zero trust

Insights

BLOG

Zero Trust Goes Mainstream In Europe

Paul McKay April 25, 2019
Over the Easter weekend, we released a new research report looking at implementing Zero Trust in Europe. When we started, we knew that a one-size-fits-all approach would not work in Europe. In addition, general awareness of the Zero Trust security model is much lower in Europe than in the US. Unheard of 12 months ago […]
Read More
BLOG

Riding The Wave Of Zero Trust Means That You Must Paddle Out

Chase Cunningham April 15, 2019
Since RSA this year, the drumbeat of Zero Trust across the market has continued to grow louder. Almost daily, the inquiries and conversations around Zero Trust and ZTX are coming in at an ever-increasing rate. That’s a good thing. In truth, most of the inquiries are from end user clients now, vice the vendor side […]
Read More

Reinvent Your Security Strategy With Zero Trust

Just as your business becomes increasingly data-centric, so must your security strategy and architecture.

BLOG

The Tao Of Zero Trust

Chase Cunningham March 25, 2019
Our framework solves the architectural and operational issues with Zero Trust — namely, how to get started and how to sustain a Zero Trust approach.
Read More
BLOG

Don’t Drink From A Poisoned Well — Mitigate Supply Chain Risk With Zero Trust

Josh Zelonis March 25, 2019
Motherboard and Kaspersky unveiled that hackers compromised a server of computer manufacturer ASUS’s live software update tool to install a malicious backdoor on thousands of computers. The malicious file was able to masquerade as an authentic software update as it was signed with legitimate ASUS digital certificates. The manufacturer unwittingly pushed out the backdoor to […]
Read More
PODCAST

Strategy, Not Technology, Is The Key For Better Cybersecurity

What It Means March 14, 2019
The tagline for this year’s RSA Conference was “Better.” According to Forrester VP and Group Director Laura Koetzle, this tagline is apt. Cybersecurity is a jigsaw puzzle still in its box: All the tech pieces are there, but forging the right configurations and strategies remains a to-do for most.
Listen Now
BLOG

OK, Zero Trust Is An RSA Buzzword — So What?

Chase Cunningham March 11, 2019
Last week was the annual RSA Conference. Estimates are that more than 45,000 security personnel, business professionals, and leaders attended the event, up from 35,000 last year. Regardless of the numbers, it was an epic display of how prevalent cybersecurity has become. As expected, a few buzzwords rang throughout the Moscone Center halls. Artificial intelligence, […]
Read More
BLOG

Eating Our Own Zero Trust Dog Food

Chase Cunningham February 1, 2019
It is high time for Forrester to demonstrate Zero Trust in a practical application scenario, our upcoming virtual reference architecture project aims to do just that.
Read More

Are You Ready For Zero Trust?

Zero Trust requires mastery of six competencies; learn your organization’s strengths and weaknesses.

PODCAST

Zero Trust: Your Knight In Cyber Armor

What It Means November 29, 2018
2019 will be a year of unprecedented cyberthreats to companies, and one major brand will lose valuation of more than 25% due to a cyberattack. Principal Analysts Jeff Pollard and Chase Cunningham explain why Zero Trust is the best defense.
Listen Now
BLOG

The Forrester Wave™: Zero Trust eXtended (ZTX) Ecosystem Providers, Q4 2018 — Truth

Chase Cunningham November 15, 2018
We just wrapped up five months of in-depth research focused on providing some clarity into what technologies from which vendors actually enable Zero Trust (not just talk about it). It didn’t take long to discern those among the vendor community that really embraced the strategic benefits of Zero Trust — and those that seemed to just […]
Read More
BLOG

Computational Propaganda: How Your Organization Could Be Attacked Like A Politician

Chase Cunningham October 18, 2018
Sending malicious payloads and packets is no longer the standard in threat operations. In today’s world of massive social media presence and influence, malicious actors can bring an organization to its knees — 280 characters at a time. This isn’t an attack on your infrastructure but an attack of computational propaganda aimed to shape a divisive […]
Read More
BLOG

