We’re thrilled to announce our inaugural Security & Risk Enterprise Leadership Award. This award will recognize organizations that have transformed the security, privacy, and risk management functions from obstructionist cost and compliance centers to business functions that drive trusted relationships with customers, employees, and partners and that fuel the organization’s long-term success. Our award is unique because it:

  • Celebrates the organization, not a single individual. Elevating security, privacy, and risk across the organization takes an entire team committed to having a strong vision and seeing it through. This could take months (and even years) of constant reeducation of the board and C-level execs, embedding champions and liaisons in business units, reimagining security and privacy awareness and training, and reskilling teams and redefining processes to work closely with counterparts in marketing, customer experience, DevOps, etc. This isn’t an award that one CISO, CPO, or CRO can win on his or her own. It’s about the efforts of the entire organization.
  • Rewards organizations for their impact on the business. This award isn’t an assessment of an organization’s security, privacy, or risk posture or an assessment of controls against an industry standard. Attaining certain industry certifications and meeting a baseline level of maturity are important achievements, but we view these as table stakes. Our award recognizes those teams that build trust deliberately with customers, employees, and partners with: 1) customer experiences that are secure, private, and resilient by design; 2) employee practices that both protect the organization and help it succeed; and 3) partner ecosystems that unlock innovation. We know from our research that trusted organizations have higher growth potential. For example, in the public sector, when citizens have higher levels of trust, individuals are more likely to support policies, seek expert advice, follow directives, and use the services offered to them.
  • Recognizes that no organization is perfect. No organization is immune from breaches, privacy missteps, or outages. Organizations that demonstrate leadership during these crises, however, put the needs of their stakeholders (customers, employees, and partners) first. They use the levers of trust (e.g., accountability, transparency, empathy, etc.) to guide their actions. We encourage organizations that have faced crises in the past and that have implemented the learnings from those events to improve their organizations to apply and share their lessons.

During the last 20 years, security, privacy, and risk have all become board-level priorities and concerns, and influence, expanded budgets, and sizable teams have followed. We’ve made progress, but we can still do more to further embed security, privacy, and risk management within every part of the organization. These awards not only celebrate the organizations pushing the industry forward, but they communicate to business and tech leaders across industries on how security, privacy, and risk management drive the trust that’s essential to success.

Who Should Apply?

Nominations for Forrester’s Security & Risk Enterprise Leadership Award are open to organizations with 1,000 or more employees in both the public and private sectors. High-tech service providers that compete in these markets are excluded, but they can nominate clients (with those clients’ permission, of course). If you’ve had a crisis (breach, outage, compliance fine, privacy abuse) recently, we still encourage you to apply, especially if you have insights to share about how your organization handled the crisis and what you learned from the experience.

You can find more information about the award categories, plus detailed submission packages and instructions, here.

Submissions close on August 11, 2023. We’ll notify finalists by the end of August. We’ll then announce finalists and award recipients ahead of Forrester’s Security & Risk Forum in North America. The award recipients will join us at our Forum and on stage to receive and celebrate their award during the event, which will take place in Washington, D.C., on November 14–15, 2023.