security & risk

Insights

BLOG

Security So Simple A 10-Year-Old Can Do It

Chase Cunningham 6 days ago
It’s the summertime, and my daughters are home from school. During the day, this means it’s a constant struggle between them arguing about who is doing what or listening to them laugh at YouTube videos at the top of their lungs while I try to answer work calls as the dogs bark and fight inches […]
Read More
BLOG

Infosecurity Europe 2019: Incremental Evolution Rather Than Revolution

Paul McKay June 7, 2019
I have spent the last three days attending Infosecurity Europe 2019, the largest security trade show in the UK and Europe. As ever, before coming I have tried to predict the big theme or trends that CISOs should take note of. However, the show is very similar to last year, with incremental evolution of products […]
Read More

Future-Proof Your Business With Zero Trust

Prioritize your next steps towards a Zero Trust strategy and architecture.

BLOG

Unconventional Wisdom: Explore Paying The Ransom In Parallel With Other Recovery Options

Josh Zelonis June 4, 2019
Your organization has just received ransom notices across your infrastructure, informing you of what you already fear. All your critical business data has been encrypted. You are angry that someone’s moved your cheese, and you don’t want to reward them for it. Your emotions are confirmed by advisors who give you the conventional advice: “Don’t […]
Read More
BLOG

PSD2 Security Requirements Are Restricting Fintech Innovation

Paul McKay May 30, 2019
I have recently released a new report looking at the second phase of the Payment Services Directive (PSD2) and its security requirements along with my colleagues Jacob Morgan and Andras Cser. Banks and financial institutions are currently hard at work building APIs and testing their Strong Customer Authentication (SCA) solutions. Banks need to comply with […]
Read More
BLOG

Can RegTech Get Us From Compliance To Competitive Advantage?

Alla Valente May 29, 2019
Buzzwords are the bane of my existence! As a former SaaS tech marketer, I’ve used my fair share. Since joining Forrester a month ago as an analyst on the security and risk team, one of the buzzwords I’m hearing most is “RegTech.” RegTech isn’t just hype. Forrester defines RegTech as the technology-enabled transformation of the […]
Read More
BLOG

Who Moved The Communications Services Sector?

Abhijit Sunil May 14, 2019
Success in the communications services sector is indeed a capricious piece of cheese. As new technologies mature, the distinction between technology, media, and telecommunications industries blur. Navigating this space to sustain growth and competitive edge is no easy task for the CxO.
Read More
BLOG

CVS Agency Decision Signals A New Era In Partner Strategies: Values Vetting

Brigitte Majewski May 6, 2019
CVS Health announced that it would not work with agencies who have tobacco or e-cigarette clients. Read our analysis of the move and why agencies should expect more companies to make these kinds of moves in the future.
Read More

Reinvent Your Security Strategy With Zero Trust

Just as your business becomes increasingly data-centric, so must your security strategy and architecture.

BLOG

The Growing Legal And Regulatory Implications Of Collecting Biometric Data

Merritt Maxim May 2, 2019
In the last few years, biometric technologies from fingerprint to facial recognition are increasingly being leveraged by consumers for a wide range of use cases, ranging from payments to checking luggage at an airport or boarding a plane. While these technologies often simplify the user authentication experience, they also introduce new privacy challenges around the […]
Read More
BLOG

Zero Trust Goes Mainstream In Europe

Paul McKay April 25, 2019
Over the Easter weekend, we released a new research report looking at implementing Zero Trust in Europe. When we started, we knew that a one-size-fits-all approach would not work in Europe. In addition, general awareness of the Zero Trust security model is much lower in Europe than in the US. Unheard of 12 months ago […]
Read More
BLOG

The Security And Privacy Implications Of Drones

Merritt Maxim April 22, 2019
Over the past few years, drones have transitioned from military-only applications into a strategic asset that is transforming a range of industries such as construction, real estate, insurance, and agriculture. Yet while drones introduce a range of use cases, the growth of drones also represents a new physical threat that demands the attention of security […]
Read More
BLOG

