Jeff Pollard

VP, Principal Analyst

Forrester Bio

Jeff Pollard

Author Insights

Blog

Biden Executive Order Bets Big On Zero Trust For The Future Of US Cybersecurity

Jeff Pollard 2 hours ago
This may be a bit of a long blog due to the extensive nature of the Executive Order on Improving the Nation’s Cybersecurity and its impact on cybersecurity and the Zero Trust approach. The Biden administration also published a fact sheet: “President Signs Executive Order Charting New Course to Improve the Nation’s Cybersecurity and Protect […]
Read More
Blog

“Winning” MITRE ATT&CK, Losing Sight Of Customers

Jeff Pollard April 22, 2021
Are the results of a MITRE ATT&CK evaluation a good gauge of a vendor's effectiveness? Maybe. Vice President and Principal Analyst Jeff Pollard explains how to use the results in your vendor analysis.
Read More
Blog

MSSP Is The Eighth Word You Can’t Say On TV

Jeff Pollard March 24, 2021
“The Forrester Wave™: Managed Detection And Response, Q1 2021” is now live — and this is a seriously impressive group of vendors. I want to give a sincere thanks to them all for the effort and work they put into it. Vendors don’t always agree on things — especially with competitors. But one thing quite […]
Read More
Blog

Mean Time Before CEO Scapegoats

Jeff Pollard March 1, 2021
A few months before I joined Forrester in 2015, I found a blog that introduced a new incident response (IR) metric written by @rickhholland: “Introducing A New Incident Response Metric: Mean Time Before CEO Apologizes (MTBCA).” Rick introduced this — not exactly tongue-in-cheek metric for IR – because the playbook was so familiar. Get breached, […]
Read More
Blog

Microsoft Is Now A Cybersecurity Behemoth

Jeff Pollard January 27, 2021
Microsoft has achieved its goal of being a mega-security vendor. For Microsoft competitors — which is almost every vendor — this also makes the company an existential threat.
Read More
Blog

Security Vendors: It’s Time To Come Clean About Intrusions

Jeff Pollard December 15, 2020
The intrusion into SolarWinds, FireEye, and multiple US government agencies continues to roil the cybersecurity world. In only a few days, a slew of additional details have emerged about the scope of the intrusions, with more surely to come. Security vendors spend all their time talking about security but not in a way that’s useful […]
Read More
Blog

The SolarWinds And US Government Breach Is Not A Marketing Opportunity

Jeff Pollard December 14, 2020
The size and scope of SolarWinds as an IT software provider and the nature of the breach announced on December 13 rocked the IT and security world — rightfully so. We’ve provided immediate, actionable advice for security and risk pros and IT leaders in our report here. While security leaders guide their companies to respond, […]
Read More
Blog

We Do Diligence: Making The MSSP Forrester Wave™ Evaluations

Jeff Pollard September 28, 2020
Security and risk pros rely on Forrester Wave™ evaluations to guide them through their purchase journey, help them understand what is and isn’t important, and help them avoid the pitfalls when identifying strategic partners. This time, our analyses focused on two vendor categories: global and midsize managed security service providers (MSSPs), a market almost 25 […]
Read More
Blog

甲骨文 (Oracle) 几乎收购了TikTok? (其实并没有)

Jeff Pollard September 18, 2020
关于甲骨文(Oracle)与TikTok交易的新闻满天飞,阅读本文了解Forrester分析师们对此事件如何解读。
Read More
Blog

Oracle Sort Of Buys TikTok (But Not Really)

Jeff Pollard September 14, 2020
Larry Ellison proves that customer acquisition cost (CAC) is no barrier in Oracle’s conquest to expand its cloud credibility and market share. The announcement is murky at the moment, but the particulars indicate that Oracle and ByteDance will enter into a technology partnership to host the US operations of TikTok. This allows TikTok to escape […]
Read More
Blog

It’s Never The Data Breach — It’s Always The Cover-Up

Jeff Pollard August 21, 2020
What CISOs can learn from the case against Uber's former chief security officer.
Read More
Blog

MSSPs Race To MDR

Jeff Pollard July 29, 2020
By the beginning of August, both of my managed security services provider (MSSP) Forrester Waves™ will be published, marking five Forrester Waves authored and 62 vendors evaluated in the MSSP space during my five years at Forrester. While Forrester Waves can be exhausting for the analyst and the vendors alike, witnessing the progression of an […]
Read More
Blog

CISOs And The Da Vinci Fallacy

Jeff Pollard June 1, 2020
The belief that security leaders must show mastery across knowledge domains is dangerous. It's also a symptom of an underlying ailment.
Read More
Blog

All CISOs Must Be Transformational CISOs Now

Jeff Pollard May 1, 2020
In January of 2020, we launched our inaugural “The Future Of The CISO” report, which identified the six types of CISOs (chief information security officers) we discovered through our research. At its release, we received copious amounts of feedback — some we had considered and some we hadn’t. While we were conducting our research, however, […]
Read More
Special Report

Employers Are A Trusted Source Of Information About Coronavirus But Face Competition From Disinformation Campaigns

Jeff Pollard March 11, 2020
New Forrester data shows employees have strong trust in their employers as a source of information about COVID-19, but infrequent employer communication can leave employees vulnerable to disinformation.
Read More
Blog

RSA Conference 2020: My Shopping List

Jeff Pollard February 20, 2020
The lead-up to RSAC 2020 has been interesting to say the least. IBM made a decision to exempt its employees from the event due to concerns about the COVID-19 pandemic; days later, RSA was acquired by a private equity firm, and there’s only a few days left before the event as this goes live. First, […]
Read More
Blog

The Future Of The CISO — Six Types Of Security Leaders

Jeff Pollard January 31, 2020
When starting a project like “The Future Of The CISO” report, it’s a daunting exercise. While we don’t always share the background inspiration for our research, this time it’s quite important and will shed some light on how we arrived here. When we started planning this research in 2018 and working on it in 2019, […]
Read More
Blog

Product Security And Surveillance Capitalism: Ring And Avast Fumble Privacy, Data Security, And Third-Party Risk

Jeff Pollard January 30, 2020
It’s been a rough couple of months for Ring. Multiple security and privacy issues have plagued the physical security device maker, it’s responded poorly by casting blame on users, and following that, the Electronic Frontier Foundation (EFF) identified that the Ring app is littered with third-party trackers. At virtually the same time, a security product […]
Read More
Blog

Employee Safety Is For Sale

Jeff Pollard December 20, 2019
New risks emerge around user location data that may have you rethinking your cybersecurity plan.
Read More
Blog

Decade Retrospective: Cybersecurity From 2010 To 2019

Jeff Pollard December 17, 2019
From the Intel-McAfee deal to the Sony Pictures breach, VP and Principal Analyst Jeff Pollard reviews the past decade’s cybersecurity highlights and lowlights.
Read More