Rick Holland

Author Insights

BLOG

Starting soon: Threat Intelligence Platforms research

Rick Holland November 7, 2015

In my last threat intelligence blog I discussed my new research on threat intelligence providers. I included a graphic which carved four functional threat intelligence areas: 1) Providers 2) Platforms 3) Enrichment 4) Integration. In December, I will start the next piece of research in the series focusing on Threat Intelligence Platforms (TIPs). This will […]

Read More
BLOG

Maximizing Your Investment In Cyberthreat Intelligence Providers

Rick Holland November 4, 2015

I just published my latest research on threat intelligence: Vendor Landscape: S&R Pros Turn To Cyberthreat Intelligence Providers For Help. This report builds upon The State Of The Cyberthreat Intelligence Market research from June. In the new research, I divide the threat intelligence space into four functional areas: 1) Providers 2) Platforms 3) Enrichment 4) Integration. This […]

Read More
BLOG

10 Questions To Help Differentiate Incident Response Service Providers

Rick Holland September 24, 2015

I frequently help Forrester clients come up with shortlists for incident response services selection. Navigating the vendor landscape can be overwhelming, every vendor that has consultant services has moved or is moving into the space. This has been the case for many years, you are probably familiar with the saying: “when there is blood in […]

Read More
BLOG

Automated Malware Analysis Wave - Kicking Off Soon

Rick Holland August 18, 2015

In September, Kelley Mak and I are going to be kicking off our Automated Malware Analysis Wave. During a 3 – 4 month process, we will be evaluating the network based sandboxes of 10-15 vendors. If you would like the opportunity to participate, please contact Kelley Mak (kmak at forrester dot com) and Josh Blackborow […]

Read More
BLOG

Automated Malware Analysis Wave - Call for feedback

Rick Holland July 24, 2015

We are in the planning stages of a new Forrester Wave on automated malware analysis/sandboxes. As we prepare for this research, we are looking for research interview candidates to discuss your experiences with automated malware analysis solutions. Please note we are not seeking feedback from vendors at this  time. We are focused on the buyers […]

Read More
BLOG

Some vendors just cannot let go of their "precious appliances!"

Rick Holland June 26, 2015

We just published my latest research, the Forrester Wave: SaaS Web Content Security, Q2 2015. Forrester categorizes web gateways/forward proxies into this web content security category. I did something different with this evaluation, instead of looking at on-premise appliances; I only evaluated the SaaS deployment model. If a vendor didn't have a SaaS delivery model, […]

Read More
BLOG

The State Of The Cyberthreat Intelligence Market

Rick Holland June 24, 2015

If the RSA Conference was any indicator, threat intelligence has finally joined the ranks of cloud and advanced persistent threat as ambiguous/overused terms that mean many different things to many different people. If you were given a dollar, pound or euro every time you heard "threat intelligence," there is no doubt you could fund your […]

Read More
BLOG

Introducing A New Incident Response Metric: Mean Time Before CEO Apologizes (MTBCA)

Rick Holland May 20, 2015

For years cybersecurity professionals have struggled to adequately track their detection and response capabilities. We use Mean Time to Detection/Containment/Recovery. I wanted to introduce an additional way to track your ability to detect and respond to "sophisticated" adversaries: Mean Time Before CEO Apologizes (MTBCA). Tripwire’s Tim Erlin had another amusing metric: Mean Time To Free Credit Monitoring […]

Read More
BLOG

The Millennium Falcon And Breach Responsibility

Rick Holland December 5, 2014

Do you remember the scene from The Empire Strikes Back where the Millennium Falcon is trying to escape an Imperial Star Destroyer? Han Solo says, “Let’s get out of here, ready for light-speed? One… two… three!” Han pulls back on the hyperspace throttle and nothing happens. He then says, “It’s not fair! It’s not my […]

Read More
BLOG

New Research: Know Your Adversary

Rick Holland November 3, 2014

Mandiant's APT1 report changed the threat intelligence marketing game, and you would be hard pressed to find a cybersecurity company that doesn't have a research/intelligence team that produces threat actor reports. The previous few weeks have seen a significant amount of threat intelligence marketing around threat actor groups. FireEye released "APT28: A Window into Russia’s […]

Read More
BLOG

The Militarization Of Information Security

Rick Holland July 29, 2014

Does something like this sound familiar? "We need to find, fix, finish, exploit, analyze, & disseminate this intrusion set along the kill chain via force multipliers so we can observe, orient, decide, and act according to tactical, operational, and strategic priority intelligence requirements." I bet that part of it does.  These days it seems that […]

Read More
BLOG

Say “Small Footprint” Again. I Dare You, I Double Dare You.

