security risk management

With the proliferation of data and the ubiquity of connected devices, organizations can move with unmatched efficiency, but simultaneously incur increased risks. Read our insights on how security & risk professionals can succeed in this environment.

Discover how Forrester supports IT leaders.

Insights

Blog

Recent Dragos Funding Round Demonstrates Growing Demand For OT Security Solutions

Brian Kime December 9, 2020
Operational technology (OT) and industrial control system (ICS) security are vitally important for the safety of the people who work in critical infrastructure and manufacturing. OT security is also necessary for the consumers of the energy, drinking water, and products made in our industrial facilities. OT security is a unique security domain of growing importance, and yesterday’s announcement of Dragos’ Series C funding round of $110 million is another validation of […]
Read More
Blog

COVID Drives M&A Activity In DevOps And IT Management

Sandy Carielli December 4, 2020
Learn how the pandemic's increased uncertainty and volatility has produced some attractive M&A opportunities in DevOps and IT Management.
Read More

Predictions 2021 Hub

Explore our blog posts, videos, guides, and other resources to understand the dynamics that will shape 2021.

Blog

It Is A Privilege To Announce The Forrester Wave™: Privileged Identity Management (PIM), Q4 2020

Sean Ryan November 19, 2020
Bad puns in the title of this blog post aside (queue the rolling of the eyes, sigh, and slight smirk), we are pleased to announce that “The Forrester Wave™: Privileged Identity Management (PIM), Q4 2020” is now live. While PIM vendors have been adding new capabilities and improved user experience over the past two years, […]
Read More
Blog

Bots Kept Jeff From Buying A PS5, And Sandy Had To Hear About It

Sandy Carielli November 18, 2020
It’s not that I’m not a gamer. I enjoy board games and card games: Trivial Pursuit, Settlers of Catan, SET, Hive. I’m up to level 3056 in Two Dots. As a kid, I played Super Mario Land on my brother’s Game Boy and Sonic the Hedgehog on the family Sega Genesis. But I’ve never been […]
Read More
Blog

GAIA-X Must Be More Than Just Another European Infrastructure Provider, Or It Will Deliver No Value

Paul McKay November 12, 2020
Today Paul Miller, Tracy Woo, and I released our report that examines the market impact of the GAIA-X project. France and Germany announced an initiative in 2019, which was formalized as the GAIA-X Foundation in early October 2020. For our report, we spoke with several of the GAIA-X founders and studied its potential impact for […]
Read More
Blog

Dealing With The Access Hoarders In Your Organization

Sean Ryan November 11, 2020
Anyone who has seen the show Hoarders knows how people who fill their houses with unneeded stuff can literally bury themselves in junk. Security and risk (S&R) pros who manage employee access to apps, databases, and systems should notice the Hoarders parallel when it comes to IT access: Many employees unknowingly acquire access over time, […]
Read More
Blog

Black Friday “All Season Long”? Expect The Bots To Follow Suit

Sandy Carielli November 5, 2020
I was scouring some of the Black Friday ads this week, and the trend seems to be less “Black Friday” than “Black November and probably most of December, too.” Best Buy is touting, “Black Friday all season long.” Target offers weekly “Black Friday Now” deals. Walmart? “Black Friday Deals for Days!” None of this is […]
Read More
Blog

How A Password Manager Could Save Your Marriage

Brian Kime October 29, 2020
My wife has the good fortune of living with a security and risk pro who also happens to be a US Army intelligence officer, so she’s been previously scolded about lax security practices. I also point out how “hacking” scenes on TV and in movies are comical and inaccurate. Note: Said wife was not consulted […]
Read More
Blog

Thinking Ransomware Defense: Air Gaps?

