Based on the West Coast, Senior Analyst Josh Zelonis is the newest addition to the S&R team. When he’s not out cruising his Harley, Josh is working with clients to adapt their architecture, policies, and processes to evolving threats and to develop robust incident response programs. His research focuses on threat intelligence, endpoint detection and response (EDR), malware analysis, pen testing/red teaming, forensics and investigations, and of course, incident response.
Prior to joining Forrester, Josh accumulated over 13 years of experience as a security practitioner with demonstrated success in product architecture, engineering, and security assessment roles. As a product architect, Josh helped design and build innovative technologies in the breach detection space, architecting both endpoint and appliance products with a focus on data collection and analytics. His background also includes extensive experience in security assessment roles including red team, vulnerability research, and compliance.
Listen to Josh’s conversation with me to hear about his biggest surprises since starting as a Forrester analyst, his most frequent client inquiries, and the topics he's excited to research in the coming year:
To download the MP3 version of the podcast, click here.
What do you foresee as the biggest threat to security and privacy in the United States in the next ten years?
A lifelong Atlanta Braves fan, Forrester Senior Analyst Joseph Blankenship longs for the mid-1990's with respect to his baseball team, but we promise that he looks to the future as he advises his clients on current and emerging security technologies. He covers security infrastructure and operations, including security information management (SIM), security analytics, and network security, and his research currently focuses on security monitoring, threat detection, operations, and management. Joseph has presented at industry events, been quoted in the media, and has written on a variety of security topics.
Joseph's over 10 years of security experience includes marketing leadership and product marketing roles at Solutionary (NTT), McAfee (Intel Security), Vigilar, and IBM (ISS), where he focused on managed security services, consulting services, email security, compliance and network security. As a marketing leader, Joseph helped to align client needs with marketing strategy, messaging, and go-to-market activities while educating users about security strategy. His background also includes extensive experience in the IT, telecommunications, and consulting industries with Nextel, IBM, Philips Electronics, and KPMG.
Listen to Joseph's conversation with VP, Research Director Stephanie Balaouras to hear about Joseph's biggest surprises since starting as a Forrester analyst, his most frequent client inquiries, and the topics he's excited to research in the coming year:
One of the S&R team’s newest additions, Principal Analyst Jeff Pollard comes to Forrester after many years at major security services firms. His research guides client initiatives related to managed security services, security outsourcing, and security economics, and integrating security services into operational workflows, incident response processes, threat intelligence applications, and business requirements. Jeff is already racking up briefings and client inquiries, so get on his schedule while you still can! (As a side note, while incident response is generally not funny, Jeff is. He would be at least a strong 3 seed in a hypothetical Forrester Analyst Laugh-Off tournament. Vegas has approved that seeding.)
Prior to joining Forrester, Jeff served as a global architect at Verizon, Dell SecureWorks, and Mandiant, working with the world's largest organizations in financial services, telecommunications, media, and defense. In those roles he helped clients fuse managed security and professional services engagements in security monitoring, security management, red teams, penetration testing, OSINT, forensics, and application security.
Forrester’s Security & Risk Analyst Spotlight - Chris Sherman
The title hasn’t yet been put to client vote, but Chris Sherman may be the renaissance man of Forrester’s S&R team. As an analyst, Chris advises clients on data security across all endpoints, giving him a broad perspective on current security trends. His experience as a neuroscience researcher at Massachusetts General Hospital also gives him insight into the particular challenges that Forrester’s clients in the healthcare industry face. Lastly, when he hasn’t been writing about endpoint security strategy or studying neural synapse firings, Chris flies Cessna 172’s around New England. Listen to this week’s podcast to learn about recent themes in Chris’s client inquiries as well as the troubles facing a particular endpoint security technology.
