Cody Scott

Senior Analyst

Forrester Bio

Author Insights


Build The Business Case For Cyber Risk Quantification To Reset Risk Management

Cody Scott June 5, 2024
An organization’s single biggest risk is not knowing how much risk it has. That's why cyber risk quantification is on the rise. Learn the basics of how to build a CRQ business case in this post.

Announcing The Forrester Wave™: Cybersecurity Risk Ratings Platforms, Q2 2024

Cody Scott May 22, 2024
The cyber risk ratings kitchen is heating up and our new Wave report gives insight into the 10 vendors that matter most. Get a preview here.

The New Chief Artificial Intelligence Officer Role Balances AI Champion And Risk Manager

Alla Valente April 3, 2024
US federal agencies must now have a chief artificial intelligence officer responsible for operationalizing the safe use of AI. Learn more about this move and the implications in this blog post.

GenAI: GRC Enters Accelerator Era, And Not A Minute Too Soon!

Alla Valente April 2, 2024
Generative AI offers an opportunity for risk management to reinvent itself from the department of “no” to the discipline of “go.” Find out how in this blog post.

Lessons In Risk Management From NASA’s Space Security: Best Practices Guide

Cody Scott January 17, 2024
Learn how NASA's Space Security Best Practices Guide benefits not only NASA’s space missions, but any security risk management professional.

The DoD Releases CMMC 2.0 As Its Holiday Gift To The Public

Cody Scott January 3, 2024
Get four key takeaways from the DoD's proposed rules for updating the Cybersecurity Maturity Model Certification (CMMC) program.

Announcing The Forrester Wave™: Governance, Risk, And Compliance Platforms, Q4 2023

Cody Scott December 7, 2023
Read this report for more insight on the GRC market that has been 20 years in the making and the 15 vendors that matter most.

The Busy Security Leader’s Guide To The National Cybersecurity Strategy Implementation Plan

Allie Mellen July 14, 2023
Security and risk leaders beware, the Biden Administration released the next major step in its plan to implement the National Cybersecurity Strategy (NCS) on July 13, 2023. The National Cybersecurity Strategy Implementation Plan (NCSIP) includes 65 federal initiatives across five pillars aimed at increasing cybersecurity investment, assigning federal agencies to specific initiatives, and giving timelines […]

Wonder Twin Powers, Activate! Cyber Risk Ratings And Third-Party Risk Platforms Are More Powerful Together

Alla Valente May 2, 2023
Third-party risk management and cyber risk ratings fight better together, making security and risk professionals the beneficiaries of the alliance.

This Earth Day, Take Control Of Climate Risk

Cody Scott April 21, 2023
Climate events occur more frequently every year. Treat this Earth Day as a call to action, and add climate risks to your systemic risk purview.

Get A Head Start On The National Cybersecurity Strategy

Jeff Pollard March 2, 2023
This blog outlines Forrester’s existing Security & Risk research to help organizations navigate, manage, and prepare their organizations for the implications of the National Cybersecurity Strategy.

Call It What You Want, Cyber Risk Quantification Is Now A Must

Cody Scott February 3, 2023
What do Live Nation’s Taylor Swift ticketing debacle and cyber risk have in common? Bad assumptions. Whether you confidently believe that you can anticipate record ticket demand or believe that your payment processing infrastructure is secure enough to handle it, that belief is based on an assumption, and that assumption is based on the past […]

Groundhog Day, SEC Style: Proposed Rule On Cybersecurity Risk Governance Has All The Pain Of SOX With Fewer Financial Penalties

Alla Valente February 2, 2023
There’s a significant shift ahead for how public firms and their boards treat cybersecurity risk. The last two years increased the amount of cybersecurity oversight in terms of regulations and guidelines. Voluntary “recommendations” such as the National Institute of Standards and Technology’s guidelines for AI offer a starting point for safer use of artificial intelligence, […]