21 days ago

Risk Tech, Reg Tech – All The 2018 Tech

We recently published our Risk And Compliance Tech Tide report outlining 14 core technologies to track in 2018. One of the challenging parts of this research is setting the right scope. We found risk and compliance technology everywhere, covering every…

4 months, 18 days ago

Zero Trust on a Beer Budget

I have a good friend that has a small business (roughly 100 employees and 2 office locations, everything lives in the cloud, no real “network” to speak of) that is doing well.  A few weeks ago, over barbeque and range time (some folks play golf, we sho…

7 months, 10 days ago

Lacking Smart Third-Party Risk Regulation, JP Morgan Chase, Bank of America, Wells Fargo, And American Express Create Company, TruSight

  The third-party ecosystem continues to flummox risk managers. Regulators keep pushing for stronger oversight, but they fail to offer real standards or tools to make this possible. What’s worse, technology and service providers  have only h…

7 months, 16 days ago

TIP of the Iceberg: Research Announcement on Threat Intel Platforms

A common feature in the threat intelligence platform (TIP) space is aggregation of data and providing an interface for managing threat intelligence — this seems to be where the product visions diverge. While many of these platforms have been arou…

8 months, 19 days ago

Forrester.com Experienced A Cybersecurity Incident

Today, we announced that Forrester.com experienced a cybersecurity incident this week. To date, our investigation has determined that the attack was limited to research reports made available to Forrester clients on Forrester.com. There is no evidence that confidential client data, financial information, or confidential employee data was accessed or exposed as part of the incident. […]

8 months, 20 days ago

CSI: Your Network – Reconstructing the Breach

September 2017 was a busy month. Three major breach notifications in Deloitte, the SEC, and Equifax… and my first Wave dropped, coincidentally on Digital Forensics & Incident Response Service Providers. Following all this commotion, I had a client reach out and ask me how… How are investigators able to reconstruct digital crime scenes to identify […]