Rick Holland July 24, 2014

During the past 18 months or so, we have seen the emergence of innovative endpoint security solutions. The list is long; it is hard to keep track of all the solutions in the space. In no particular order, here is a sampling:  Bromium, Invincea, IBM Trusteer, Cylance, Palo Alto Networks Next-Gen Endpoint Protection (Cyvera), Microsoft […]

Read More
BLOG

got STIX?

Rick Holland July 15, 2014

The sharing of threat intelligence is a hot topic these days. When I do conference speeches, I typically ask how many organizations see value in sharing, and most in the room will raise their hand.  Next, I ask how many organizations are actually sharing threat intelligence, and roughly 25% to 30% in the room raises […]

Read More
BLOG

Are You Down With CIP (Critical Infrastructure Protection)?

Rick Holland July 14, 2014

I am kicking off a new research series on critical infrastructure protection.  This first report is titled: “Brief: S&R Pros Can No Longer Ignore Threats To Critical Infrastructure.”   Critical infrastructure is frequently on my mind, especially the ICS/SCADA within the energy sector. I live in Texas; oil and natural gas are big here ya'll. […]

Read More
BLOG

Introducing Forrester’s Targeted-Attack Hierarchy Of Needs

Rick Holland May 20, 2014

We recently published part 1 of a new series designed to help organizations build resiliency against targeted attacks. In the spirit of Maslow, we designed our Targeted-Attack Hierarchy Of Needs. One factor that significantly drove the tone and direction of this research was Forrester client inquiries and consulting. Many organizations were looking for a malware sandbox to […]

Read More
BLOG

Choose Your Own Adventure With The 2014 Verizon DBIR

Rick Holland April 22, 2014

In a world where every single security vendor has their own annual threat report, the Verizon Databreach Investigations Report (DBIR) is the gold standard, and this year is no different. Last year I began blogging my initial analysis (Observations on the 2013 Verizon Data Breach Investigations Report), and I wanted to continue that again this […]

Read More
BLOG

Target Breach: Vendors, You're Not Wrestlers, And This Isn't The WWE

Rick Holland March 14, 2014

Yesterday, Bloomberg Businessweek ran a story providing some alarming details on the Target breach.  The article, “Missed Alarms and 40 Million Stolen Credit Card Numbers: How Target Blew It,” didn’t paint a pretty picture of Target’s response.  Some of the highlights in case you haven't read it yet:  Six months before the incident, Target invested […]

Read More
BLOG

You Should Attend Next Year’s RSA Conference Innovation Sandbox

Rick Holland March 5, 2014

Last week I attended the RSA Conference (RSAC) Innovation Sandbox for the first time.  Not only was I an attendee, but I also was fortunate enough to host a CTO panel during the event. For those that aren’t aware, the Innovation Sandbox is one of the more popular programs of the RSAC week.  The highlight […]

Read More
BLOG

Actionable Intelligence, Meet Terry Tate, Office Linebacker

Rick Holland February 12, 2014

sdfasdfaasdfThe #Forrester Security & Risk team is hiring. We are looking for consultants to join our team bit.ly/M9gWS5 #infosecasdfasdasdfasdddsadfas We are now less than two weeks away from our annual sojourn to the RSA security conference. RSAC is a great time for learning, meeting and making friends. (Please hold cynical remarks; RSAC is what you make […]

Read More
BLOG

LG Is Learning An Embarrassing Privacy Lesson In The Age Of The Customer

Rick Holland November 22, 2013

In a recent report titled “Technology Management In The Age Of The Customer,” Forrester defines the Age of the Customer as: "A 20-year business cycle in which the most successful enterprises will reinvent themselves to systematically understand and serve increasingly powerful customers."  In this Age of the Customer, empowered consumers using social media can have […]

Read More