CSO Blogs

Forrester Research Blog

By Forrester Research

About this Blog:

Analysis from the security researchers of Forrester.

Read Forrester's Bio

Follow on Twitter

Is The Time Right To Spread Your Risk?

May 15, 2012 | As the broadening gap between our ambitions for a secure enterprise and our abilities to deliver on such a vision become self-evident, the time has come to pay equal attention to the poor cousin of risk management, “TRANSFER.”

CISOs Must Act As The Glue Between BC, DR And Security

May 03, 2012 | During the past three years, you may have noticed that security and risk professionals have added a new term to their lexicon – business resiliency. Is this just an attempt by vendors to rebrand business continuity (BC) and IT disaster recovery (DR) in much the same way that vendors rebranded...

Business Continuity Standards Don’t Matter -- But They Should

April 26, 2012 | The current state of business continuity management (BCM) standards? Abysmal. According to a joint Forrester/DRJ study, 69% of respondents said that British Standard (BS) 25999 did not influence or only somewhat influenced BCM at their company. It’s not much better for NFPA 1600, 70% of...

Zero Trust Identity: Go From "Identity-As-A-Service" To "IAM-As-An-API"

April 20, 2012 | App dev trends around the open Web are throwing a lifeline to IAM. The trick is to think in resource-centric,unified, and Internet-scale terms.

Communication And Coordination Should Be The Cornerstone Of Your BC Plan

April 13, 2012 | In a recent Forrester/DRJ joint survey on BC preparedness, of organizations that have invoked a BC plan in the last five years, 37% said that their BC plans had not adequately addressed communication.

Calculating Breach Costs: An Accounting Problem For Risk Management Strategy

April 10, 2012 | Calculating the cost of a data breach should be a part of every organization’s information security risk management strategy. But where does one begin, and what should be considered in cost estimates?

Nine Managed Security Services Providers (MSSPs) Compete In The North American Market

April 04, 2012 | Today's economic environment and mutating threat landscape are forcing CISOs to consider alternatives to simply insourcing information security.

Security & Risk Professionals: Leapfrog Your Global Competition. Rethink Security; Run At The Threat.

April 03, 2012 | One of the highest-stakes parts of my job as the leader of our Security & Risk business is the in-depth business review that I present to Forrester’s executive team twice a year. And I always start those presentations with a single slide in which I attempt to capture the Security & Risk...

Don’t Forbid Employees From Using The Escalator, Give Them Reasons To Use The Stairs

March 28, 2012 | Challenged by complex, confusing, and expensive regulatory requirements, it’s easy to overlook the critical role corporate culture plays in compliance and risk management. Without the right corporate culture, however, written policies and technical controls are meaningless.

A New Venn Of Access Control For The API Economy

March 12, 2012 |

Browse CSO Blogs

See all CSO Blogs »

Recent Comments

Webcasts

» View All Webcasts

White Papers

» View All White Papers