cybersecurity

Forrester VP and Group Director Stephanie Balaouras reviews the infusion of an open source development mentality in IBM Security and the impact on the broader security ecosystem.

Forrester’s analysts serving the Australia and New Zealand market presented their 2020 predictions at a client event on November 14th. We recap some of our top predictions.

It doesn’t rain; it pours. And I’m so pleased to be announcing yet another report! This time, it’s short, and it summarizes our suite of awareness, behavior, and culture research (security ABCs)! I joined Forrester 18 months ago, and we (like many in the industry) were covering and talking about all sorts of brilliant stuff […]

Today, my inaugural evaluation of the European consulting services provider market published, as I write this blog from the city of Barcelona. Along with “The Forrester Wave™: Cybersecurity Consulting Services In Asia Pacific, Q4 2019,” which published yesterday (see here), this marks the first time that we have explicitly assessed the European security consulting services […]

Bot traffic can eat into profits and sabotage customer experiences. Learn how to play defense.

Read the top three cybersecurity predictions for 2020 from Forrester Research analyst Jeff Pollard.

This year’s NCSAM theme of “Own IT. Secure IT. Protect IT.” is a powerful call to action for ownership and accountability. However, many heeding this call won’t think about how it also extends to the vast and growing network of third-party relationships. Why? For most organizations, third parties complicate cybersecurity risk management.

We, as security practitioners, need to be mindful about what we mean when we say “2FA” or “MFA.” These terms are often used interchangeably. The confusion is understandable, since 2FA is a subset of MFA. However, just like Halloween candy, MFA (including 2FA) comes in many flavors. Let’s unpack these terms and consider the various […]

Are you a tech optimist? I generally tend to be. Yet as I read about new technology, I sometimes find myself thinking, “This is amazing! And terrifying.” As we approach the end of cybersecurity Awareness Month, I’d like to draw attention to the issue of technology-facilitated abuse. Abusers Use Technology To Control And Hold Power […]

Cyberthreat intelligence (CTI) is an overcrowded space that is overdue for contraction. In general, we see it filled with smaller vendors with founders who come from an intel background, got enough funding to land a Fortune 100 client (not exclusively, mind you), and have put their logo into every pitch deck they use when going […]

Browser based attacks are particularly frustrating because they directly affect your customers. Learn what attackers are doing and how to minimize the risk.

Get five new resources for cybersecurity threat management in your enterprise.

Even cybersecurity experts can get fooled. Read this cautionary tale of a time when a security and risk expert almost got hacked.

We can’t predict whether Brexit will really happen on October 31 and whether a deal will be concluded or not. However, we do now know that we are likely to leave with a withdrawal agreement that affects security at the institutional level. Read our three primary areas of concern for CISOs.

AISA’s (Australian Information Security Association) annual CyberCon conference was a sight to behold, with an amazing lineup of panelists, keynote speakers, and some female attendees (at last!). Set against the (unusually) sunny, crisp backdrop of Melbourne’s South Wharf, the conference was an immersive two days of contentious debates and discussions on just how pervasive and […]

Cybersecurity strategy is on the agenda of most boardrooms and the pressure is on for CISOs. Get 6 tips for Cybersecurity Awareness Month.

Training alone can’t protect your organization from a phishing attack. Learn how a layered approach that combines technical controls and user education can.

Every once in a while, something happens that leaves you walking away feeling like you got away with murder. Today, I get to share with you one of my latest exploits. My coverage here at Forrester for the past 3-plus years has been vulnerability management, threat intelligence, detection technologies, and incident response. While each of […]

Many vulnerability risk management (VRM) solutions are limited and fail to provide meaningful metrics about the health of your VRM program. One example is the use of counting metrics such as the number of vulnerabilities identified in your organization. Counting stats don’t have any real value because they fail to provide context. These vulnerabilities could […]