Security and risk leaders are navigating an increasingly complex threat and regulatory landscape, one that demands not only technical excellence but also transparency, trust, and measurable business impact. Forrester’s Security & Risk Enterprise Leadership Award recognizes organizations that exemplify these qualities, setting a high bar for innovation and integrity in their security, privacy, and risk management functions.

This year, we’re proud to honor two organizations, the overall winner and a public sector winner, whose security programs stood out for their strategic foresight, customer centricity, and operational maturity.

Overall Winner: BNP Paribas Bank Polska

BNP Paribas Bank Polska earned Forrester’s Security & Risk Enterprise Leadership Award for its deeply integrated, customer-centric approach to security and risk. The bank’s product security program is a model of maturity, embedding tools directly into the development pipeline. The firm emphasizes close collaboration between teams and actively cultivates “security champions” to drive cultural change across teams. Our judges were especially impressed with BNP Paribas Bank Polska because:

  • Its breach and attack scenario planning goes beyond technical response. Breach and attack scenario planning incorporates crisis management protocols and transparent communication. This is especially noteworthy as the bank handles threats related to the war in Ukraine. The bank’s talent strategy is equally forward-thinking, emphasizing hybrid skill profiles, cross-functional collaboration, and career development pathways that strengthen both resilience and innovation.
  • Privacy is treated not as a checkbox but as a core value. The company maintains detailed standards for child protection and image consent. Most compelling of all, BNP Paribas Bank Polska demonstrated measurable business outcomes, including a reduction in customer complaints and a rise in employee Net Promoter Score℠ (eNPS), clear indicators of improved customer experience and internal engagement.
  • Customer security is a priority and balances security with convenience. Customer experience and security are equally important, and the bank implemented capabilities like single multifactor authentication, single sign-on, and biometric login that make authenticating smoother while enhancing security. Extending security beyond the firm itself, BNP Paribas Bank Polska also conducts regular education campaigns for its customers to help them protect their own data and transactions. This transparent communication to customers about security safeguards helps strengthen the bank’s reputation with customers while helping them protect their privacy and be more secure.

Public Sector Winner: Oregon Lottery

Representing the public sector, Oregon Lottery is also a recipient of Forrester’s Security & Risk Enterprise Leadership Award. The agency demonstrates how public sector organizations can lead by delivering mission-aligned outcomes that bolster their deep commitment to public trust. Oregon Lottery’s commitment to the greater good is evident in its proactive engagement and knowledge-sharing with key stakeholders in the gaming industry. The organization’s security leadership maintains a standing seat at executive meetings, ensuring that privacy measures, threat posture, and user integrity are embedded in strategic decision-making.

Learn More At Security & Risk Summit

Join us at Forrester’s Security & Risk Summit, taking place in Austin, Texas, and digitally on November 5–7, 2025, to hear directly from BNP Paribas Bank Polska about how they built business resiliency through enterprise security and risk leadership. I’ll be on stage with representatives from BNP Paribas Bank Polska for a keynote session that explores the strategies behind their success.

We’re inspired by the ways security and risk teams are building trust and driving performance across organizations. Start thinking about your story for the 2026 Security & Risk Enterprise Leadership Award!