Cybersecurity Trends

Stay up-to-date on the cutting edge of cybersecurity with insights on Zero Trust, vendors, regulations, and other privacy & security topics.

Insights

Blog

The Application Security Market Will Grow To $12.9 Billion By 2025

Sandy Carielli 7 hours ago
Earlier this year, when I published The State Of Application Security, 2021, I highlighted how organizations were prioritizing application security and aggressively adopting a range of tools to support their efforts. With firms continuing to build and enhance applications, and with developers embracing new ways of building applications that improve speed to market and enrich […]
Read More
Blog

Promoting Responsibility, Compliance, And Good Judgment Without Fear, Shame, Or Acrimony

Jinan Budge 1 day ago
I’m very excited to announce my latest research, “Best Practices: Successfully Influencing Employee Cybersecurity Behavior” — Forrester clients can access it here. Excited may not be the right word exactly, as this report was born out of the disappointment I started feeling when hearing of security leaders and teams implementing disciplinary sanctions for employees who […]
Read More

Security & Risk

Learn how to leverage trust to win, grow, and retain customers at our Security & Risk event Nov. 9–10.

Blog

Introducing The Forrester Now Tech: Cybersecurity Consulting In APAC — A Push Toward New Pricing And Delivery Models

Jinan Budge September 13, 2021
I am thrilled to announce the release of our latest Now Tech: Cybersecurity Consulting Services In Asia Pacific, Q3 2021. This report (available to Forrester clients) showcases Forrester’s overview of 24 cybersecurity consulting providers in Asia Pacific. Our clients leverage these insights to understand the diverse set of vendors by size, capability, geography, and vertical […]
Read More
Blog

Security Leaders: It’s Time To Facilitate Employee Productivity, Not Hinder It

Andrew Hewitt September 13, 2021
As new generations enter the workforce, your security strategy needs to meet their needs as well. Get tips on how to strike the right balance in this blog post.
Read More
Blog

CISOs And The Trust Imperative

Jeff Pollard September 10, 2021
There is no executive role that better aligns with the trust imperative than the CISO. Find out why and how it may impact your organization directly.
Read More
Blog

European Organizations Struggle To Attain Diversity In Their CISO Leadership Roles

Paul McKay August 26, 2021
Written with Zaklina Ber, senior research associate, Forrester Forrester analyzed the career backgrounds of 168 chief information security officers (CISOs) with public profiles who are working for major organizations in Europe with listings in the highest stock market indexes in the UK (FTSE 100), France (CAC 40), Germany (DAX 30), Italy (FTSE MIB), Spain (IBEX […]
Read More
Podcast

The Rising Cost Of Ransomware

What It Means August 19, 2021
What’s driving the increase in ransomware attacks, and what can security leaders do to protect their organizations? Analysts Allie Mellen and Steve Turner provide insight in this episode.
Listen Now
Blog

Software Composition Analysis Is A Core Tool To Protect Your Software Supply Chain

Sandy Carielli August 18, 2021
Over the past year, breaches such as SolarWinds and Kaseya have woken us up to the realities of software supply chain risk. Whether through infiltrating the software delivery pipeline, deliberately uploading malicious components to popular repositories, or taking advantage of existing vulnerabilities in open source components, attackers are leveraging gaps in supply chain controls to […]
Read More
Podcast

Causes And Cures For Toxic Culture In The Security Org

What It Means July 29, 2021
There’s a culture crisis in the IT security field that could be putting firms at risk. Learn about the causes and cures of a toxic security culture from Principal Analyst Jinan Budge in this episode of What It Means.
Listen Now
Blog

XDR FAQ — Frequently Asked Questions On Extended Detection And Response

Allie Mellen July 22, 2021
Learn about the origin, architecture, and applications of extended detection and response (XDR) from analyst Allie Mellen.
Read More
Blog

It’s Christmas In July For Three Threat Intelligence Startups

Brian Kime July 19, 2021
Christmas came early for three vendors in the threat intelligence and attack surface management space this past week. In a reported all-cash $500 million deal (no need for layaway when your market cap is north of $2 trillion), Microsoft acquired threat intelligence and attack surface management vendor RiskIQ. In Europe, Swedish vulnerability risk management firm […]
Read More
Blog

