Zero Trust Model

Which security technologies should be getting the investment in 2023, and which ones should you be scaling back on? Find out in Forrester’s Planning Guide 2023: Security & Risk.

The guidance in the new memorandum enables federal civilian agencies to properly assign cyber-initiative funding toward the most critical areas. Here, we take a closer look.

Endpoint security and extended detection and response (XDR) vendor SentinelOne today announced the acquisition of Attivo Networks for just over $600 million. Attivo was a darling of deception technology, but SentinelOne was really after its Active Directory protection portfolio, including ADAssessor and ADSecure. Enterprise identity plays a critical role in the Zero Trust world mandated […]

Mandiant trades up from FireEye and finds a home within Google Cloud Platform.

What a time to be alive! Hot on the heels of Forrester’s release of our definition of modern Zero Trust (ZT), the US Office of Management and Budget (OMB) released a memo entitled Moving the US Government Toward Zero Trust Cybersecurity Principles. Coincidence? Yes. A big deal? Also, yes. If executed as mandated, not only […]

Zero Trust faces a bizarre dichotomy. Learn what it is — and perhaps more importantly what it isn't today.

Healthcare is going to see some dramatic change in the decade ahead. Find out which areas are most likely to be impacted and what leaders can do to set their healthcare organizations up for success.

Time and time again, we’ve heard these two burning questions from so many organizations: “How do we protect ourselves against ransomware?” and “Where do we start?” We’ve all seen the ransomware “research” landscape — littered with top-10 lists, vendor cure-alls (spoiler: don’t depend on one security tool to completely eradicate ransomware), and so many other […]

Maybe it’s the amazing talks coming up today and tomorrow at the Forrester Security & Risk (S&R) Forum or maybe I’ve watched “The Little Mermaid” with the family one time too many — either way, I was inspired to write a little ditty about the forum, sung to the tune of “Part of Your World.” […]

In its quest to add to its Zero Trust edge (ZTE), also known as secure access service edge (SASE), portfolio, Forcepoint acquired cloud security gateway (CSG), also known as cloud access security broker (CASB), provider Bitglass for a Forrester-estimated $200-300 million last week. Beyond the usual criteria (ability to retain marketing and development talent of Bitglass), […]

As renowned ghost hunter and solver of mysteries Scooby-Doo would say, “Ruh roh, Raggy!” It looks like more than ghosts are wreaking havoc on haunted networks. We’re less than a full week into October, and Cybersecurity Awareness Month isn’t quite taking shape the way we expected. Ostensibly, orgs decided to pivot and use this time […]

Healthcare data is low-hanging fruit for hackers. Learn how adopting a Zero Trust strategy can help keep your data safe.

We occasionally get asked this question: “Would Zero Trust have prevented [insert high-profile breach]?” The breach in question could be Equifax, SolarWinds, or the United States Office of Personnel Management. We haven’t been asked (yet) about the announcement from Microsoft this month, where they acknowledged that they were a target of, and indeed had an […]

With ransomware continuing as a high-impact problem (with seemingly no end in sight), we’ve put together some useful ransomware resources for security practitioners. Security and risk (S&R) pros can use these resources to help prevent, protect, detect, and respond to ransomware outbreaks. The links below are a mixture of Forrester’s own research and third-party links. […]

Forrester's security team sifts through the details of the new executive order on cybersecurity and looks forward at its long-term impact.

There are two people in a wood, and they run into a bear. The first person gets down on his knees to pray; the second person starts lacing up his boots. The first person asks the second person, “My dear friend, what are you doing? You can’t outrun a bear.” To which the second person […]

One of the top challenges and misunderstandings that I continue to see here at Forrester is about what the definition of Zero Trust actually is. Zero Trust is not one product or platform; it’s a security framework built around the concept of “never trust, always verify” and “assuming breach.” Attempting to buy Zero Trust as […]

Senior Analyst David Holmes introduces Forrester’s new model for security and networking services.

Bad puns in the title of this blog post aside (queue the rolling of the eyes, sigh, and slight smirk), we are pleased to announce that “The Forrester Wave™: Privileged Identity Management (PIM), Q4 2020” is now live. While PIM vendors have been adding new capabilities and improved user experience over the past two years, […]