cybersecurity

Today we released our 2019 security & risk recommendations report. We collected contributions from our colleagues across the Forrester security & risk team to identify the most important actions security leaders should take in 2019. Turns out, things are getting better for S&R pros, but challenges still remain. Security leaders have earned board-level visibility, privacy […]

Motherboard and Kaspersky unveiled that hackers compromised a server of computer manufacturer ASUS’s live software update tool to install a malicious backdoor on thousands of computers. The malicious file was able to masquerade as an authentic software update as it was signed with legitimate ASUS digital certificates. The manufacturer unwittingly pushed out the backdoor to […]

Microsoft has announced support for macOS in its rebranded Microsoft Defender ATP product, taking this product from being an offering that could be considered an add-on for hardening its own operating system to a multiplatform security solution. While this is an early release, it is a clear signal of the investment Microsoft is making to […]

The tagline for this year’s RSA Conference was “Better.” According to Forrester VP and Group Director Laura Koetzle, this tagline is apt. Cybersecurity is a jigsaw puzzle still in its box: All the tech pieces are there, but forging the right configurations and strategies remains a to-do for most.

CISOs in Asia Pacific must justify their spending and articulate the business value of often expensive investments in managed security to a largely non-security audience of executives. Currently, this is nearly impossible: Many managed security service providers (MSSPs) continue to go to market with messaging that is technology-centric and blind to the benefits they provide […]

I recently did a webinar with a few of my colleagues from the RSA Conference Advisory Board on precisely this topic, which you can find here. We tried to expose as much as we could of the fantastic variety that you’ll find at RSA Conference 2019. Here’s a further elaboration of one of my favorite […]

I expected (naively, some may think) by now that with a withdrawal deal secured by the UK and the EU, I would be able to update my earlier report on Brexit published last summer. Sadly, it was not to be, as it appears that, like Blackadder’s famous character Baldrick, the UK government thinks it has […]

Venture capital and private equity spending on security technology reached an all-time high in 2018. Currently, this emerging technology market sector stands at about $31 billion in total funding. While that total may pale in comparison to other fast-growing markets such as fintech ($124 billion) or transportation tech ($150 billion), consider that 65% of that $31 […]

Diplomatic networks carry some of the world’s most sensitive information: communications between world leaders, key technical intellectual property, trade strategies, and military plans. A recent report by antiphishing vendor Area 1 Security reveals that a three-year-long cyberattack led to the successful breach of the European Union’s diplomatic communications network. By focusing on the cybersecurity of the […]

Another Friday, Another Breach Announcement Today, Marriott announced that it uncovered four-plus years of a previously unknown, unexpected, and unauthorized data breach that includes travel details, passport numbers, and credit card data. Five hundred million customers found out this morning when Marriott announced a multiyear breach dating back to 2014. Longstanding defects in Starwood’s database and network […]

“Everything Is An Endpoint” Brings BlackBerry Back From The Dead For many, the fact that BlackBerry still exists — and the fact that it spent $1.4 billion of the $2.4 billion in capital it had — is the most surprising part of the Cylance acquisition. BlackBerry hasn’t shirked its mythological status as the case study of what […]

The Forrester New Wave™: Cybersecurity Risk Ratings, Q4 2018 Earlier today, we published “The Forrester New Wave™: Cybersecurity Risk Ratings, Q4 2018” evaluation. We take a close look at the nine most important vendors in this rising market, reviewing their current capabilities, customer references, and strategic road maps. This includes vendor profiles, with our analysis and buyer […]

Next year, the biggest challenges to the cybersecurity industry will come from outside forces. In 2019, geopolitical trends will reintroduce old enemies and escalate issues of cyberespionage and sabotage. As criminals follow the money — as they are wont to do — they will use emerging technologies to go after commerce in a BIG way. […]

Today, my team published Forrester’s predictions for the cybersecurity industry in 2019. We listed five key trends that we think will impact the industry over the next 12 months. Here is my take on how three of these trends will play out in the European cybersecurity market: Economic espionage in Europe will increase due to […]

Sending malicious payloads and packets is no longer the standard in threat operations. In today’s world of massive social media presence and influence, malicious actors can bring an organization to its knees — 280 characters at a time. This isn’t an attack on your infrastructure but an attack of computational propaganda aimed to shape a divisive […]

In late 2016, IBM announced the availability of its full-scale cyber range at the Cambridge, MA headquarters of its security division. With two shifts per day and currently booked out six to eight months, it’s been a huge success for the division. The range isn’t just about training security incident response analysts; it’s a full […]

Today, we in Europe woke up to headlines about attempted cyberattacks by Unit 26165 of Russia’s GRU intelligence service. In a world where the attribution of cyberattacks is a notoriously difficult task, the UK, the Netherlands, and the US made a joint announcement of the foiling of an attempt by four hackers linked to Unit […]

I’m so excited about my latest contribution to our research on “How To Become A Superstar Security Leader” (led by my fabulous colleagues Claire O’Malley and Chris McClean). I often get asked by clients and colleagues I speak with: “What does a modern-day CISO look like? What qualities do great CISOs have?” This can be […]

Facebook Loses More User Data (This Time Unintentionally) Facebook announced that it experienced a breach this week that lost 50 million users’ data. Ironically, the breach happened in part due to exploited bugs in three features developed to give users more control over their privacy. Some quick key lessons to take away from this breach: […]