Proofpoint Acquires Nexgate: SRC Market Matures, But Still Lots Of “Points To Prove”

Nick Hayes

Yesterday, Proofpoint announced it will acquire social risk and compliance (SRC) vendor Nexgate for approximately $35 million.

The Acquisition Signals The SRC Market Is Maturing

This acquisition points to a budding and rapidly evolving SRC market. With the proliferation of social media, organizations face a slew of emerging regulatory challenges, brand threats, and security vulnerabilities – just look at recent incidents with Cole Haan, Zarbee’s, US Airways, British Gas, among countless others, even including our own US military. While once a niche market helping financial services firms meet FINRA obligations, SRC solutions now offer more than just compliance support, helping organizations better manage today’s wide gamut of social risks with social threat detection, account protection, and risk monitoring.

Proofpoint Has To Prove The Sum Is Greater Than Its Parts

Read more

Announcing The Social Risk & Compliance (SRC) Solutions Wave

Nick Hayes

Today we published a new Forrester Wave: Social Risk & Compliance (SRC) Solutions, Q2 2014. This report evaluates 10 vendors emerging to help organizations enable companywide use of social media while providing the necessary controls and oversight to mitigate associated risks and enforce compliance.

 

Why now

Use of social media today is rampant.

It’s no longer just your marketing team that uses social media for business purposes. Employees across the entire organization use social media for personal and professional reasons, leveraging social to drive real business for your company. The opportunities to enhance your brand, deepen customer relationships, and glean new customer insights are all too valuable to ignore -- but the risks are real too.

Moreover, the legal and regulatory landscape is evolving rapidly, complicating the ways in which you can manage social media and the myriad reputational, security, and privacy risks (among others) that expose your organization. To take advantage of these opportunities and still protect your company, you need new tools and technology to do this effectively.

 

What they do

Read more

Announcing The Forrester Wave: Governance, Risk, And Compliance Platforms, Q1 2014

Chris McClean

It’s once again time to tear open the GRC platform market and uncover all its amazing technical innovations, vendor successes, and impact on customer organizations. This afternoon, we published our latest iteration of the Forrester Wave: Governance, Risk, And Compliance Platforms.

My esteemed colleagues Renee Murphy and Nick Hayes joined me in a fully collaborative, marathon evaluation of 19 of the most relevant GRC platform vendors; we diligently pored through vendor briefings, online demos, customer reference surveys and interviews, access to our own demo environment of each vendor’s product, and as per Forrester policy, multiple rounds of fact checking and review. The sheer amount of data we collected is incredible.

No Longer Two Separate Waves

Many of you may remember that we published two Forrester Waves last time around: one for Enterprise GRC platforms and one for IT GRC platforms. As discussed in previous research, the lines between these distinct submarkets have been eroding for some time, and now it’s no longer worth separating the two.

Read more

TechnoPolitics Podcast: The Future Of Identity Management With Eve Maler

Mike Gualtieri

Eve Maler, Forrester TechnoPoliticsCome again? You mean to tell me that Eve Maler, one of Forrester's experts on emerging identity and security solutions, has never changed her Amazon password? Yep. She aptly points out that "Amazon has no password rules." While passwords aren't dead, she says, firms that rely only on passwords for identity management are vulnerable to serious breaches. Most firms have "terrible hygiene" when it comes to identity management.

In this episode of TechnoPolitics, Eve Maler discuss how firms like Amazon and Paypal use a "constellation" of risk-based authentication techniques and technologies to protect customers' identity. The courage to make tough calls — that's Eve.

Podcast Listening Options — The Future Of Identity Management

Click here to download the MP3 file for this episode.

Read more

Security and Operations Have More In Common Than You Think

Glenn O'Donnell

There is growing evidence of a harmonic convergence of Infrastructure and Operations (I&O) with Security and it is hardly an accident. We often view them as separate worlds, but it’s obvious that they have more in common than they have differences. I live in the I&O team here at Forrester, but I get pulled into many discussions that would be classified as “security” topics. Examples include compliance analysis of configuration data and process discipline to prevent mistakes. Similarly, our Security analysts get pulled into process discussions and other topics that encroach into Operations territory. This is as it should be.

Some examples of where common DNA between I&O and Security can benefit you and your organization are:

  • Gain economic benefit by cross-pollinating skills, tools, and organizational entities
  • Improve service quality AND security with the same actions and strategies
  • Learn where the two SHOULD remain separate
  • Combine operational NOC and security SOC monitoring into a unified command center
  • Develop a plan and the economic and political justifications for intelligent combinations
Read more