Jinan Budge

It has taken me 15 months and a LOT of travel, listening, and talking to feel confident enough to write this research for APAC. APAC is a unique region in its cultural, geographic, regulatory, security maturity, and economic diversity. Writing anything APAC-related (at least for me) meant that I needed to understand the region with […]

Research announcement: Another Asia Pacific Forrester Wave™ evaluation is coming. This time, I will be evaluating cybersecurity consulting providers in the region. Gather round! The cybersecurity consulting market has been alive and well in AP since I began my career many years ago. I have worked at — and was a client of — a […]

Thanks to your lovely congratulatory emails and comments, I was reminded that last week marked my 12-month anniversary with Forrester. Crikey, that went by fast! I wanted to share this slightly indulgent post with you, for reflection but also to summarize the research of the last 12 months (and to seek your input into the […]

Investment into changing security culture and behavior via security awareness and training (SA&T), if done correctly, has the ability to transform your security team’s function and reach. We need to invest in these people-related initiatives to harden the ever-important human firewall. But there’s also more to this story: Changing the culture around security has the […]

We consistently get inquiries from clients asking us about the trends and effective ways to create cybersecurity awareness within their organization. This field has grown so much in recent years. There are now so many fantastic tactics that organizations have tried and tested; we can all learn from them. You should never have to resort […]

CISOs in Asia Pacific must justify their spending and articulate the business value of often expensive investments in managed security to a largely non-security audience of executives. Currently, this is nearly impossible: Many managed security service providers (MSSPs) continue to go to market with messaging that is technology-centric and blind to the benefits they provide […]

Talking to our firm’s board of directors about security isn’t a new responsibility for most security leaders; it’s been on our collective agendas for years. But many security leaders still second-guess the content and messages they share with their board. Despite years of talking about this problem, it remains unsolved in 2019. The good news: […]

I have been accepted to co-present at RSA 2019 in San Francisco in March along with my dear ex-colleague Andrew Rose (Vocalink CSO and 2018 European CISO of the year). The topic: “The Fine Art Of Creating A Transformational Cybersecurity Strategy.” I will take the opportunity to not only present but also publish research on […]

Last week, I had the immense pleasure of traveling to India for the first time. It quickly became one of my favorite trips of 2019. This is in spite of a punishing schedule during which I toured Bangalore, Pune, Delhi, and Mumbai and met with/presented to a couple of hundred of our clients, vendors, and […]

I am thrilled to introduce my most recent report, Instill A Security Culture By Elevating Communication. This is an update of my 2011 report How To Market Security To Gain Influence And Secure Budget. A different time called for a completely revamped report. (Read on to see what’s changed.) To me, this always has been […]

Research announcement: My first Forrester Wave™ will be evaluating managed security service providers in Asia Pacific for Q1 2019. Gather round! The managed security service provider (MSSP) market has seen a massive shift fueled by a shortage in security skills and increased complexity on all fronts (business, technology, threats, regulations, etc.). This has invited many […]

I’m so excited about my latest contribution to our research on “How To Become A Superstar Security Leader” (led by my fabulous colleagues Claire O’Malley and Chris McClean). I often get asked by clients and colleagues I speak with: “What does a modern-day CISO look like? What qualities do great CISOs have?” This can be […]

In 2011, I published a report titled “How To Market Security To Gain Influence And Secure Budget.” I am now going through the process of refreshing this report, and it got me thinking: What has changed in the space of security communications and influence since 2011? Do I still need to write about the importance […]

Over the past few weeks, I’ve had the rare opportunity to meet with board members and discuss their views on cybersecurity. Many of the questions I posed were sourced from my LinkedIn community, where 25-plus people suggested 50-plus unique questions (eek!). Even in our short time together, I was left with a much deeper understanding and […]

I have just spent the last week in Singapore delivering speeches and meeting a multitude of clients in a series of what turned out to be back-to-back meetings. In the same way that I love traveling, exploring new cultures, eating different foods, and losing myself in the company of friends, I love doing the same […]

Well, it’s happening! My first Forrester report was published this week. (Forrester clients can access here.) The topic? Cybersecurity transformation, of course! It’s what I have lived and breathed for the last 3.5 years. I have also engaged peer CISOs doing terrific work transforming their firms’ security function and capabilities — I’ve always had a passion […]

If you had half an hour with a board member and you wanted to get coaching from them about how to communicate with them about security, what would you ask them? In a few weeks’ time, I will have just that opportunity when I facilitate a panel with some prominent board directors. Getting inside the […]