Zero Trust Model

There are two people in a wood, and they run into a bear. The first person gets down on his knees to pray; the second person starts lacing up his boots. The first person asks the second person, “My dear friend, what are you doing? You can’t outrun a bear.” To which the second person […]

One of the top challenges and misunderstandings that I continue to see here at Forrester is about what the definition of Zero Trust actually is. Zero Trust is not one product or platform; it’s a security framework built around the concept of “never trust, always verify” and “assuming breach.” Attempting to buy Zero Trust as […]

Senior Analyst David Holmes introduces Forrester’s new model for security and networking services.

Bad puns in the title of this blog post aside (queue the rolling of the eyes, sigh, and slight smirk), we are pleased to announce that “The Forrester Wave™: Privileged Identity Management (PIM), Q4 2020” is now live. While PIM vendors have been adding new capabilities and improved user experience over the past two years, […]

Anyone who has seen the show Hoarders knows how people who fill their houses with unneeded stuff can literally bury themselves in junk. Security and risk (S&R) pros who manage employee access to apps, databases, and systems should notice the Hoarders parallel when it comes to IT access: Many employees unknowingly acquire access over time, […]

The COVID-19 pandemic unequivocally changed how employers think the workforce could and should look like. As firms have been growing more acclimated to the “new normal,” insider threats, breaches, and employee unrest are on the rise. You need to know which security vendors fit your needs and which strategies to take. As we head into month […]

My wife has the good fortune of living with a security and risk pro who also happens to be a US Army intelligence officer, so she’s been previously scolded about lax security practices. I also point out how “hacking” scenes on TV and in movies are comical and inaccurate. Note: Said wife was not consulted […]

While Zero Trust (ZT) security is mainstream in the US and Europe, it has only just begun gaining momentum in Asia Pacific (APAC). Why now? The global pandemic has accelerated cloud migration and remote work at the same time that firms are grappling with rapidly changing regulations and mounting consumer pressure for improved data privacy. […]

It has never been more important for organizations to anticipate change, strengthen resilience, and become truly customer obsessed. Heading into 2021, technology — both new and existing — will help firms achieve these aims and emerge from the crisis on sound footing.

Forrester analysts from across the Asia Pacific region provide insights on what to expect in the year 2021.

Today, we published our newest round of evaluations for the Zero Trust eXtended (ZTX) ecosystem, “The Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q3 2020.” When we embarked on this journey, Research Associate Alexis Bouffard and I started with roughly 130 potential vendors. We narrowed that down to 38 vendors for the “Now Tech: […]

The National Counterintelligence and Security Center (NCSC) and the National Insider Threat Task force (NITTF) partnered with US government agencies to kick off the second National Insider Threat Awareness Month this September. National Insider Threat Awareness Month was started in September 2019 with the goal to educate federal and industry employees about the risks posed […]

What exactly is Zero Trust? For those of you who’ve been hiding away in a cave for the past decade, Zero Trust (ZT) is a concept founded by Forrester alum John Kindervag in 2009 that centers on the belief that trust is a vulnerability, and security must be designed with the strategy, “Never trust, always […]

Technically, the male praying mantis mates for life. If you know anything about the mating habits of the female sex of that particular insect, you now also understand the limitations of the word “technically.” Similarly, technically, TLS 1.3 and DNS-over-HTTPS (DoH) are improvements upon previous technologies that are supposed to improve security. But in reality, […]

If there’s one thing the COVID-19 pandemic has taught businesses, it’s how vital core infrastructure and operations are to an organization’s resiliency and dependability. But where does innovation fit into the new normal?

On March 31, Palo Alto Networks announced the intent to acquire CloudGenix, a software-defined WAN appliance vendor. This was another announcement in a long list from the security and networking industries about merging together SDWAN and security. Such combinations are inevitable because: SDWAN adoption hasn’t matched the hype. Here is a dirty little secret: SDWAN […]

At present, it is difficult to remember life before the COVID-19 pandemic, but a key switch that has happened is the large-scale shifting of the population to work at home, as widely documented. Some mobile operators in the UK recently have had a bit of a bumpy ride, with spotty coverage and outages experienced as […]