Understanding The Evolving DRP Market

Josh Zelonis April 19, 2019
Sixty-four percent of global security decision makers recognize that improving their threat intelligence capabilities is a high or critical priority. Nevertheless, companies across many industries fail to develop a strategy for achieving this. Among the many reasons why organizations struggle to develop a threat intelligence capability, two stand out: Developing a mature threat intelligence program […]
Read More
BLOG

The MITRE ATT&CK Framework Is Not A Bingo Card

Josh Zelonis April 17, 2019
Beware the fallacy of composition. Josh Zelonis breaks down common misconceptions about what MITRE ATT&CK can and can’t tell you.
Read More
BLOG

Riding The Wave Of Zero Trust Means That You Must Paddle Out

Chase Cunningham April 15, 2019
Since RSA this year, the drumbeat of Zero Trust across the market has continued to grow louder. Almost daily, the inquiries and conversations around Zero Trust and ZTX are coming in at an ever-increasing rate. That’s a good thing. In truth, most of the inquiries are from end user clients now, vice the vendor side […]
Read More
BLOG

Take A Stand For Consumer Privacy: The Anti-Surveillance Economy

Jeff Pollard April 12, 2019
Consumer data misuse has lit up the headlines and eroded trust. From the ashes of these corporate scandals will rise a new industry: the anti-surveillance economy. Read what this means for companies that monetize consumer data.
Read More
BLOG

The Security Snapshot: 10-Year Challenge

Stephanie Balaouras April 11, 2019
At the start of the new year, a meme called the 10-Year Challenge went viral. The premise is simple: Post a photo of yourself in 2009 and a photo of yourself in 2019 to highlight certain changes that may have taken place in that time. Besides the security concerns of social media sites potentially mining […]
Read More
BLOG

Cyber Catalyst Brings Minimal Value To Businesses

Heidi Shey April 8, 2019
In late March, Marsh announced the launch of a program with a number of leading cyberinsurance firms including Allianz, AXA, Beazley, XL, and Zurich to evaluate cybersecurity products and services. Products that meet a minimum standard of criteria receive the designation of “Cyber Catalyst” for their effectiveness in reducing cyber risk. The intent is for […]
Read More
BLOG

Our Security Recommendations Will Help You Handle The Worst Of What 2019 Throws At You

Jeff Pollard March 25, 2019
Today we released our 2019 security & risk recommendations report. We collected contributions from our colleagues across the Forrester security & risk team to identify the most important actions security leaders should take in 2019. Turns out, things are getting better for S&R pros, but challenges still remain. Security leaders have earned board-level visibility, privacy […]
Read More

 

Collaborate To Tackle Your Challenges

Learn and co-create with a council of your peers.

BLOG

The Tao Of Zero Trust

Chase Cunningham March 25, 2019
Our framework solves the architectural and operational issues with Zero Trust — namely, how to get started and how to sustain a Zero Trust approach.
Read More
BLOG

Make No Mistake — Microsoft Is A Security Company Now

Josh Zelonis March 22, 2019
Microsoft has announced support for macOS in its rebranded Microsoft Defender ATP product, taking this product from being an offering that could be considered an add-on for hardening its own operating system to a multiplatform security solution. While this is an early release, it is a clear signal of the investment Microsoft is making to […]
Read More
VIDEO

The Forrester Wave™: Managed Security Services In Asia Pacific, Q1 2019 Identifies The 11 Most Important Vendors

Jinan Budge March 13, 2019
CISOs in Asia Pacific must justify their spending and articulate the business value of often expensive investments in managed security to a largely non-security audience of executives. Currently, this is nearly impossible: Many managed security service providers (MSSPs) continue to go to market with messaging that is technology-centric and blind to the benefits they provide […]
Watch Now
More posts