security & risk

With the proliferation of data and the ubiquity of connected devices, organizations can move with unmatched efficiency, but simultaneously incur increased risks. Read our insights on how security & risk professionals can succeed in this environment.

Insights

Blog

A CISO’s Guide To Leading Change

Jinan Budge 3 days ago
Successful transformation depends on the human element. Read our five takeaways.
Read More
Blog

The F5 Acquisition Of Shape Security: An Insider’s View

David Holmes 3 days ago
David Holmes formerly worked for both F5 Networks and Shape Security. The F5 Networks acquisition of Shape Security marked the third time in a year that a web application firewall (WAF) vendor purchased a bot management solution, as fellow Forrester analyst Sandy Carielli noted in her blog (The WAF-Bot Management Acquisition Waltz). The other two […]
Read More

Five Steps To Zero Trust Security

How to achieve and maintain Zero Trust.

Blog

FORRward: A Weekly Read For Tech And Marketing Execs

Brigitte Majewski January 13, 2020
AI, Privacy, And Transparency Dominate The Marketing Discussion At CES 2020 Rather than trolling the floor of the more than 4,400 exhibits at this year’s Consumer Electronics Show (CES) looking for the technology of the future, Jay Pattisall tried something different: listening to the conversations of marketers and agency executives for hot issues. Artificial intelligence […]
Read More
Blog

Resolving Or Revolving?

Chase Cunningham January 2, 2020
It’s that time of year: when folks make up their minds that things are going to change. The gym is full of new members who are eager to get into their journey toward some other semblance of better health, or a beach body, or some change that they desire. Others are in that annual state […]
Read More
Blog

The WAF-Bot Management Acquisition Waltz

Sandy Carielli December 31, 2019
With F5 Networks buying itself a $1 billion Christmas present in Shape Security, it’s a good time to review the state of the bot management market. The Shape Security sale caps off a year of bot management acquisitions by web application firewall (WAF) vendors. In January, Radware announced that it had acquired ShieldSquare, and in […]
Read More
Blog

FORRward: A Weekly Read For Tech And Marketing Execs

Brigitte Majewski December 23, 2019
Thanks for checking out the last FORRward perspective for 2019. We’ll be back in 2020 with more fresh ideas and thoughtful commentary. Wishing everyone a wonderful holiday! Healthcare CIOs Are Pushing US Congress To Block Patient Data Sharing Across Mobile Apps The College of Healthcare Information Management Executives (CHIME), representing more than 3,200 CIOs and […]
Read More
Blog

Employee Safety Is For Sale

Jeff Pollard December 20, 2019
New risks emerge around user location data that may have you rethinking your cybersecurity plan.
Read More
Blog

Decade Retrospective: Cybersecurity From 2010 To 2019

Jeff Pollard December 17, 2019
From the Intel-McAfee deal to the Sony Pictures breach, VP and Principal Analyst Jeff Pollard reviews the past decade’s cybersecurity highlights and lowlights.
Read More
Blog

FORRward: A Weekly Read For Tech And Marketing Execs

Brigitte Majewski December 16, 2019
Product Security Takes Center Stage As Attackers’ Livestream Ring Devices Harass Users The astronomical success of Ring’s opt-in surveillance products took a dark turn over the last week when attackers began reusing credentials to gain access to the devices and harass families. The devices themselves were not compromised; instead, attackers reused passwords from accounts without […]
Read More
Blog

Retailers, Prepare Wisely: DDoS Remains A Holiday Threat

David Holmes November 26, 2019
A distributed denial of service attack can turn a retailer's holiday season from merry to miserable. Learn how to protect yourself.
Read More
Blog

BC And DR Pros, We Need Your Help!

Naveen Chhabra November 22, 2019
Each year, Forrester Research and the Disaster Recovery Journal (DRJ) team up to launch a study examining the state of business resiliency. Each year, we focus on a resiliency domain: IT disaster recovery (DR), business continuity (BC), or overall enterprise risk management (ERM). The studies provide BC pros, DR pros, and other risk managers an […]
Read More
Blog

Enterprise Security Vendors Need An Infusion Of Open Source Culture

Stephanie Balaouras November 21, 2019
Forrester VP and Group Director Stephanie Balaouras reviews the infusion of an open source development mentality in IBM Security and the impact on the broader security ecosystem.
Read More
Blog

Enterprises Need Plans For Both Climate Sustainability And Adaptation

Stephanie Balaouras November 12, 2019
Discover why sustainability and climate adaptation planning aren’t the same, and why your firm needs both to succeed.
Read More
Blog

Integrated Risk Management: What Is It?

Renee Murphy November 8, 2019
I am often asked, “Renee, what is integrated risk management (IRM), and how is it different from GRC?” You are neither misinformed nor are you horribly confused. We have been on a seven-year journey together maturing governance, risk management, and compliance (GRC) programs to eventually give you the process, program, and data to get to […]
Read More
Blog

Research Announcement: The Forrester Wave™: European Cybersecurity Consulting Providers, Q4 2019

Paul McKay October 31, 2019
Today, my inaugural evaluation of the European consulting services provider market published, as I write this blog from the city of Barcelona. Along with “The Forrester Wave™: Cybersecurity Consulting Services In Asia Pacific, Q4 2019,” which published yesterday (see here), this marks the first time that we have explicitly assessed the European security consulting services […]
Read More
Blog

Retailers, Don’t Let Grinchy Bots Ruin Your Holiday Season

Sandy Carielli October 31, 2019
Bot traffic can eat into profits and sabotage customer experiences. Learn how to play defense.
Read More
Blog

Extending Cybersecurity Awareness Of The Third-Party Ecosystem

Alla Valente October 29, 2019
This year’s NCSAM theme of “Own IT. Secure IT. Protect IT.” is a powerful call to action for ownership and accountability. However, many heeding this call won’t think about how it also extends to the vast and growing network of third-party relationships. Why? For most organizations, third parties complicate cybersecurity risk management.
Read More
Blog

Two-Factor Authentication (2FA) Or Multifactor Authentication (MFA)? That Is The Question

Sean Ryan October 29, 2019
We, as security practitioners, need to be mindful about what we mean when we say “2FA” or “MFA.” These terms are often used interchangeably. The confusion is understandable, since 2FA is a subset of MFA. However, just like Halloween candy, MFA (including 2FA) comes in many flavors. Let’s unpack these terms and consider the various […]
Read More
Blog

The Dark Side Of Tech: Don’t Let Security Be An Enabler For Abuse

Heidi Shey October 28, 2019
Are you a tech optimist? I generally tend to be. Yet as I read about new technology, I sometimes find myself thinking, “This is amazing! And terrifying.” As we approach the end of cybersecurity Awareness Month, I’d like to draw attention to the issue of technology-facilitated abuse. Abusers Use Technology To Control And Hold Power […]
Read More
Blog

Ransomware: The Nightmare Before Cyber Monday

Josh Zelonis October 22, 2019
Cybersecurity needs to be part of every retailer's holiday strategy. Learn how to protect against one particularly menacing threat.
Read More
More posts