Merritt Maxim

VP, Research Director

Forrester Bio

Author Insights

Blog

What Crashing My Bike Taught Me About Cybersecurity Incident Response

Merritt Maxim October 18, 2022
(special thanks to my colleague Jess Burn who assisted with this blog) Faithful readers of my infrequent Forrester blog posts might remember my penchant for using analogies to discuss specific cybersecurity issues. I am pleased to continue that tradition, so I am going to discuss how crashing a bike is relevant to cybersecurity incident response. […]
Blog

New Security & Risk Planning Guide Helps CISOs Set 2023 Priorities

Merritt Maxim August 23, 2022
Which security technologies should be getting the investment in 2023, and which ones should you be scaling back on? Read a few key takeaways from our planning guide for security and risk leaders.
Blog

Insteon And The Internet Of Bricks

Merritt Maxim May 10, 2022
Last month, smart home provider Insteon appears to have shut down, rendering the Insteon hubs inoperable. Users were unable to control their IoT devices connected to the Insteon hub, such as smart lighting and appliances. The culprit appears to not be malicious malware but rather financial circumstances that have caused the company to cease operations. […]
Blog

SailPoint To Be Acquired By Private Equity Firm Thoma Bravo For $6.9 Billion

Andras Cser April 13, 2022
On Monday, April 11, 2022, identity management and governance (IMG) vendor SailPoint announced that it was being bought by private equity (PE) firm Thoma Bravo for $6.9 billion. This is not the first rodeo for Thoma Bravo with SailPoint; in 2014, the PE firm bought out SailPoint’s original venture capital investors and remained an owner […]
Blog

Okta Lapsus$ Compromise: How To Make Sure You’re Protected

Merritt Maxim March 24, 2022
On Tuesday, March 22, 2022, identity-as-a-service (IDaaS) provider Okta announced that it had detected an attempt to compromise the account of a partner in January 2022. The announcement came after the hacking group Lapsus$ posted screenshots of a computer used by one of Okta’s third-party customer support engineers. As one of the largest IDaaS providers with […]
Blog

Evolve Your IAM Strategy For Today’s Digital Employee And Customer

Merritt Maxim March 16, 2022
Identity and access management (IAM) is the control plane for determining a root of trust for all digital identities. Effective IAM must validate identities, secure access, manage privileges, and be optimized for hardened security, good user experience, and operational efficiency across all user populations — your workforce, partners, customers, and machine identities. Effective and efficient […]
Blog

Don’t Hit The Curb — Instead, Curb The Risk Of Emerging Technologies In 2022!

Andras Cser February 4, 2022
Find out why these five technology categories are causing security decision-makers the most concern.
Blog

Facebook Shuts Down Face Recognition System On Its Platform

Merritt Maxim November 4, 2021
Facebook's recently announced its decision to no longer use facial recognition in its platform. What does that mean for the long-term?
Video

Predictions 2022: Continued Uncertainty Forces Attention On Securing Relationships

Jeff Pollard October 28, 2021

Blog

Perspectives On One Identity’s Acquisition Of OneLogin

Merritt Maxim October 8, 2021
On October 4, 2021, identity and access management (IAM) vendor One Identity announced plans to acquire identity-as-a-service (IDaaS) vendor OneLogin for an undisclosed amount. Founded in 2009, OneLogin is an established pure-play IDaaS vendor that primarily serves midmarket enterprises, with a unified platform for employees, partners, and customers, and has raised over $170 million in […]
Blog

Okta Acquires Identity Orchestration And CIAM Vendor Auth0 For $6.5B

Andras Cser March 4, 2021
Forrester analysts take a detailed look at what's driving the unprecedented premium being paid in this acquisition.
Blog

New Research: Emerging Use Cases And Risks For Biometrics

Merritt Maxim October 1, 2020
Biometric authentication is a powerful technology with many compelling use cases but is not without controversy and distinct risks. What are users’ privacy rights in how biometric information is processed and stored? How are biometrics regulated around the world? How can the use of biometrics lead to discriminatory practices? What security shortcomings are associated with […]
Blog

FORRward: A Weekly Read For Tech And Marketing Execs

Emily Collins June 15, 2020
A Flash-Point Week For Facial Recognition Last week, IBM, Amazon, and Microsoft came out and made some big announcements on how they intend to halt or ban the use of facial recognition technology for law enforcement. At a time when privacy and civil rights dominate the zeitgeist, these values-based decisions will force much-needed dialogue on the ethics of facial recognition […]
Blog

A Flash-Point Week For Facial Recognition

Srividya Sridharan June 11, 2020
Our analysts address the five most pressing questions in the facial recognition debate.
Blog

The Security Snapshot: Embracing The New Norm

Merritt Maxim May 14, 2020
Our security analysts provide guidance for managing security and risk during the coronavirus pandemic.
Blog

New Technologies Expand The Physical Security Portfolio

Merritt Maxim April 23, 2020
In this new era of social distancing, the physical security world may seem less relevant. But the digital and physical worlds are converging. These dependent systems are increasingly tested to manage a diverse range of incidents ranging from extreme weather, malicious cyberattacks, terrorist attacks, and more. Emerging technologies like drones, antidetection systems, and 3D printing […]
Blog

Recapping RSA Conference 2020: The Human Element

Elsa Pikulik March 11, 2020
In prior years, the RSA Conference focused on themes such as Zero Trust, geopolitical risk, and automation. While those themes were still present at this year’s conference, it was harder to discern one dominant central theme for the conference. I inferred that “no new buzzwords” exemplifies the theme. This year’s RSA Conference suggested that the […]
Blog

Decade Retrospective: Cybersecurity From 2010 To 2019

Jeff Pollard December 17, 2019
From the Intel-McAfee deal to the Sony Pictures breach, VP and Principal Analyst Jeff Pollard reviews the past decade’s cybersecurity highlights and lowlights.
Blog

The Security Snapshot: Shaping The New Cybersecurity Culture

Merritt Maxim August 29, 2019
All managers understand that both recruiting top talent as well as crafting a winning team and company culture is crucial to high performance. However, 22% of security decision makers note their team being understaffed as one of their biggest security challenges. A further 20% list the unavailability of employees with the right skills as one […]
Blog

Broadcom Buys Symantec’s Enterprise Biz: Good News For Investors, Bad News For Enterprises

Merritt Maxim August 9, 2019
Yesterday, Broadcom announced a definitive deal to acquire the enterprise business of Symantec for $10.7 billion in cash. This deal caps weeks of speculation that Symantec was in play, initiated in May 2019 following the sudden resignation of Symantec CEO Greg Clarke in May and a downward revision to Symantec’s FY 2020 revenue guidance earlier […]
More posts