security & risk

Another Friday, Another Breach Announcement Today, Marriott announced that it uncovered four-plus years of a previously unknown, unexpected, and unauthorized data breach that includes travel details, passport numbers, and credit card data. Five hundred million customers found out this morning when Marriott announced a multiyear breach dating back to 2014. Longstanding defects in Starwood’s database and network […]

I published my first Forrester Wave™ today, covering the managed security services provider (MSSP) market in Europe. The culmination of four months of hard work by not just us but all the vendors involved, this is to my knowledge our first analysis focused on the needs of the European market for MSSPs. Here are some […]

“Everything Is An Endpoint” Brings BlackBerry Back From The Dead For many, the fact that BlackBerry still exists — and the fact that it spent $1.4 billion of the $2.4 billion in capital it had — is the most surprising part of the Cylance acquisition. BlackBerry hasn’t shirked its mythological status as the case study of what […]

We just wrapped up five months of in-depth research focused on providing some clarity into what technologies from which vendors actually enable Zero Trust (not just talk about it). It didn’t take long to discern those among the vendor community that really embraced the strategic benefits of Zero Trust — and those that seemed to just […]

The Forrester New Wave™: Cybersecurity Risk Ratings, Q4 2018 Earlier today, we published “The Forrester New Wave™: Cybersecurity Risk Ratings, Q4 2018” evaluation. We take a close look at the nine most important vendors in this rising market, reviewing their current capabilities, customer references, and strategic road maps. This includes vendor profiles, with our analysis and buyer […]

Today, my team published Forrester’s predictions for the cybersecurity industry in 2019. We listed five key trends that we think will impact the industry over the next 12 months. Here is my take on how three of these trends will play out in the European cybersecurity market: Economic espionage in Europe will increase due to […]

In late 2016, IBM announced the availability of its full-scale cyber range at the Cambridge, MA headquarters of its security division. With two shifts per day and currently booked out six to eight months, it’s been a huge success for the division. The range isn’t just about training security incident response analysts; it’s a full […]

It may not seem like it yet, but climate change is altering the world so drastically that all enterprises will need to undergo a transformation to avoid going extinct. Earlier this week, the UN’s Intergovernmental Panel on Climate Change (IPCC) reported (with high confidence) that at the rate we’re going, global warming of 1.5°C is likely […]

I received a text message the other day that looked a lot like what I might get from my bank if I triggered some antifraud check. The timing was impeccable; I had just used the card to pay for takeout and had walked out to my motorcycle to head home. When I initially got the […]

Facebook Loses More User Data (This Time Unintentionally) Facebook announced that it experienced a breach this week that lost 50 million users’ data. Ironically, the breach happened in part due to exploited bugs in three features developed to give users more control over their privacy. Some quick key lessons to take away from this breach: […]

Security is one of those words that is associated with hackers, reputational failures, and fear, uncertainty, and doubt. I disagree: Security, when done properly, can be one of the biggest investments you make. It is crucial to building customer trust and safeguarding digital investments. Furthermore, responding well to a breach can enhance shareholder value and […]

I have done a few exercises on implementing Zero Trust and Zero Trust eXtended (ZTX) in enterprises. The impetus behind these exercises from a strategy standpoint is that the participating organizations have leaders that are Forrester clients and had read, or at least breezed through, the research that has been published on the topic of […]

I have done a few exercises on implementing Zero Trust and Zero Trust eXtended (ZTX) in enterprises. The impetus behind these exercises from a strategy standpoint is that the participating organizations have leaders that are Forrester clients and had read, or at least breezed through, the research that has been published on the topic of […]

Who knew that failed data governance would be the thing to turn the privacy world on its ear? When the Facebook/Cambridge Analytica scandal broke . . . and then got worse, consumers and politicians alike finally seemed to understand that the data economy had gotten away from us all. As a result, 2018 has forever […]

Well, it’s happening! My first Forrester report was published this week. (Forrester clients can access here.) The topic? Cybersecurity transformation, of course! It’s what I have lived and breathed for the last 3.5 years. I have also engaged peer CISOs doing terrific work transforming their firms’ security function and capabilities — I’ve always had a passion […]

Today, Cisco announced that it has acquired Ann Arbor, Michigan/California-based Duo Security for $2.35 billion in cash. Founded in 2010, Duo Security has been growing rapidly over the last few years with its multifactor authentication (MFA) offering and has raised over $120 million in venture financing to date. Based on Forrester’s estimates of Duo Security’s […]

Over the past few years, companies in all markets have embraced digital transformation, whether it is financial services finding new mechanisms to engage with customers or manufacturers adding sensors and other data collection components into their operational processes. These digital transformation efforts are about leveraging digital insights to drive better outcomes. Digital transformation has value in the […]

Digital Risk Protection In 2018: New Vendors, New Leaders, New Wave Our “The Forrester New Wave™: Digital Risk Protection, Q3 2018” report is out! Take a look at how 14 DRP vendors stack up in this emerging market. You will find detailed vendor profiles and analysis evaluating how well they monitor and mitigate organizations’ external, […]

Estimates of the cost of fraud vary widely, but almost everyone agrees that the cost is huge and appears to be increasing. Looking just at eCommerce, Forrester predicts that US and Western European eCommerce fraud will reach $18.6 billion in 2018. And in its 2017 True Cost of Fraud report, LexisNexis Risk Solutions estimates that fraud […]