Cody Scott
Senior Analyst
Author Insights
Blog
The New Chief Artificial Intelligence Officer Role Balances AI Champion And Risk Manager
US federal agencies must now have a chief artificial intelligence officer responsible for operationalizing the safe use of AI. Learn more about this move and the implications in this blog post.
Blog
GenAI: GRC Enters Accelerator Era, And Not A Minute Too Soon!
Generative AI offers an opportunity for risk management to reinvent itself from the department of “no” to the discipline of “go.” Find out how in this blog post.
Blog
Lessons In Risk Management From NASA’s Space Security: Best Practices Guide
Learn how NASA's Space Security Best Practices Guide benefits not only NASA’s space missions, but any security risk management professional.
Blog
The DoD Releases CMMC 2.0 As Its Holiday Gift To The Public
Get four key takeaways from the DoD's proposed rules for updating the Cybersecurity Maturity Model Certification (CMMC) program.
Blog
Announcing The Forrester Wave™: Governance, Risk, And Compliance Platforms, Q4 2023
Read this report for more insight on the GRC market that has been 20 years in the making and the 15 vendors that matter most.
Blog
The Busy Security Leader’s Guide To The National Cybersecurity Strategy Implementation Plan
Security and risk leaders beware, the Biden Administration released the next major step in its plan to implement the National Cybersecurity Strategy (NCS) on July 13, 2023. The National Cybersecurity Strategy Implementation Plan (NCSIP) includes 65 federal initiatives across five pillars aimed at increasing cybersecurity investment, assigning federal agencies to specific initiatives, and giving timelines […]
Blog
Wonder Twin Powers, Activate! Cyber Risk Ratings And Third-Party Risk Platforms Are More Powerful Together
Third-party risk management and cyber risk ratings fight better together, making security and risk professionals the beneficiaries of the alliance.
Blog
This Earth Day, Take Control Of Climate Risk
Climate events occur more frequently every year. Treat this Earth Day as a call to action, and add climate risks to your systemic risk purview.
Blog
Get A Head Start On The National Cybersecurity Strategy
This blog outlines Forrester’s existing Security & Risk research to help organizations navigate, manage, and prepare their organizations for the implications of the National Cybersecurity Strategy.
Blog
Call It What You Want, Cyber Risk Quantification Is Now A Must
What do Live Nation’s Taylor Swift ticketing debacle and cyber risk have in common? Bad assumptions. Whether you confidently believe that you can anticipate record ticket demand or believe that your payment processing infrastructure is secure enough to handle it, that belief is based on an assumption, and that assumption is based on the past […]
Blog
Groundhog Day, SEC Style: Proposed Rule On Cybersecurity Risk Governance Has All The Pain Of SOX With Fewer Financial Penalties
There’s a significant shift ahead for how public firms and their boards treat cybersecurity risk. The last two years increased the amount of cybersecurity oversight in terms of regulations and guidelines. Voluntary “recommendations” such as the National Institute of Standards and Technology’s guidelines for AI offer a starting point for safer use of artificial intelligence, […]