Joseph Blankenship

Principal Analyst

Forrester Bio

Author Insights

BLOG

Security & Risk 2019: Cybersecurity’s Staffing Shortage Is Self-Inflicted

Joseph Blankenship August 6, 2019
Current projections show that we will have nearly two million job vacancies in the security sector by 2022. However, this is a problem of our own making. Fixing this will require changes to the way we hire, train, and retain security pros.
Read More
BLOG

The Security Snapshot: Forrester Time Machine

Joseph Blankenship July 17, 2019
At Forrester, it is our goal to be ahead of the market trends so we can advise clients on what is to come and how they should prepare. Each year, we publish a series of predictions reports about what may be of primary concern for various roles over the course of the coming year. Rather […]
Read More
BLOG

AWS re:Inforce Recap: The Cloud Isn’t Going Away, But Scare Tactics Should

Joseph Blankenship June 28, 2019
Boston’s bustling Seaport District played host to the first-ever AWS re:Inforce 2019 cloud security conference, with over 5,000 reported attendees. Amazon Web Services set the tone of the event to be a “learning conference,” with hopes that those who attended would come away better at their jobs. In his keynote, AWS CISO Stephen Schmidt advised […]
Read More
BLOG

Tech Titans Alphabet And Microsoft Are Transforming Cybersecurity

Joseph Blankenship March 4, 2019
Last April, we outlined how the “Tech Titans” (Amazon, Google, and Microsoft) were poised to change the cybersecurity landscape by introducing a new model for enterprises to consume cybersecurity solutions. Security has long been delivered as siloed solutions located on-premises. These solutions were hard to buy, hard to use, and existed in silos. Security leaders […]
Read More
BLOG

Big Fish Eat Little Fish As Portfolio Players Gobble Up SAO

Joseph Blankenship February 20, 2019
Security has long been hampered by a deluge of data, manual processes, and vendor sprawl. Technology has evolved to address the first two of these, but expense in depth continues as new functionality and innovation are often only available through startup vendors and standalone best-of-breed vendors. Too often, startups are product features, not standalone companies. […]
Read More
BLOG

Phishing: The Simple Attack That Shreds The Defenses Of Sensitive Networks

Joseph Blankenship December 20, 2018
Diplomatic networks carry some of the world’s most sensitive information: communications between world leaders, key technical intellectual property, trade strategies, and military plans. A recent report by antiphishing vendor Area 1 Security reveals that a three-year-long cyberattack led to the successful breach of the European Union’s diplomatic communications network. By focusing on the cybersecurity of the […]
Read More
BLOG

Insider Threat Has Undergone A Digital Transformation

Joseph Blankenship July 31, 2018
Before the internet gave us ubiquitous connectivity, selling secrets was hard. Finding buyers and sellers required research, relationship building, and connection in person or by phone. Exchanging data was harder. It required physical media, and data exchange had to be done in person. You’ve likely seen old spy movies where spies had microfilm with top-secret […]
Read More
BLOG

Tesla Sabotage: A Perfect Storm For Insider Threat

Joseph Blankenship June 20, 2018
Last Sunday, Tesla CEO Elon Musk sent an all-employee email to Tesla employees revealing that the company was the victim of insider sabotage. Musk indicated that the saboteur made changes to Tesla’s manufacturing operating system using fake usernames and exported a large volume of sensitive internal data to third parties. In his email, Musk revealed […]
Read More
BLOG

Automation And Sharing Are Common Themes

Joseph Blankenship November 9, 2016
After years of shunning automation and information sharing efforts, the security industry is now embracing them. Every vendor conference I attended this fall talked about the need to automate some security functions in order to increase security teams' efficiency and ability to quickly detect and respond to incidents. The vendors also focused on the need […]
Read More
BLOG

Could Your Next Security Analyst Be A Computer?

Joseph Blankenship May 11, 2016
Cybersecurity requires a specialized skillset and a lot of manual work. We depend on the knowledge of our security analysts to recognize and stop threats. To do their work, they need information. Some of that information can be found internally in device logs, network metadata or scan results. Analysts may also look outside the organization […]
Read More