The Space Wide Web Is Ready To Launch

Phil Brunkard July 12, 2021
The Space Tech Industry Is Looking Up The new space race is truly underway following Richard Branson’s monumental first passenger trip to space, beating Jeff Bezos’ Blue Origin passenger flight by more than a week. The Virgin Galactic’s VSS Unity spacecraft did not pass the so-called Karman line, unlike Jeff Bezos’ plans. It did, however, […]
Read More
Blog

It’s Time For The Infosec Industry To Address Gender Bias And Bullying Head On

Jinan Budge July 11, 2021
The week of June 28 was a big one (not in a good way) for showcasing the persistence and depth of harassment and exclusion for women in cybersecurity. Those on infosec social media were flooded with bikini selfies protesting the harassment that a woman received for posting her own bikini selfie. Men and women took […]
Read More
Blog

The Cyber Insurance Roller Coaster: As Demand Speeds Up, Some Insurers Disembark

Heidi Shey June 28, 2021
The first half of 2021 has been anything but quiet for cyber insurance. Forrester has seen a steady flow of client inquiries on the topic, with questions coming in not just from the private sector but also from the public sector. Some are trying to navigate acquiring a cyber insurance policy for the first time, […]
Read More
Blog

Forrester’s List Of Ransomware Resources

Jeff Pollard June 24, 2021
With ransomware continuing as a high-impact problem (with seemingly no end in sight), we’ve put together some useful ransomware resources for security practitioners. Security and risk (S&R) pros can use these resources to help prevent, protect, detect, and respond to ransomware outbreaks. The links below are a mixture of Forrester’s own research and third-party links. […]
Read More
Blog

Revenge Of The SaaS: Mandiant Uses Services To Escape FireEye

Jeff Pollard June 3, 2021
Revenge Of The SaaS: Mandiant Dumps FEYE In a cybersecurity divorce that had fewer leading indicators than the dissolution of Kim and Kanye, Mandiant has finally untangled itself from FireEye (FEYE) by selling the product portion of the firm to Symphony Technology Group (STG) for $1.2 billion. FireEye’s history as the most “almost acquired vendor” […]
Read More
Blog

New TSA Cybersecurity Directive Signals That The Era Of Self-Regulation Is Over (If There Ever Was One)

Alla Valente June 2, 2021
On the heels of the Executive Order on Improving the Nation’s Cybersecurity signed by the President after a ransomware attack forced the shutdown of Colonial Pipeline, the Department of Homeland Security’s Transportation Security Administration (TSA), the agency responsible for overseeing pipeline security, on May 27, 2021, has announced its own Security Directive of new cybersecurity […]
Read More

COVID-19: Responding, Managing, And Leading During A Pandemic

The latest insights and guidance for leaders to address the growing business and employee experience implications of COVID-19.

Blog

Debunking Infosec Purity And Other Security Myths In The Wake Of Recent Attacks

Sandy Carielli May 21, 2021
Earlier this week, an op-ed published on The Hill sent information security (infosec) Twitter into a tizzy by blaming cybersecurity industry best practices for recent high-profile security breaches. For the security team at Forrester, the op-ed furthered a number of security myths that we felt compelled to bust here. Myth #1: The Best Infosec Pros […]
Read More
Blog

Biden Executive Order Bets Big On Zero Trust For The Future Of US Cybersecurity

Jeff Pollard May 13, 2021
Forrester's security team sifts through the details of the new executive order on cybersecurity and looks forward at its long-term impact.
Read More
Blog

The Death And Life Of The Stand-Alone Solution

Jess Burn May 10, 2021
While automated malware analysis and network intrusion detection systems remained in our Divest category, three more technologies joined them this year: data loss prevention, managed security service providers, and security user behavior analytics. Why is this? Because these stand-alone technologies simply don’t cut it anymore. This isn’t to say these solutions are dead, mind you. No, they live on in within larger, more comprehensive solutions.
Read More
More posts