heels of Forrester’s release of our definition of modern Zero Trust (ZT), the US Office of Management and Budget (OMB) released a memo entitled Moving the US Government Toward Zero Trust Cybersecurity Principles. Coincidence? Yes. A big deal? Also, yes. If executed as mandated, not only […]
More posts