Jeff Pollard
@jeffpollard2.bsky.social
VP & Principal Analyst @Forrester covering #infosec, #cybersecurity, #privacy. Primary focus areas CISO Leadership, Security Services, and Emerging Technology.
AI governance just got easier. Forrester’s AEGIS Framework crosswalks NIST, ISO 42001, EU AI Act, OWASP, and MITRE. This gives CISOs a clear path to trust and governance for AI. Forrester AEGIS: The New Standard For AI Governance here: www.forrester.com/blogs/forres...
Forrester AEGIS: The New Standard For AI Governance
Explore Forrester’s AEGIS AI governance crosswalk mapping NIST AI RMF, ISO 42001, EU AI Act, OWASP, and MITRE so CISOs can prioritize high‑yield controls.
www.forrester.com
October 22, 2025 at 6:54 PM
AI governance just got easier. Forrester’s AEGIS Framework crosswalks NIST, ISO 42001, EU AI Act, OWASP, and MITRE. This gives CISOs a clear path to trust and governance for AI. Forrester AEGIS: The New Standard For AI Governance here: www.forrester.com/blogs/forres...
AI red teaming should be more than prompt bombing clever prompts. But today's AI red team market is a mix of products, services, and hybrid approaches that can befuddle...everyone. Here's How To Build AI Red Teams That Actually Work here: www.forrester.com/blogs/how-to...
How To Build AI Red Teams That Actually Work
AI red teaming blends offensive testing and safety checks to uncover risks in models, apps, and infrastructure.
bit.ly
September 30, 2025 at 8:09 PM
AI red teaming should be more than prompt bombing clever prompts. But today's AI red team market is a mix of products, services, and hybrid approaches that can befuddle...everyone. Here's How To Build AI Red Teams That Actually Work here: www.forrester.com/blogs/how-to...
$2.0+ billion dollars, 8 vendors, 8 acquisitions in 18 months. There’s a securing AI feeding frenzy happening in cybersecurity that is reshaping vendor platforms.Give this a read to find out why it matters and what it means: www.forrester.com/blogs/securi...
Securing AI's M&A Feeding Frenzy Is On
Explore how recent cybersecurity acquisitions are transforming AI security. Learn what CISOs must do to manage enterprise risk, vendor consolidation, and new threats like prompt injection.
bit.ly
September 22, 2025 at 4:39 PM
$2.0+ billion dollars, 8 vendors, 8 acquisitions in 18 months. There’s a securing AI feeding frenzy happening in cybersecurity that is reshaping vendor platforms.Give this a read to find out why it matters and what it means: www.forrester.com/blogs/securi...
Vibe Hacking And No-Code Ransomware: AI’s Dark Side Is Here: Anthropic’s August 2025 Threat Intel Report is one of the most fun reads of the year. We summarize some of the key elements and offer CISOs advice on what to do about it here: www.forrester.com/blogs/vibe-h...
Vibe Hacking And No-Code Ransomware: AI’s Dark Side Is Here
AI is no longer just a tool for defenders; it’s now a weapon in the hands of cybercriminals.
www.forrester.com
August 28, 2025 at 5:21 PM
Vibe Hacking And No-Code Ransomware: AI’s Dark Side Is Here: Anthropic’s August 2025 Threat Intel Report is one of the most fun reads of the year. We summarize some of the key elements and offer CISOs advice on what to do about it here: www.forrester.com/blogs/vibe-h...
MCP Doesn’t Stand For Many Critical Problems…But Maybe It Should For CISOs www.forrester.com/blogs/mcp-do...
MCP Doesn’t Stand For Many Critical Problems…But Maybe It Should For CISOs
MCP and A2A protocols power agentic AI but introduce major security risks. Learn what CISOs need to know to secure autonomous systems.
www.forrester.com
July 22, 2025 at 3:27 PM
MCP Doesn’t Stand For Many Critical Problems…But Maybe It Should For CISOs www.forrester.com/blogs/mcp-do...
My coauthor @jessburn.bsky.social and I just released our work on security platforms. We don't attempt to articulate all the various products that comprise a platform. Instead, we focus on the components, outcomes, and benefits platforms bring. Give the blog a read: www.forrester.com/blogs/how-to...
