cybersecurity

Stay up-to-date on the cutting edge of cybersecurity with insights on Zero Trust, vendors, regulations, and other privacy & security topics.

Insights

BLOG

S&R Confessional: The Time I Almost Got Hacked

Jeff Pollard 2 days ago
I’m continuing the trend my colleague Josh Zelonis started last year during Cybersecurity Awareness Month to share a few stories of the time I almost got hacked. It can — and does — happen to everyone, including folks that should know better. Blaming users for mistakes becomes a trap far too many of us security […]
Read More
BLOG

The Impact Of Brexit On CISOs

Paul McKay 6 days ago
We can’t predict whether Brexit will really happen on October 31 and whether a deal will be concluded or not. However, we do now know that we are likely to leave with a withdrawal agreement that affects security at the institutional level. Read our three primary areas of concern for CISOs.
Read More

Five Steps To Zero Trust Security

How to achieve and maintain Zero Trust.

BLOG

So What Was CyberCon 2019 Like?

Seles Sebastin 7 days ago
AISA’s (Australian Information Security Association) annual CyberCon conference was a sight to behold, with an amazing lineup of panelists, keynote speakers, and some female attendees (at last!). Set against the (unusually) sunny, crisp backdrop of Melbourne’s South Wharf, the conference was an immersive two days of contentious debates and discussions on just how pervasive and […]
Read More
BLOG

What CISOs Need To Do To Maximize Cybersecurity Awareness Month

Jinan Budge October 10, 2019
Cybersecurity strategy is on the agenda of most boardrooms and the pressure is on for CISOs. Get 6 tips for Cybersecurity Awareness Month.
Read More
BLOG

Unfortunately, Awareness Alone Won’t Do It: Successful Phishing Defense Requires A Layered Approach

Joseph Blankenship October 2, 2019
Training alone can’t protect your organization from a phishing attack. Learn how a layered approach that combines technical controls and user education can.
Read More
BLOG

Adventures In New And Evolving Coverage: Threat Detection And Response

Josh Zelonis October 1, 2019
Every once in a while, something happens that leaves you walking away feeling like you got away with murder. Today, I get to share with you one of my latest exploits. My coverage here at Forrester for the past 3-plus years has been vulnerability management, threat intelligence, detection technologies, and incident response. While each of […]
Read More
BLOG

Three Critical Metrics You Should Expect From A Vulnerability Risk Management Solution

Josh Zelonis September 26, 2019
Many vulnerability risk management (VRM) solutions are limited and fail to provide meaningful metrics about the health of your VRM program. One example is the use of counting metrics such as the number of vulnerabilities identified in your organization. Counting stats don’t have any real value because they fail to provide context. These vulnerabilities could […]
Read More

Zero Trust In Practice

The theory of Zero Trust was penned by Forrester almost a decade ago. Now, we help you put it in practice.

BLOG

The Weather’s Heating Up Down Under, And So Is My Upcoming Research!

Jinan Budge September 20, 2019
It’s been a couple of months since my last blog post! A huge vacation in the UK, backed up by RSA Conference in Singapore, our Financial Services Summit back in Sydney, and then off again to the north for our Security & Risk Forum in DC have left me no chance to reflect. Between those […]
Read More
BLOG

Security & Risk 2019: Peering Into The Crystal Ball — Security Edition

Jeff Pollard August 27, 2019
Gaze deeply into our security & risk crystal ball: We see cybersecurity professionals succeeding and growing. We also see some hard work ahead. Learn more.
Read More
BLOG

VMware Signals The End Of “Endpoint” Detection And Response

Josh Zelonis August 23, 2019
Is it time we rebrand EDR as “enterprise detection and response”?
Read More
BLOG

Maintain Your Security Edge: Develop And Retain Cybersecurity Talent

Heidi Shey August 21, 2019
Cybersecurity talent is scarce. Developing and retaining current employees can help you maintain your edge and defray expensive recruiting costs. Learn more.
Read More
PODCAST

Let’s Reverse Cybersecurity’s Self-Inflicted Staffing Shortage

What It Means August 15, 2019
On this episode of What It Means, VP and Group Director Stephanie Balaouras and VP and Principal Analyst Jeff Pollard dissect the myths, misconceptions, and half-truths within the current cybersecurity staffing shortage — and discuss a more effective way for security and risk leaders to build a complete, qualified team.
Listen Now
VIDEO

Zero Trust In Action

Chase Cunningham August 8, 2019

Watch Now
BLOG

Top Security Technology Trends In 2019: Transforming The Future Of Work In Security

Amy DeMartine August 7, 2019
Walk the show floor at any security event, and you will be inundated with a multitude of purportedly cutting-edge and disruptive security technologies. When every vendor claims that their solution is unique, and that no security program would be complete without it, how do you cut through the noise to pinpoint what you must pay […]
Read More
BLOG

Security & Risk 2019: Cybersecurity’s Staffing Shortage Is Self-Inflicted

Joseph Blankenship August 6, 2019
Current projections show that we will have nearly two million job vacancies in the security sector by 2022. However, this is a problem of our own making. Fixing this will require changes to the way we hire, train, and retain security pros.
Read More
BLOG

Cybersecurity Risk Ratings Are Here To Stay — Learn To Work With Them

Paul McKay July 31, 2019
Cybersecurity risk rating solutions are a polarizing topic for security leaders. We meet promoters and detractors in roughly equal measure in the customers that we speak to. Positive client sentiment cites the ability to continuously monitor their third parties, and the simplicity of the quantifiable risk score is popular. Security leaders tell us it is […]
Read More
BLOG

Security Budgets In Asia Pacific, 2019

Jinan Budge July 15, 2019
It has taken me 15 months and a LOT of travel, listening, and talking to feel confident enough to write this research for APAC. APAC is a unique region in its cultural, geographic, regulatory, security maturity, and economic diversity. Writing anything APAC-related (at least for me) meant that I needed to understand the region with […]
Read More
BLOG

Enterprise Meets Consumer Security: Exploring Approaches To Protect Employees At Home

Heidi Shey July 8, 2019
Does your organization have a strategy for protecting employees at home as a part of your overall cybersecurity program? Something that could include, but really goes to a place that is beyond, awareness training? If You Answered “No,” You’re Not Alone Employee privacy is a big reason why not. And yet, as the connected smart […]
Read More
BLOG

A Typical Day Of Analyst Life

Heidi Shey June 27, 2019
We’re hiring! Forrester’s security and risk research team is growing and currently has four open analyst positions: identity and access management, application security, security analytics, and Zero Trust. When I speak to candidates about the analyst role, they all ask one question that I find difficult to answer: “What’s a typical day like for an […]
Read More
BLOG

It’s Here: The 2019 Forrester Global Map Of Privacy Rights And Regulations

Enza Iannopollo June 24, 2019
Security and risk leaders consistently rank compliance with global privacy regulations as one of their top three challenges. To help them, Forrester periodically updates our map of global privacy rights and regulations. We released our 2019 version today. This year, we included 61 countries, adding Kuwait, the Philippines, Qatar, Saudi Arabia, Sri Lanka, the United […]
Read More
More posts