Paul McKay

Principal Analyst

Forrester Bio

Paul McKay

Author Insights

Blog

European Security Leaders Must Invest In AppSec To Catch Up With Their Peers Across The Globe

Sandy Carielli August 31, 2021
Like the rest of the world, European firms have been forced to pivot to digital experiences in the last year, even, as in the case of Italian luxury goods businesses, when digital went against long-standing cultural norms. As their firms pivot, European security leaders would do well to remember that vulnerable web applications are a […]
Read More
Blog

European Organizations Struggle To Attain Diversity In Their CISO Leadership Roles

Paul McKay August 26, 2021
Written with Zaklina Ber, senior research associate, Forrester Forrester analyzed the career backgrounds of 168 chief information security officers (CISOs) with public profiles who are working for major organizations in Europe with listings in the highest stock market indexes in the UK (FTSE 100), France (CAC 40), Germany (DAX 30), Italy (FTSE MIB), Spain (IBEX […]
Read More
Blog

COVID-19 Drives Delivery Model Transformation And A Sustainability Revolution In The Security Consulting Space

Paul McKay July 1, 2021
“The Forrester Wave™: European Cybersecurity Consulting Providers, Q3 2021,” launched today. Fifteen firms are featured in this report, representing a cross section of large international security consulting providers and more regionally based security pure plays. The European security consultancy market has seen a large transformation in the past 16 months in how it delivers value […]
Read More
Blog

2021 Brings New Security Challenges And Regulations For European CISOs

Paul McKay March 31, 2021
Learn three key shifts European CISOs are making to address the COVID-19 pandemic and new regulations.
Read More
Blog

Announcing The Forrester New Wave™: Cybersecurity Risk Ratings Platforms, Q1 2021

Paul McKay February 25, 2021
The cybersecurity risk ratings (CSR) market is a bit like Marmite or SPAM (the pork product in a can, not the unwelcome emails) — some customers love it, others hate it. We see examples of both extremes in our customer interactions, interviews, and research on this market. Our responsibility as analysts is to highlight where […]
Read More
Blog

New Research Announcement — Now Tech: European Cybersecurity Consulting Providers, Q1 2021

Paul McKay February 22, 2021
I just launched a Now Tech that lists out the major firms participating in the European cybersecurity consulting market, which has undergone a radical transformation in the last 12 months. Forrester Analytics Business Technographics® Security Survey, 2020, shows that clients have increased their use of consultants by 4% since 2019. They need skilled people to […]
Read More
Blog

GAIA-X Must Be More Than Just Another European Infrastructure Provider, Or It Will Deliver No Value

Paul McKay November 12, 2020
Today Paul Miller, Tracy Woo, and I released our report that examines the market impact of the GAIA-X project. France and Germany announced an initiative in 2019, which was formalized as the GAIA-X Foundation in early October 2020. For our report, we spoke with several of the GAIA-X founders and studied its potential impact for […]
Read More
Blog

My Reflections From The 2020 European MSSP Forrester Wave™

Paul McKay August 5, 2020
My first refresh of the Forrester Wave™ evaluation on European managed security services providers (MSSPs) went live this week. In the previous Wave, differentiators in the market included matured escalation processes enabled by automation, remediation, and chat capabilities, as well as the introduction of mobile apps to improve the user experience. In the current Wave, […]
Read More
Blog

Research Announcement — Now Tech: European Managed Security Services Providers, Q2 2020

Paul McKay May 5, 2020
The first stage of my update of my 2018 evaluative research on the European managed security services provider (MSSP) market published this week. “Now Tech: European Managed Security Services Providers, Q2 2020” covers the vendor landscape for MSSP services and is a precursor to a refreshed Forrester Wave™, which will publish later in the year. […]
Read More
Blog