How To Choose A Security Platform Without Getting Burned
Not all security platforms are created equal. Get five tips on how to separate real platforms from glorified product bundles.
bit.ly
June 30, 2025 at 1:39 PM
My coauthor @jessburn.bsky.social and I just released our work on security platforms. We don't attempt to articulate all the various products that comprise a platform. Instead, we focus on the components, outcomes, and benefits platforms bring. Give the blog a read: www.forrester.com/blogs/how-to...
Zscaler announces its intent to acquire Red Canary. SSE meets MDR in a platform play.
The Good: Visibility boost
The bad: Integration unknowns
The concerning: Culture clash?
Check out the full blog from us here: bit.ly/44Z9vYC
The Good: Visibility boost
The bad: Integration unknowns
The concerning: Culture clash?
Check out the full blog from us here: bit.ly/44Z9vYC
Zscaler Snatches Up Red Canary: The Good, The Bad, And The Concerning
Zscaler acquires Red Canary, bringing MDR and Zero Trust together. Check out Forrester's analysis of the good, the bad, and the concerning.
bit.ly
May 28, 2025 at 10:52 PM
Zscaler announces its intent to acquire Red Canary. SSE meets MDR in a platform play.
The Good: Visibility boost
The bad: Integration unknowns
The concerning: Culture clash?
Check out the full blog from us here: bit.ly/44Z9vYC
The Good: Visibility boost
The bad: Integration unknowns
The concerning: Culture clash?
Check out the full blog from us here: bit.ly/44Z9vYC
Action packed week in webinars! In just a few minutes Merritt Maxim, Alla Valente, and I will be delivering a webinar on "Leading Through Volatility" for security leaders. Forrester clients can register here: www.forrester.com/webinar/Lead...
LinkedIn
This link will take you to a page that’s not on LinkedIn
lnkd.in
April 22, 2025 at 2:35 PM
Action packed week in webinars! In just a few minutes Merritt Maxim, Alla Valente, and I will be delivering a webinar on "Leading Through Volatility" for security leaders. Forrester clients can register here: www.forrester.com/webinar/Lead...
RSAC Launch Pad and Innovation Sandbox represent two major chances for new vendors to show where our industry is headed. Heidi Shey and I give you a glimpse here: RSAC 2025 Early-Stage Expo Preview: AppSec, IAM, GenAI, SecOps, And More www.forrester.com/blogs/rsac-2...
RSAC 2025 Early-Stage Expo Preview: AppSec, IAM, GenAI, SecOps, And More
As we put together our game plan for what to see at RSA Conference 2025, we want to scope out innovation. Here's trends to know going in.
www.forrester.com
April 8, 2025 at 6:32 PM
RSAC Launch Pad and Innovation Sandbox represent two major chances for new vendors to show where our industry is headed. Heidi Shey and I give you a glimpse here: RSAC 2025 Early-Stage Expo Preview: AppSec, IAM, GenAI, SecOps, And More www.forrester.com/blogs/rsac-2...
Finally there's a threepeat worth talking about in 2025...in this case it's me finishing and releasing the third and newest edition of the MDR Wave! Give the blog a read! Announcing The Forrester Wave™: Managed Detection And Response Services, Q1 2025! forrester.com/blogs/announ...
Announcing The Forrester Wave™: Managed Detection And Response Services, Q1 2025!
The third installment of the Forrester Managed Detection and Response (MDR) Services Wave™ is now live. There’s so much to love about the MDR market: fantastic providers, engaged clients, and meaningf...
www.forrester.com
February 27, 2025 at 8:27 PM
Finally there's a threepeat worth talking about in 2025...in this case it's me finishing and releasing the third and newest edition of the MDR Wave! Give the blog a read! Announcing The Forrester Wave™: Managed Detection And Response Services, Q1 2025! forrester.com/blogs/announ...
In pursuit of sustaining their success, MDR providers now offer a wild mix of services that sometimes make MDR better and other times just satisfy investors chasing growth. For more read what @jessburn.bsky.social and I just released: www.forrester.com/blogs/choose...
Choose Your Own MDR Adventure: Avoid The Free-For-All Of “New” MDR Services
Managed detection and response (MDR) has successfully claimed the crown of all managed security services for making and keeping clients happy.
bit.ly
February 5, 2025 at 8:12 PM
In pursuit of sustaining their success, MDR providers now offer a wild mix of services that sometimes make MDR better and other times just satisfy investors chasing growth. For more read what @jessburn.bsky.social and I just released: www.forrester.com/blogs/choose...