< Blogs
Home > Featured Blogs > Security Recommendations 2020: What To Focus On

Security Recommendations 2020: What To Focus On

, Principal Analyst

Sean Ryan, Senior Analyst

Melissa Bongarzone, Researcher

Our team of security and risk analysts spent the past few months brainstorming and curating tactical and strategic advice designed to improve your security programs for 2020 and beyond . . . and then along came the COVID-19 global pandemic. In the midst of this, firms are undergoing a shuffle of priorities to accommodate a new normal, including work-at-home protocols and changing economic conditions. But no matter the current stress, history assures us that we will recover, and when we do, the rest of the challenges will still be there waiting for us.

 

Even before COVID-19 changed our priorities, we themed 2020 recommendations around preparing for externalities (those threats that are out of our direct control). Some of the recommendations for 2020 are that you:

  • Make pandemic risk planning part of your new normal. Very few companies were ready for COVID-19. Implement any security measures you had to make on an emergency basis in a more permanent way to implement work-from-home thinking. Recovery will likely be staged with frequent or even permanent working from home for employees. And augment your pandemic risk management metrics to include more than the number of positive tests. This will help you identify and react to flare-ups should they occur.
  • Prioritize product security to gain a competitive differentiator. More product launches mean additional complex attack surfaces for the security pros to cover. To de-silo yourself in these efforts, push product security as a differentiator that can drive new business.
  • Adapt to climate change. Map out which risks pose the most eminent threats and follow that with a business impact analysis to understand short- and long-term impacts. This will enable business longevity against harsh climate conditions, help the firm align with the regulatory environment, and keep the company attractive to increasingly climate-conscious consumers.
  • Evaluate your third parties as a cascading risk. As third parties become more integral to your value chain, and as highlighted by COVID-19, it’s imperative to acknowledge their vulnerabilities and how to mitigate the risk. Start by cataloging your third-party relationships, implementing fifth- and sixth-party governance, and managing access of third parties to your systems as part of your Zero Trust strategy.

 

While adapting to the new normal, be visionary, as well: Look beyond the immediate crisis and incorporate the long view into your annual planning initiatives. Check out our 2020 top recommendations report and webinar to help you do this.

 

Categories

Get The Insights At Work Newsletter

Thanks for signing up.

Stay tuned for updates from the Forrester blogs.

Conquer Your GenAI Security, Risk & Privacy Fears

Learn how to identify and manage enterprise genAI risk across models, APIs, and applications — and follow paths to secure, trusted adoption.

Watch Now
Blog

Opposites Attract: LogRhythm And Exabeam To Merge

Allie Mellen 3 days ago
LogRhythm and Exabeam announced their intent to merge, representing another big change for the security analytics platform market. Find out what's driving the merger and what the implications could be.
Read More
Blog

Forrester’s RSAC 2024 Themes, Takeaways, And Observations

Jeff Pollard 3 days ago
More than 41,000 attendees, 600 exhibitors, and 425 sessions. Get some of the key themes and takeaways from the Forrester security & risk analysts who attended RSA Conference (RSAC) 2024.
Read More

Get The Insights At Work Newsletter

Thanks for signing up.

Stay tuned for updates from the Forrester blogs.