Navigating The European 5G Security Debate

Paul McKay March 21, 2020
At present, it is difficult to remember life before the COVID-19 pandemic, but a key switch that has happened is the large-scale shifting of the population to work at home, as widely documented. Some mobile operators in the UK recently have had a bit of a bumpy ride, with spotty coverage and outages experienced as […]
Read More
Blog

RSA Conference 2020: What I’ll Be Looking For At This Year’s Show

Paul McKay February 11, 2020
This year marks my first trip to RSA Conference in San Francisco. I wanted to take a step back and reflect on what I want to gain from the conference. Like many analysts attending, my diary looks like the baubles on a Christmas tree, hung resplendently with meetings, briefings, and everything in between. Here are […]
Read More
Blog

The Future Of The CISO — Six Types Of Security Leaders

Jeff Pollard January 31, 2020
When starting a project like “The Future Of The CISO” report, it’s a daunting exercise. While we don’t always share the background inspiration for our research, this time it’s quite important and will shed some light on how we arrived here. When we started planning this research in 2018 and working on it in 2019, […]
Read More
Blog

The CISO’s Guide To Working With Early-Stage Cybersecurity Firms

Paul McKay January 30, 2020
New research determines that the benefits of working with cybersecurity startups outweigh the risks. Learn more.
Read More
Blog

Research Announcement: The Forrester Wave™: European Cybersecurity Consulting Providers, Q4 2019

Paul McKay October 31, 2019
Today, my inaugural evaluation of the European consulting services provider market published, as I write this blog from the city of Barcelona. Along with “The Forrester Wave™: Cybersecurity Consulting Services In Asia Pacific, Q4 2019,” which published yesterday (see here), this marks the first time that we have explicitly assessed the European security consulting services […]
Read More
Blog

The Impact Of Brexit On CISOs

Paul McKay October 11, 2019
We can’t predict whether Brexit will really happen on October 31 and whether a deal will be concluded or not. However, we do now know that we are likely to leave with a withdrawal agreement that affects security at the institutional level. Read our three primary areas of concern for CISOs.
Read More
Blog

Cybersecurity Risk Ratings Are Here To Stay — Learn To Work With Them

Paul McKay July 31, 2019
Cybersecurity risk rating solutions are a polarizing topic for security leaders. We meet promoters and detractors in roughly equal measure in the customers that we speak to. Positive client sentiment cites the ability to continuously monitor their third parties, and the simplicity of the quantifiable risk score is popular. Security leaders tell us it is […]
Read More
Blog

Infosecurity Europe 2019: Incremental Evolution Rather Than Revolution

Paul McKay June 7, 2019
I have spent the last three days attending Infosecurity Europe 2019, the largest security trade show in the UK and Europe. As ever, before coming I have tried to predict the big theme or trends that CISOs should take note of. However, the show is very similar to last year, with incremental evolution of products […]
Read More
Blog

PSD2 Security Requirements Are Restricting Fintech Innovation

Paul McKay May 30, 2019
I have recently released a new report looking at the second phase of the Payment Services Directive (PSD2) and its security requirements along with my colleagues Jacob Morgan and Andras Cser. Banks and financial institutions are currently hard at work building APIs and testing their Strong Customer Authentication (SCA) solutions. Banks need to comply with […]
Read More
Blog

Research Announcement — Forrester Wave™ For Q4 Of 2019: European Cybersecurity Consulting Service Providers

Paul McKay May 7, 2019
We are currently considering the list of vendor participants that we are planning to invite to a prescreener for our upcoming Forrester Wave™ evaluation in Q4 of this year on European cybersecurity consulting service providers. If you provide cybersecurity consulting services to customers headquartered in Europe and you operate in more than one key European […]
Read More
Blog

Zero Trust Goes Mainstream In Europe

Paul McKay April 25, 2019
Over the Easter weekend, we released a new research report looking at implementing Zero Trust in Europe. When we started, we knew that a one-size-fits-all approach would not work in Europe. In addition, general awareness of the Zero Trust security model is much lower in Europe than in the US. Unheard of 12 months ago […]
Read More
More posts