cybersecurity

In prior years, the RSA Conference focused on themes such as Zero Trust, geopolitical risk, and automation. While those themes were still present at this year’s conference, it was harder to discern one dominant central theme for the conference. I inferred that “no new buzzwords” exemplifies the theme. This year’s RSA Conference suggested that the […]

Let’s face it: Web application firewalls (WAFs) rarely excite the security imagination. WAFs have been ubiquitous for at least 15 years and play an important role in detecting and blocking OWASP Top 10 application level attacks like SQL injection and cross-site scripting. WAFs are table stakes in any environment, but they suffer from the perception […]

Security and risk pros can’t build a security culture by themselves. Security champions act as extra members of the security team; these people have connections across the organization and can translate security-speak into a language that everyone can understand. Security champions can help make your workforce more receptive to security policies and initiatives. How do […]

This year marks my first trip to RSA Conference in San Francisco. I wanted to take a step back and reflect on what I want to gain from the conference. Like many analysts attending, my diary looks like the baubles on a Christmas tree, hung resplendently with meetings, briefings, and everything in between. Here are […]

At the end of 2019, Forbes identified data privacy and security as the most pressing issue in the upcoming decade. The issue is already prevalent: Every day, a new story crops up about leaked, compromised, or misused data. While clicking through their often numerous social media accounts, consumers are providing these companies with more personal […]

Crystal City again hosted the eighth SANS Cyber Threat Intelligence Summit, with several hundred attendees. CTI Summit cochairs Rick Holland, Rebekah Brown, and Katie Nickels again planned a fun, entertaining, and very educational two-day event for threat intelligence professionals from around the world. If you’re a cyber threat intelligence analyst or vendor, I encourage you to attend and submit a presentation idea for 2021. CTI […]

New research determines that the benefits of working with cybersecurity startups outweigh the risks. Learn more.

It’s been a rough couple of months for Ring. Multiple security and privacy issues have plagued the physical security device maker, it’s responded poorly by casting blame on users, and following that, the Electronic Frontier Foundation (EFF) identified that the Ring app is littered with third-party trackers. At virtually the same time, a security product […]

Forrester’s review of the top security threats in 2020 found the biggest risk is often not technology. Analyst Josh Zelonis provides some detailed insight.

Happy Data Privacy Day! What kinds of conversations do you have with friends and family about privacy? Over the holidays and through the new year, I had the topic of children’s data privacy and device use come up multiple times. This included concerns about apps, internet-connected toys, and technologies used in the classroom. The Concerns […]

In the US, cannabis is fully legal (medical and recreational) in 11 states and Washington, DC. For medical use, it is legal in 33 states. This is a flourishing industry, with one study conservatively estimating it will reach $30 billion by 2025. As dispensaries set up shop, they face many of the same risks as […]

5 ways security chiefs can use internal politics to their advantage.

With F5 Networks buying itself a $1 billion Christmas present in Shape Security, it’s a good time to review the state of the bot management market. The Shape Security sale caps off a year of bot management acquisitions by web application firewall (WAF) vendors. In January, Radware announced that it had acquired ShieldSquare, and in […]

Every year in my personal life with my mother and sisters, we like to celebrate products, lessons learned, and life hacks that we discovered throughout the year (yes, geek alert!). This year, I’m doing it with all of you in my professional life. What were some of your favorite (professional-related) things in 2019? Feel free […]

From the Intel-McAfee deal to the Sony Pictures breach, VP and Principal Analyst Jeff Pollard reviews the past decade’s cybersecurity highlights and lowlights.

Each year, Forrester Research and the Disaster Recovery Journal (DRJ) team up to launch a study examining the state of business resiliency. Each year, we focus on a resiliency domain: IT disaster recovery (DR), business continuity (BC), or overall enterprise risk management (ERM). The studies provide BC pros, DR pros, and other risk managers an […]

Forrester VP and Group Director Stephanie Balaouras reviews the infusion of an open source development mentality in IBM Security and the impact on the broader security ecosystem.

Forrester’s analysts serving the Australia and New Zealand market presented their 2020 predictions at a client event on November 14th. We recap some of our top predictions.

It doesn’t rain; it pours. And I’m so pleased to be announcing yet another report! This time, it’s short, and it summarizes our suite of awareness, behavior, and culture research (security ABCs)! I joined Forrester 18 months ago, and we (like many in the industry) were covering and talking about all sorts of brilliant stuff […]