Naveen Chhabra October 29, 2020
Air Gaps Aren’t Effective; Scratch Them From Your List . . . The number of companies falling victim to ransomware attacks continues to grow each day. Ransomware inflicts extreme pain, leading to business closure or significant business disruptions. Vendors are developing technology architectures and approaches to solve for these challenges. Each technology and approach has […]
Read More
Blog

The Power And The Peril Of APIs

Sandy Carielli October 22, 2020
Every time we come up with new ways to build and deploy applications, we also come up with new ways to break them. Did SQL make it easier to access and manipulate large amounts of structured data? You bet, and it also led to SQL injection. Ready to join the cloud? Hope you didn’t put […]
Read More
Blog

Twenty Technologies Underpin Application Security

Sandy Carielli October 9, 2020
When I was working at @stake in the early 2000s, most of my client engagements were in application security. I did a number of code reviews that involved people handing me stacks of paper to go through. “Grep” was an important security tool. When I was involved in application penetration tests, we used a combination […]
Read More
Blog

National Insider Threat Awareness Month: Stop Insiders With Zero Trust

Joseph Blankenship September 3, 2020
The National Counterintelligence and Security Center (NCSC) and the National Insider Threat Task force (NITTF) partnered with US government agencies to kick off the second National Insider Threat Awareness Month this September. National Insider Threat Awareness Month was started in September 2019 with the goal to educate federal and industry employees about the risks posed […]
Read More

COVID-19: Responding, Managing, And Leading During A Pandemic

The latest insights and guidance for leaders to address the growing business and employee experience implications of COVID-19.

Blog

FORRward: A Weekly Read For Tech And Marketing Execs

Emily Collins September 1, 2020
Amazon Launches Halo, Its First Wearable Health Device For The Average (Budget-Conscious) Consumer This week, Amazon launched Halo, a screenless wearable device that can monitor activity, sleep, temperature, BMI, and emotion. At $99.99 (plus a small monthly service fee for advanced features), the Halo Band sits closer to Fitbit’s fitness trackers (ranging from $99.95–$169.95) than the Apple Watch ($400-plus). It focuses on what consumers want most: tracking fitness-related activity, […]
Read More
Blog

The Security Snapshot: Improving Your Security Posture During A Global Crisis

Joseph Blankenship August 24, 2020
The COVID-19 global pandemic was top of mind for security leaders (and everyone else) during the second quarter of 2020. Forrester’s security and risk (S&R) team focused on pandemic recovery and looked at myriad ways to renew your security program and give it new life — from the development of talent and the future of […]
Read More
Blog

A Look Back At Zero Trust: Never Trust, Always Verify

Chase Cunningham August 24, 2020
What exactly is Zero Trust? For those of you who’ve been hiding away in a cave for the past decade, Zero Trust (ZT) is a concept founded by Forrester alum John Kindervag in 2009 that centers on the belief that trust is a vulnerability, and security must be designed with the strategy, “Never trust, always […]
Read More
Blog

It’s Never The Data Breach — It’s Always The Cover-Up

Jeff Pollard August 21, 2020
What CISOs can learn from the case against Uber's former chief security officer.
Read More
Podcast

The Surprisingly Bright Future For CISOs

What It Means August 20, 2020
The CISO is no longer a terminal role. VP and Principal Analyst Jeff Pollard describes the abundance of options available for today’s CISO.
Listen Now

Webinar: Coronavirus Disruption in Europe

Gain actionable insights to guide European leaders during this challenging time. We'll cover the impact of COVID-19 on employee experience, lessons learned from APAC’s response so far, and how to build a comprehensive pandemic plan.

Blog

FORRward: A Weekly Read For Tech And Marketing Execs

Emily Collins August 17, 2020
This week’s edition of our FORRward series covers the latest tech news on Gong, revenue intelligence, People.ai, Chorus.ai, brand, zero-party data, future of work and movie making.
Read More
Blog

FORRward: A Weekly Read For Tech And Marketing Execs

Emily Collins August 10, 2020
Mobile Advertising Comes Under Scrutiny Most data deprecation discussions center on cookies and web browsers. But two recent moves broaden the aperture to include mobile environments, too. First, Apple announced iOS 14, which will prompt users on whether they want to let an app track them or “ask app not to track.” If a user picks the latter, the app can’t […]
Read More
Blog

There’s A Growing Blind Spot For Your Security Team During The Pandemic — IoT Devices

Christopher Sherman August 10, 2020
Businesses may not be able to dictate what devices employees keep on their home networks, there are still many options available to IT departments to protect company assets.
Read More
More posts