security risk management

La prochaine vague de transformation des entreprises sera celle du développement durable.

I am excited to announce “The Forrester Wave™: Endpoint Security Software As A Service, Q2 2021.” Although Forrester has previously published other endpoint security Wave evaluations, this is the first Wave on endpoint security software that exclusively focuses on SaaS-delivered products and functions. As more security admin and employees shifted to work from home in […]

On Friday, May 7, 2021, Colonial Pipeline safely shut down its pipeline operations due to a ransomware incident in its corporate network. Colonial Pipeline transports 45 percent of the fuel along the East Coast of the United States through 5,500 miles of pipeline. To mitigate the disruption of Colonial Pipeline, the US government allowed a […]

Forrester's new research provides a concrete definition of trust and identifies seven key levers to help companies win the trust of their customers, employees, and partners.

We all need a bit of whimsy in our lives. This is not just an excuse for a whimsical blog post, though there is that. Whimsy and laughter build bridges. And in the security world, where empathy is a critical resource, whimsy can be a first and recurring step in connecting with the teams outside […]

Learn three key shifts European CISOs are making to address the COVID-19 pandemic and new regulations.

We are thrilled to announce the publication of “The Forrester Wave™: External Threat Intelligence Services, Q1 2021.” External threat intelligence services (ETIS) are important to security teams to fill gaps in their existing collection plans with specialized services that will enhance their existing cyber defense and reduce risk. External threat intelligence services are different in […]

After a tumultuous period of reactive steps, now is the right time for security and risk pros to get their long-term plans back on track.

Earlier this month, a US State Department spokeswoman announced that the US had identified three online publications that were attempting to discredit the Pfizer and Moderna vaccines, all of which were directed by Russian intelligence. In Forrester’s annual report on top security threats, we explore the top security threats that security professionals must monitor, including […]

Struggling to keep up with changing privacy requirements around the world? Learn the three major trends driving the changes and how a new tool can help.

First off, I’d like to express how thrilled I am to join Forrester’s security and risk research (S&R) team as a senior analyst. I’ve been working closely with this team for eight years in my previous role as a principal advisor to our chief information security officer (CISO) community, and I’m honored to join the […]

Forrester analysts take a detailed look at what's driving the unprecedented premium being paid in this acquisition.

The cybersecurity risk ratings (CSR) market is a bit like Marmite or SPAM (the pork product in a can, not the unwelcome emails) — some customers love it, others hate it. We see examples of both extremes in our customer interactions, interviews, and research on this market. Our responsibility as analysts is to highlight where […]

Struggling to define where GRC ends and IAM begins? Get a clear breakdown of how the two functions should work together in a broader risk management strategy.

Yesterday, the city of Oldsmar, Florida conducted a press conference to disclose that an unknown person had remotely accessed the city’s water treatment system. The public was never in danger, since operators detected the breach quickly and reversed the changes made by the threat within moments. The change made to the system was “loud” — […]

Today’s enterprise security buyers evaluating a new endpoint security suite often begin with a security RFP layered thick with many existing endpoint security features and capabilities, including antimalware, host firewall, anti-exploit, and application control. However, as our evaluation in the “The Forrester Wave™: Endpoint Security Suites, Q3 2019” showed, the major differentiation between today’s endpoint […]

Operational technology (OT) and industrial control system (ICS) security are vitally important for the safety of the people who work in critical infrastructure and manufacturing. OT security is also necessary for the consumers of the energy, drinking water, and products made in our industrial facilities. OT security is a unique security domain of growing importance, and yesterday’s announcement of Dragos’ Series C funding round of $110 million is another validation of […]

Learn how the pandemic's increased uncertainty and volatility has produced some attractive M&A opportunities in DevOps and IT Management.