How I Almost Got Phished And Why Training Isn’t Enough

Josh Zelonis October 5, 2018
I received a text message the other day that looked a lot like what I might get from my bank if I triggered some antifraud check. The timing was impeccable; I had just used the card to pay for takeout and had walked out to my motorcycle to head home. When I initially got the […]
Read More
BLOG

Security Is Embracing Zero Trust; Get Your Federal Team In Sync

Chase Cunningham August 10, 2018
Historically, industry is more forward-leaning than government when it comes to innovation — at least at the unclassified level. But unlike most industries, the US government is driving the cybersecurity market and has been for almost the last decade. Federal fingerprints are everywhere: Where did cybercompliance start? Where did the first frameworks for cyber operations originate? […]
Read More

Predictions 2019

The year that transformation goes pragmatic.

BLOG

Cybersecurity And Professional Sports: Securing The Internet Of Sports

Merritt Maxim July 25, 2018
Over the past few years, companies in all markets have embraced digital transformation, whether it is financial services finding new mechanisms to engage with customers or manufacturers adding sensors and other data collection components into their operational processes. These digital transformation efforts are about leveraging digital insights to drive better outcomes. Digital transformation has value in the […]
Read More
BLOG

“That’s Not My Job”: I&O’s Role Shift When It Comes To Security

Chris Gardner June 25, 2018
In the halcyon days of my sysadmin youth, my team was asked to perform entitlement reviews on sensitive systems. When we were asked to determine who should have access to what, my director responded in a way I would never forget: “That’s not my job.” It sounds snarky, but he was correct. It wasn’t our […]
Read More
BLOG

"That’s Not My Job": I&O’s Role Shift When It Comes To Security

Chris Gardner June 25, 2018
In the halcyon days of my sysadmin youth, my team was asked to perform entitlement reviews on sensitive systems. When we were asked to determine who should have access to what, my director responded in a way I would never forget: “That’s not my job.” It sounds snarky, but he was correct. It wasn’t our […]
Read More
BLOG

Next-Generation Access and Zero Trust

Chase Cunningham March 27, 2018
A few years ago, the concepts of microsegmentation and microperimeters for Zero Trust were championed by former Forrester analyst John Kindervag. He showed us how those concepts and their technologies could enable a more secure enterprise. Once those concepts and their associated best practices hit the street, organizations from VMware to Cisco Systems to Palo […]
Read More
BLOG

Zero Trust on a Beer Budget

Chase Cunningham February 7, 2018
I have a good friend who has a small business (roughly 100 employees and two office locations; everything lives in the cloud, no real “network” to speak of) that is doing well. A few weeks ago, over barbecue and range time (some folks play golf, we shoot guns . . . it’s a Texas thing), […]
Read More
BLOG

What ZTX means for vendors and users

Chase Cunningham January 23, 2018
I am a huge fan of Zero Trust—the simplicity of the concept resonates with clients that read the research authored previously by John Kindervag and more recently myself. The framework’s intrinsic value to security and business processes is readily evident to those who explore how it benefits their security needs.  If we’re honest about Zero […]
Read More
BLOG

Energy Is Embracing Zero Trust, All Industries Should Too

Stephanie Balaouras May 11, 2017
I recently heard a segment on WBUR (a public radio station in Boston) on the emergence of microgrids and I was amazed at how much the concept of microgrids closely aligned with the concept of microperimeters within our Zero Trust model of information security. Zero Trust is a conceptual and architectural model for how security […]
Read More
BLOG

Zero Trust for MeatWare: It Applies to Us Humans Too

Chase Cunningham May 3, 2017
Zero Trust principles have, thus far, been mainly aimed at the network and the technology that makes our interconnected systems “live.” That’s how the concept was originally meant to be applied, but the reality of the threat vectors and need for better security capabilities means that Zero Trust has to adapt just like everything else […]
Read More
More posts