Cody Scott

Senior Analyst

Forrester Bio

Author Insights

Blog

Lessons In Risk Management From NASA’s Space Security: Best Practices Guide

Cody Scott January 17, 2024
Learn how NASA's Space Security Best Practices Guide benefits not only NASA’s space missions, but any security risk management professional.
Blog

The DoD Releases CMMC 2.0 As Its Holiday Gift To The Public

Cody Scott January 3, 2024
Get four key takeaways from the DoD's proposed rules for updating the Cybersecurity Maturity Model Certification (CMMC) program.
Blog

Announcing The Forrester Wave™: Governance, Risk, And Compliance Platforms, Q4 2023

Cody Scott December 7, 2023
Read this report for more insight on the GRC market that has been 20 years in the making and the 15 vendors that matter most.
Blog

The Busy Security Leader’s Guide To The National Cybersecurity Strategy Implementation Plan

Allie Mellen July 14, 2023
Security and risk leaders beware, the Biden Administration released the next major step in its plan to implement the National Cybersecurity Strategy (NCS) on July 13, 2023. The National Cybersecurity Strategy Implementation Plan (NCSIP) includes 65 federal initiatives across five pillars aimed at increasing cybersecurity investment, assigning federal agencies to specific initiatives, and giving timelines […]
Blog

Wonder Twin Powers, Activate! Cyber Risk Ratings And Third-Party Risk Platforms Are More Powerful Together

Alla Valente May 2, 2023
Third-party risk management and cyber risk ratings fight better together, making security and risk professionals the beneficiaries of the alliance.
Blog

This Earth Day, Take Control Of Climate Risk

Cody Scott April 21, 2023
Climate events occur more frequently every year. Treat this Earth Day as a call to action, and add climate risks to your systemic risk purview.
Blog

Get A Head Start On The National Cybersecurity Strategy

Jeff Pollard March 2, 2023
This blog outlines Forrester’s existing Security & Risk research to help organizations navigate, manage, and prepare their organizations for the implications of the National Cybersecurity Strategy.
Blog

Call It What You Want, Cyber Risk Quantification Is Now A Must

Cody Scott February 3, 2023
What do Live Nation’s Taylor Swift ticketing debacle and cyber risk have in common? Bad assumptions. Whether you confidently believe that you can anticipate record ticket demand or believe that your payment processing infrastructure is secure enough to handle it, that belief is based on an assumption, and that assumption is based on the past […]
Blog

Groundhog Day, SEC Style: Proposed Rule On Cybersecurity Risk Governance Has All The Pain Of SOX With Fewer Financial Penalties

Alla Valente February 2, 2023
There’s a significant shift ahead for how public firms and their boards treat cybersecurity risk. The last two years increased the amount of cybersecurity oversight in terms of regulations and guidelines. Voluntary “recommendations” such as the National Institute of Standards and Technology’s guidelines for AI offer a starting point for safer use of artificial intelligence, […]