cybersecurity

We can’t predict whether Brexit will really happen on October 31 and whether a deal will be concluded or not. However, we do now know that we are likely to leave with a withdrawal agreement that affects security at the institutional level. Read our three primary areas of concern for CISOs.

AISA’s (Australian Information Security Association) annual CyberCon conference was a sight to behold, with an amazing lineup of panelists, keynote speakers, and some female attendees (at last!). Set against the (unusually) sunny, crisp backdrop of Melbourne’s South Wharf, the conference was an immersive two days of contentious debates and discussions on just how pervasive and […]

Cybersecurity strategy is on the agenda of most boardrooms and the pressure is on for CISOs. Get 6 tips for Cybersecurity Awareness Month.

Training alone can’t protect your organization from a phishing attack. Learn how a layered approach that combines technical controls and user education can.

Every once in a while, something happens that leaves you walking away feeling like you got away with murder. Today, I get to share with you one of my latest exploits. My coverage here at Forrester for the past 3-plus years has been vulnerability management, threat intelligence, detection technologies, and incident response. While each of […]

Many vulnerability risk management (VRM) solutions are limited and fail to provide meaningful metrics about the health of your VRM program. One example is the use of counting metrics such as the number of vulnerabilities identified in your organization. Counting stats don’t have any real value because they fail to provide context. These vulnerabilities could […]

It’s been a couple of months since my last blog post! A huge vacation in the UK, backed up by RSA Conference in Singapore, our Financial Services Summit back in Sydney, and then off again to the north for our Security & Risk Forum in DC have left me no chance to reflect. Between those […]

Gaze deeply into our security & risk crystal ball: We see cybersecurity professionals succeeding and growing. We also see some hard work ahead. Learn more.

Is it time we rebrand EDR as “enterprise detection and response”?

Cybersecurity talent is scarce. Developing and retaining current employees can help you maintain your edge and defray expensive recruiting costs. Learn more.

On this episode of What It Means, VP and Group Director Stephanie Balaouras and VP and Principal Analyst Jeff Pollard dissect the myths, misconceptions, and half-truths within the current cybersecurity staffing shortage — and discuss a more effective way for security and risk leaders to build a complete, qualified team.

Walk the show floor at any security event, and you will be inundated with a multitude of purportedly cutting-edge and disruptive security technologies. When every vendor claims that their solution is unique, and that no security program would be complete without it, how do you cut through the noise to pinpoint what you must pay […]

Current projections show that we will have nearly two million job vacancies in the security sector by 2022. However, this is a problem of our own making. Fixing this will require changes to the way we hire, train, and retain security pros.

Cybersecurity risk rating solutions are a polarizing topic for security leaders. We meet promoters and detractors in roughly equal measure in the customers that we speak to. Positive client sentiment cites the ability to continuously monitor their third parties, and the simplicity of the quantifiable risk score is popular. Security leaders tell us it is […]

It has taken me 15 months and a LOT of travel, listening, and talking to feel confident enough to write this research for APAC. APAC is a unique region in its cultural, geographic, regulatory, security maturity, and economic diversity. Writing anything APAC-related (at least for me) meant that I needed to understand the region with […]

Does your organization have a strategy for protecting employees at home as a part of your overall cybersecurity program? Something that could include, but really goes to a place that is beyond, awareness training? If You Answered “No,” You’re Not Alone Employee privacy is a big reason why not. And yet, as the connected smart […]

We’re hiring! Forrester’s security and risk research team is growing and currently has four open analyst positions: identity and access management, application security, security analytics, and Zero Trust. When I speak to candidates about the analyst role, they all ask one question that I find difficult to answer: “What’s a typical day like for an […]

Security and risk leaders consistently rank compliance with global privacy regulations as one of their top three challenges. To help them, Forrester periodically updates our map of global privacy rights and regulations. We released our 2019 version today. This year, we included 61 countries, adding Kuwait, the Philippines, Qatar, Saudi Arabia, Sri Lanka, the United […]