security operations & program governance

Insights

BLOG

Cybersecurity Transformation Is A Thing, And It Needs Personal And Relentless Drive

Jinan Budge August 2, 2018

Well, it’s happening! My first Forrester report was published this week. (Forrester clients can access here.) The topic? Cybersecurity transformation, of course! It’s what I have lived and breathed for the last 3.5 years. I have also engaged peer CISOs doing terrific work transforming their firms’ security function and capabilities — I’ve always had a passion […]

Read More
BLOG

Building The Language Bridge Between Security And The C-Suite

Jinan Budge June 8, 2018

If you had half an hour with a board member and you wanted to get coaching from them about how to communicate with them about security, what would you ask them? In a few weeks’ time, I will have just that opportunity when I facilitate a panel with some prominent board directors. Getting inside the […]

Read More
BLOG

Zero Trust on a Beer Budget

Chase Cunningham February 7, 2018

I have a good friend who has a small business (roughly 100 employees and two office locations; everything lives in the cloud, no real “network” to speak of) that is doing well. A few weeks ago, over barbecue and range time (some folks play golf, we shoot guns . . . it’s a Texas thing), […]

Read More
BLOG

What ZTX means for vendors and users

Chase Cunningham January 23, 2018

I am a huge fan of Zero Trust—the simplicity of the concept resonates with clients that read the research authored previously by John Kindervag and more recently myself. The framework’s intrinsic value to security and business processes is readily evident to those who explore how it benefits their security needs.  If we’re honest about Zero […]

Read More
BLOG

The Equifax Breach Will Haunt Us In Years To Come

Amy DeMartine December 19, 2017

Data breaches are now so common – and so large – that we measure them in percentage of worldwide internet users. Although Equifax doesn’t even make it into the top 5 at 4.08% of the approximately 3.5 billion internet users, news of it rocked citizens of the US when announced. The Equifax breach has unique […]

Read More
BLOG

TIP of the Iceberg: Research Announcement on Threat Intel Platforms

Josh Zelonis November 9, 2017

A common feature in the threat intelligence platform (TIP) space is aggregation of data and providing an interface for managing threat intelligence — this seems to be where the product visions diverge. While many of these platforms have been around for years, until there is a unified vision for these products, I continue to view […]

Read More
BLOG

Equifax Does More Than Credit Scores

Jeff Pollard September 8, 2017

Our reaction to the Equifax breach was similar to what we imagine many people went through. First, we wanted to know if we were affected. Second, what about our spouse and other immediate family members? Third, better keep an eye on the old credit report or initiate a credit freeze. Since Forrester offers credit monitoring […]

Read More
BLOG

You Deserve What You Tolerate . . .

Chase Cunningham August 18, 2017

After reading through some other blogs and strategy papers over the weekend (don’t judge me; to some of us, this activity constitutes a good time . . . yes, lame . . . I know), I saw what appeared to be an underlying theme across the narratives I’d read: Security tolerates failure. It’s understandable that […]

Read More
BLOG

Applying Our Research To Black Hat 2017

Jeff Pollard July 24, 2017

I summarized RSA 2017 in the following way: It’s a bit like the supermarket; you’ll make far healthier choices if you stick to the outer aisles. Well, Las Vegas B-Sides, Black Hat, and DefCon are taking place this week, and since these events differ in tone, audience, and participants, I’ve updated my advice: We’ve gone […]

Read More
BLOG

We Don't Need Jedis

Chase Cunningham July 7, 2017

Like every other movie buff, geek, or nerd on the planet I am a Star Wars fan.  I think it’s a stellar series (minus the whole Jar Jar Binks thing, anything with that guy in it could be used as an alternative to waterboarding) that has spun a tale for the ages across the better […]

Read More