In February 2025, I transitioned to the position of vice chairman and analysis director for worldwide safety and risk. With the change, I’m extending my remit from efficiently main our APAC Safety & Threat Forrester Choices enterprise to our well-established EMEA perform. I additionally transfer from a person contributor position to 1 the place I’m main a staff of extraordinary folks, and I’m now answerable for our collective analysis agenda throughout EMEA and APAC. As I deep-dive into our backgrounds, current analysis, and capabilities, I really feel a way of pleasure, hope, and pleasure on the alternative forward. As a staff, we cowl a large number of safety and threat priorities (see determine beneath). We’re additionally geographically distributed throughout six nations in Europe and Asia Pacific — nobody else is as uniquely positioned so as to add this degree of worldwide perspective to our analysis and our shoppers. In my excitement and anticipation, I’d prefer to introduce you to our newly shaped staff and our 2025 priorities:
- Paul returns to the analyst chair, supporting Forrester’s world enterprise and cyber threat administration and maturity evaluation. Fortunately for us, Paul McKay made the choice to get again within the analyst chair as VP and principal analyst, working with Alla Valente and Cody Scott to globally help cyber threat administration analysis. Paul has already delivered some arduous–hitting analysis and blogs which have the potential to maneuver our shoppers to do vital issues. This consists of refreshing Forrester’s Info Safety Maturity Mannequin (FISMM) and an informative weblog outlining the important thing dangers within the 2025 WEF International Dangers Report. Paul can even be engaged on key know-how and repair markets, together with governance, threat and compliance (GRC) platforms. He’ll additionally reclaim his prior cyber threat scores protection, main a Forrester Wave™ analysis in 2026, and he’ll consider threat consulting providers.
- Tope leans into his background to ship pragmatic ZT, MDR, and digital identification analysis. With a global background in safety structure, penetration testing, and advisory, Tope Olufon’s analysis displays this background, main Forrester’s Managed Detection And Response (MDR) Europe, quickly to publish a panorama and a Wave analysis in 2025. He works with our zero belief (ZT) colleagues, with a deal with making ZT pragmatic, delivering our analysis on How To Construct A Zero Belief Roadmap. Tope is at present writing analysis on the right way to assume like an attacker, with a purpose to use offensive safety methods to uplift ZT capabilities. Leaping off his analysis on Europe’s fragmented, however hopeful, digital identification panorama, Tope will proceed to drive our analysis on digital identification market developments and their sensible functions within the office.
- Madelein units herself a broad and impressive agenda, protecting safety org construction, consulting providers, resilience regs, and API safety. Madelein van der Hout has an formidable agenda for 2025. She is ramping to steer Forrester’s analysis on safety organizational construction and working fashions, a extremely requested matter by our shoppers (heads up: We’ll be calling out for analysis interviews shortly). She continues to steer the Cybersecurity Consulting Europe Forrester Wave analysis, to be revealed in 2025. Madelein will help Amy DeMartine’s analysis on operational resilience in 2024, specializing in rules and mandates, particularly DORA — a scorching matter for our shoppers. She additionally has plans to double-click on her 2024 API Safety protection with Sandy Carielli, giving our shoppers a nicely–wanted API safety roadmap.
- Enza and Meng enrich our worldwide analysis, main on privateness, belief, AI regs, IAM, and menace intel. Enza Iannopollo joined Forrester across the similar time as I did, and it’s been an honour following her profession path turning into one of many world’s most sought–after consultants on Privateness and BeliefEthics — one of many uncommon individuals who earns standing ovations to privateness keynotes. She has led vital analysis on the EU AI Act, how sellers can belief using generative AI, and artificial information. Meng Liu heralds from a funds background, increasing his protection in recent times to adjoining areas in fraud administration, anti-money laundering, and identification verification in collaboration with Andras Cser. Meng noticed his research as a pure transition to safety and threat, and can collaborate with Jitin Shabadu to broaden his protection in APAC to menace intelligence, particularly given how adjoining it’s to fraud associated points, similar to impersonation and deepfake detections. Meng can even collaborate with Geoff Cairns to broaden our most requested subjects in APAC: identification and entry administration (IAM).
- My profession objective of human-centered safety, safety tradition, and safety management will continue. I’ll stsick contribute to analysis that aligns to my objective, which is making safety human-centered, in addition to our Forrester’s Safety & Threat Precedence to Lead A Excessive-Performing Safety Group And Tradition. In this capametropolis, I’ll lead markets and analysis on subjects like human threat administration and safety tradition, and a few choose safety and CISO management and profession paths analysis. Inevitably, I will should relinquish some deeply beloved elements of my agenda, that are important to our shoppers, to very succesful fingers. Madelein will replace our analysis on safety champions networks, CISO’s information to efficiently main change, and human threat administration metrics. Jess Burn will take over my plans for analysis on management and human expertise in safety, to enrich her current cybersecurity expertise physique of labor.
As a staff, we proceed to be relentlessly dedicated to our shoppers, our analysis, and one another. With our world safety and threat colleagues, we sit up for serving you in the above capacities.
Forrester safety and threat shoppers who’ve questions on the next threat, safety, or privacy-related subjects can join by way of inquiry or steerage session to our consultants:
- Human-centered safety, safety tradition, safety management, or human threat administration: Jinan Budge
- GRC, cyber threat scores, risk providers, or enterprise and cyber threat administration: Paul McKay
- Constructing ZT roadmaps, MDR, or digital identification: Tope Olufon
- Safety org constructions, consulting providers in Europe, resilience regulations, or API safety: Madelein van der Hout
- Privateness, trust, AI regs and ethics, or artificial information: Enza Iannopollo
- Risk intelligence, fraud administration or IAM in APAC: Malesg Liu
