During my first quarter as Research Director for the Security & Risk team at Forrester, I spent a lot of time listening to our clients and working with the analysts and researchers on my team to create a research agenda for the rest of the year that will help our clients tackle their toughest challenges. In the first quarter of 2010, clients were still struggling with the security ramifications of increased outsourcing, cloud computing, consumer devices and social networking. Trends have created a shift in data and device ownership that is usurping traditional IT control and eroding traditional security controls and protections.We\u2019re still dealing with this shift in 2010 \u2014 there\u2019s no easy fix.\u00a0This year there is a realization that the only way that the Security Organization can stay one step ahead of whatever business or technology shift happens next is\u00a0to transform itself from a silo of technical expertise that is reactive and operationally focused to one that is focused on proactive information risk management. This requires a reexamination of the security program itself (strategy, policy, roles, skills, success metrics, etc.), its security processes, and its security architecture. In short, taking a step back and looking at the big picture before evaluating and deploying the next point protection product. Not surprisingly, our\u00a0five most read docs since January 1, 2010\u00a0to today are\u00a0having less to do with specific security technologies. Some of our research published in just the last week is quickly shooting up to the top of the list including CISO Handbook: Presenting To The Board, To Facebook Or Not To Facebook\u00a0and Market Overview: Managed Security Services. One technology-focused report that is quickly becoming\u00a0popular with our clients is\u00a0the two-part report, Demystifying Tokenization And Transaction Encryption.We have an ambitious research agenda for Q2 that includes the publication of Forrester\u2019s Security Maturity Model and our biggest IT event, Forrester\u2019s IT Forum. We\u2019ll have an entire Security and Risk focused track at the event with more than 7 sessions and 6 analysts presenting. We\u2019ll have content dealing with organizational and process maturity, as well as content covering another emerging technology shift \u2013 the shift to Smart Critical Infrastructure and Grids (more on that in another post).If you haven't registered already, call our Events team at 617\/613-5905 with discount code ITXBLG and they'll extend a $200 discount for CSO.com readers.