Security & Risk Professionals

Get the tools and insight you need to:

Prepare for next-generation security architectures
Run a business-oriented security program
Achieve and maintain IT compliance
Adopt a structured approach to governance, risk, and compliance
Protect the organization's information assets

Featured Research

Best Practices: Security Metrics

Security metrics are a key initiative for many chief information security officers (CISOs) today, but many of them struggle with picking the right security metrics and translating the operational measurements into meaningful metrics for business. Forrester interviewed more than 20 companies in various stages of their security metrics programs, and some that have successfully implemented them, to glean best practices and lessons learned from those efforts. The three main themes that came out of this research are: Be very selective in picking your security metrics, think beyond the security organization, and focus on reporting and presentation.

Evolving Enterprise Security

From: Forrester's Security Forum 2007

Presented by: Jonathan Penn, Vice President, Principal Analyst

Forrester Vice President Jonathan Penn's six predictions for the future of risk-driven security, including identity as a service, and trust networks that allow us to exchange and enforce policies across boundaries.

Search Forrester

View all Forrester Research topics

Talk to us

Call Forrester toll free at

1 866 FORRESTER

(1 866.367.7378 or 1 617.613.5730)
8 a.m.-5:30 p.m. Eastern time

Europe
+44 20 7323 7730
09:00-17:30 local office time

Email: Forrester Client Support

Most Recent Research

Lower IT Spending Means Protecting Your Security Budget

by Simon Yates

What The US Recession And Tech Slowdown Mean For The Security And Risk Professional

by Simon Yates

Securing Next-Generation Information Architectures

by Noel Yuhanna

Case Study: Unisys Takes Its Own Authentication Medicine

by Bill Nagel

CISOs Must Take The Lead On Business Resiliency

by Stephanie Balaouras, Chris McClean

Forrester Research published in the last seven days

Consulting

Security & Risk professionals must establish and enforce security standards and policies that protect the company's intellectual property, data, employees, and customers, while assessing the probability of security breaches and balancing the benefits of data accessibility with potential losses from exposure.

Forrester can help you:

Build identity access management.
Manage governance, risk, and compliance across the enterprise.
Prepare security leadership for change and growth.

Executive Programs

Members of the Security & Risk Management Council are CISOs and security executives from organizations that place a high priority on proactively managing security and risk. The Council's focus is on managing business risks and cutting costs while improving service, and measuring work architecture enhancements. Members gain insight and share best practices on developing and measuring a high-performing security and risk management organization.

Free Research

Topic Overview: Corporate Social Responsibility

by Chris McClean

Topic Overview: Identity And Access Management

by Andres Cser

Topic Overview: IT Security

by Jonathan Penn

Topic Overview: Governance, Risk, And Compliance

by Chris McClean, Michael Rasmussen

The State Of Federation

by Andres Cser

See more free research