GRC – Governance, Risk, And Compliance
Governance, risk, and compliance (GRC) trends are always evolving. Follow Forrester’s latest research and insights on GRC trends.
Insights
Blog
Fix Your GRC Blind Spots: Risk Lessons From The Louvre
The Louvre heist is a mirror for today’s governance, risk, and compliance gaps. Recognizing these blind spots can transform your enterprise risk efforts from decorative to defensive art. Find out how.
Blog
Forrester’s AEGIS Framework: The New Standard For AI Governance
AEGIS is not just another acronym — it’s now a fully cross-referenced, regulation-aware blueprint for building trust in AI systems.
Predictions 2026: Your Planning Starts Here
2026 will demand proof, not promises. Explore Forrester’s Predictions resources — guides, webinars, and blogs — to plan smarter, lead with trust, and stay ahead of disruption.
Blog
How F5 And SonicWall Revealed The Fragility Of The Software Supply Chain
The recent breaches at F5 and SonicWall illustrate how attackers are targeting the very infrastructure that enterprises rely on to secure and deliver digital services.
Blog
The Netherlands Targets Chip Governance: A New Precedent For Cyber And IP Risk Intervention
The Netherlands placing Chinese-owned chipmaker Nexperia under ministerial oversight is a sign that Europe has crossed from passive screening to active control to keep IP and capacity in-region. Find out what this means for CISOs and risk leaders and what steps to take next.
Blog
Get Your Zero Trust Initiative Back On Track With Forrester’s Zero Trust RASCI Chart
One of the biggest challenges to a Zero Trust journey can be misalignment between teams. Learn how our Zero Trust RASCI Chart can help define roles and responsibilities across the core domains of Zero Trust.
Blog
Navigating Cyber Regulatory Purgatory Using AI
As cyber regulations continue to multiply, cyber and risk professionals need to make choices about how they comply with cyber regulations that conflict with each other. Find out how generative AI can help in this preview of our upcoming Security & Risk Summit.
Blog
Master Risk And Conquer Chaos At Forrester’s Security & Risk Summit
For leaders in security, risk, and privacy, this year has been different, with a new level of volatility fueled by geopolitics, new regulatory hurdles, relentless AI disruption, and looming quantum threats. Learn how Forrester’s Security & Risk Summit 2025 can empower you to stay ahead of the chaos, take the right risks, and secure your organization.
Build A Security Org For The Future
Download our guide to help CISOs prove business value, win budget, and reduce burnout. Use our actionable framework to align security with enterprise goals, justify funding, and lead a high-performing team.
Blog
IT Governance As A Secret Weapon: A Blueprint For Thriving In Chaos
Today’s technology executives face a perfect storm of market disruptions, shifting priorities, and relentless pressure to deliver. So why are most still operating with governance models built for a different era? Find out in this preview of our upcoming Technology & Innovation Summit North America.
Blog
Jekyll And Hyde: The Dual Role Of Disruptive Technologies In Sustainability
Disruptive technologies such AI can boost efforts towards some strategic priorities, but can also work against environmental sustainability goals. Learn more about the the dual role played by six of the most important disruptive technologies poised to shape sustainability in 2025.
Blog
Announcing The Forrester Wave™: Cyber Risk Quantification Solutions, Q2 2025
Cyber risk quantification (CRQ) solutions are on a mission to transform security and risk operations. The goal: a future where risk is measurable, actionable, and tightly integrated into business strategy. Some solutions emphasize picking up where legacy governance, risk, and compliance (GRC) implementations fall short and provide data-driven risk reporting, continuous monitoring, and third-party risk […]
Blog
Supply Chain, AI, And Operational Resilience Risks Dominate ERM Programs In 2025
For risk professionals, leading through 2025’s volatility has been like living in an “Alice in Wonderland” unreality. Risk teams have never been more important as a function to guide their businesses through challenges such as geopolitical risk events, trade disruption, economic volatility, and regulatory disruption.
Blog
Microsoft Races To Reassure Anxious Tech Execs In Europe
Increasing geopolitical volatility has characterized the last three years in Europe and is reaching new heights. Learn what Microsoft has committed to do and what tech executives should watch out for.
Blog
RSAC Conference 2025: Welcome To The Petting Zoo
From live goats and puppies to robot dogs and animal costumes, the RSAC Conference 2025 delivered some unexpected surprises. But it also delivered the usual insight into various trends in the security market today. Find out more in this RSAC review.
Blog
Overregulation Forges A CISO Coalition With The G7 Letter
A coalition of over 40 chief information security officers (CISOs) from leading companies, including Salesforce, Microsoft, AWS, Mastercard, and Siemens, sent a letter to the G7 and OECD, urging them to take action on aligning international cybersecurity regulations.
Blog
Government Leaders: Prioritize Cyber Efficiency Amid Federal Volatility
Government agencies at the federal, state, and local levels must prepare for a future where they experience uncertainty, headcount reductions, contract cancellations, and budget cuts. This is gut-wrenchingly difficult to process, yet remaining leaders must figure out how to move forward to serve the mission. For public sector cybersecurity leaders, this is even more paramount. […]
Blog
Forrester’s Top Threats For 2025
2025 started with a bang! Technology and geopolitics are changing so fast that many can’t keep track of the latest trends, with an announcement of new, benchmark-shattering genAI-related tech seemingly every week.
Blog
The Tech Exec’s Guide To Decoding Cybersecurity Vendor Performance
Forrester analyzed the earnings calls of the 10 largest cybersecurity vendors by market cap and identified key trends for technology executives.
Blog
Banks Need Modern Identity Verification Solutions To Stay Competitive And Resilient In The AI Era
There is a growing need for more secure identity verification in the financial services industry due to the rise of sophisticated fraud tactics and increasingly complex regulatory requirements. Learn the four key challenges that financial services firms face in this preview of a new report.
Blog
RSAC 2025 Early Stage Expo Preview: AppSec, IAM, GenAI, SecOps, And More
As we put together our game plan for what to see at RSA Conference 2025, we wanted to scope out innovation, identify which vendor booths will be a must-see, and (at least for one of us) minimize the number of steps to take around the Moscone Center.
Blog
New Year, New Us: Introducing Forrester’s International Security & Risk Team Research
Dive into our backgrounds, existing research, and capabilities. As a team, we cover a multitude of security and risk priorities. We are also geographically distributed; no one else is as uniquely positioned to add this level of global perspective to our research and our clients.
More posts