He declined to live tweet his upcoming wedding from the altar, but there is no doubt that Nick Hayes is the social media expert on Forrester’s S&R team. He has extensive knowledge of the security, privacy, archiving, and compliance challenges of social media, as well as the technical controls used to address them. He also specializes in the tools that monitor and analyze social data to improve oversight and mitigation tactics of myriad reputational, third-party, security, and operational risks. He is certainly aware of the reputational risk of staring at your cell phone when you’re supposed to say, “I do”, but maybe if you follow him (@nickhayes10), you might get lucky with a pic or two -- and some good risk thoughts to boot.
Last week, we learned that cybercriminals undermined the identity verification of the IRS’ Get Transcript app and gained access to the tax returns on 104,000 US citizens, so it’s only fitting in this analyst spotlight, we interview one of the team’s leading analysts for identity and access management (IAM), VP and Principal Analyst, Andras Cser. Andras consistently produces some of the most widely read research not just for our team but across all of Forrester. And clients seek his insight across a number of coverage areas beyond IAM, including cloud security, enterprise fraud management, and secure payments. As the tallest member of our S&R team at 6’5”, Andras also provides guidance to clients on the emerging fields of height intel and altitude management.
Once a month, my co-research director and partner in crime, Chris McClean, and I will use our blog to highlight one of the 26 people who collaborate to deliver our team’s research and services and always make Chris and I look really, really good. Each “Analyst Spotlight” includes an informational podcast and an offbeat interview with the analyst. This month’s Analyst Spotlight features our newest analyst, Martin Whitworth. Based in London and bringing experience as a CISO and Head of Security across several industries, Martin will cover the most pressing issues keeping CISOs reaching for another bourbon on the rocks, including security strategy, maturity, skills and staffing, business alignment, and everyone’s favorite pastime, reporting to the board.
Prior to joining Forrester, Martin served as CISO and senior security leader for a number of blue chip organizations, including Coventry Building Society, Steria Group, UK Payments Council, British Energy/EDF Nuclear Generation, and GMAC. In these roles, he developed and executed a variety of security strategies and programs, and he has extensive experience successfully engaging business and board-level stakeholders. He also has considerable experience as a trusted advisor to security leader peers in the public and private sectors internationally, as well as advising standards and regulatory bodies.
This month’s S&R Analyst Spotlight Podcast features a slight change to our usual program: we have a guest host! Chris McClean, our San Francisco-based Research Director, interviewed the newest addition to our analyst team, Merritt Maxim. Merritt’s coverage areas include identity and access management, access governance, federation, authentication, and role design and management. In our podcast, Maxim tells us about his career before Forrester, his planned coverage area and his current must-read book on security.
These Analyst Spotlights are all included in S&R’s First Look newsletters. Email firstname.lastname@example.org to be added to the list!
To download the mp3 version of the podcast, click here.
It's February: time for another S&R Analyst Spotlight Podcast! This month, Forrester VP, principal analyst, and Zero-Trust creator, John Kindervag, joins us. Listen in to learn more about John and his research. While you're at it, be sure to check out our First Look newsletter, which contains an interview with John along with links to his most recent and upcoming research. If you are not already signed up for our First Look newsletters, please email email@example.com.
Summer's winding down and it's time for people to get serious about closing out the year and looking forward to a digitally disruptive 2014. I can tell because the phone is ringing off the hook these days and nearly every call has the same focus: What steps can we take now to get the jump on digital disruption?
First, I'm thrilled to get these calls because implicit in the question is the belief that digital disruption is real. I've found that to be the case in the many months I've been on the road speaking about my book Digital Disruption and calling people to adopt the digital disruptor's mindset. Very few people doubt the unique power of digital disruption, in fact, they often have better examples of disruption to offer me than the ones I came prepared to talk about.
But after the mutual thrill of excitedly comparing case studies, these conversations have rapidly settled down to the same question: What can we do about it? It's precisely in that spirit that Tom Pohlmann, Forrester's Chief Marketing & Strategy Officer, sat down with me to get the straight scoop on what companies can do right away to understand and act on digital disruption. The result is an 18-minute interview that we're serving up as a podcast under the Forrester Talks Podcast. You can either listen to the whole thing in one shot (episode 1) or consume it in bite-size, topic-focused chunks under episodes 2, 3, and 4.