GRC – Governance, Risk, And Compliance
Governance, risk, and compliance (GRC) trends are always evolving. Follow Forrester’s latest research and insights on GRC trends.
Insights
Blog
Governance: New Strategy, Old Hands On The Wheel …
You know the pattern: I show up, tell a story from a seat I actually sat in, and we get into what it takes to lead technology when the official playbook and the real one are two different documents. Today’s topic is governance, which I realize is not the word that makes anyone lean in. Nobody pitches “Let’s talk about […]
Blog
UK Social Media Ban Forces Platform Accountability
The ban marks a moment where government regulation is catching up to consumer expectations. But it's not just about online safety — it's a regulatory demand that will influence social media platform experiences and product decision-making.
Blog
What Matters Most For Banks Buying Enterprise Fraud Management Solutions In APAC, 2026
Real-time fraud decisioning is now table stakes for enterprise fraud management (EFM) in Asia Pacific. The harder challenge is finding an EFM solution that can keep pace with each organization’s operating model, regulatory obligations, and market-specific complexity. How organizational profiles affect banks’ EFM solution choice In our latest report, Buyers’ Guide For Enterprise Fraud Management […]
Blog
Announcing The Forrester Wave™: Governance, Risk, And Compliance Platforms, Q2 2026
Check out the latest Forrester Wave™ evaluation of the governance, risk, and compliance platforms market and its findings.
Blog
Today’s Regulatory Intelligence Solutions Replace Drudgery With Confidence
Over the past five years, security and risk (S&R) professionals have experienced a flood of new cybersecurity regulations, with 170 countries now boasting cybersecurity and data protection laws. Leaders are left to decide which regulations apply, identify gaps, and implement controls — an onerous task as regulatory volume and the pace of change accelerate. Manual […]
Blog
Project Glasswing: The 10 Consequences Nobody’s Writing About Yet
Anthropic’s Project Glasswing and Claude Mythos Preview prove that autonomous zero-day discovery now operates at scale. We evaluate the immediate, medium-term, and structural consequences for security teams, vendors, insurers, regulators, and future careers.
Blog
The Expanding Universe Of GRC For AI: Key Questions From Technology Leaders
In 1929, astronomer Edwin Hubble discovered something unsettling. The universe isn’t static; it’s expanding everywhere, simultaneously, at every scale. His simple equation (Hubble’s law) shows that galaxies are accelerating away from each other, and the farther they are, the faster they recede. Eventually, galaxies become so distant that they cross our observable horizon entirely — […]
Build A Security Org For The Future
Download our guide to help CISOs prove business value, win budget, and reduce burnout. Use our actionable framework to align security with enterprise goals, justify funding, and lead a high-performing team.
Blog
Context, Not Models, Is The Real AI Bottleneck: Reltio’s System‑Of‑Context Bet
AI took center stage at Reltio DataDriven 2026, where global data and AI leaders aligned on one urgent priority: turning trusted, real-time, contextual data into scalable AI and measurable business impact. Reltio made a clear strategic bet: The next enterprise AI bottleneck isn’t model choice or orchestration but shared context — rebranding its platform around […]
Blog
When Fixing Security Vulnerabilities Breaks Your Customer Email Program
In January 2026, Salesforce changed how its Marketing Cloud Engagement platform encrypts tracked email links. The fix addressed a vulnerability that could have exposed CloudPages content, such as landing pages, microsites, forms, subscriber data from preference and unsubscribe centers, and email content via web view links. But the fix created a new problem: All tracked […]
Blog
Ready For OpenClaw To Pry Into Your Environment And Grip Your Data
A formidable challenge awaits security leaders as personal tools like Moltbot spread. AI butlers are the next shadow super-user.
Blog
Beyond The Robots: What CES 2026 Really Means For Digital Workplace Leaders
I kicked off 2026 by attending CES for the first time, and I can confirm that everything you’ve heard about this event is true. CES is massive. It’s sprawling. The scale was equal parts energizing and overwhelming — but once I got past the sensory overload, clear and meaningful signals started to emerge. Beneath the […]
Blog
GRC Platforms Enter Their Grad School Era
Governance, risk, and compliance (GRC) platforms are officially old enough to be in grad school. In our 2023 market evaluation, GRC technology turned 20 years old but was still figuring out what it wanted to be when it grew up.
Blog
Fix Your GRC Blind Spots: Risk Lessons From The Louvre
The Louvre heist is a mirror for today’s governance, risk, and compliance gaps. Recognizing these blind spots can transform your enterprise risk efforts from decorative to defensive art. Find out how.
Blog
Forrester’s AEGIS Framework: The New Standard For AI Governance
AEGIS is not just another acronym — it’s now a fully cross-referenced, regulation-aware blueprint for building trust in AI systems.
Blog
How F5 And SonicWall Revealed The Fragility Of The Software Supply Chain
The recent breaches at F5 and SonicWall illustrate how attackers are targeting the very infrastructure that enterprises rely on to secure and deliver digital services.
Blog
The Netherlands Targets Chip Governance: A New Precedent For Cyber And IP Risk Intervention
The Netherlands placing Chinese-owned chipmaker Nexperia under ministerial oversight is a sign that Europe has crossed from passive screening to active control to keep IP and capacity in-region. Find out what this means for CISOs and risk leaders and what steps to take next.
Blog
Get Your Zero Trust Initiative Back On Track With Forrester’s Zero Trust RASCI Chart
One of the biggest challenges to a Zero Trust journey can be misalignment between teams. Learn how our Zero Trust RASCI Chart can help define roles and responsibilities across the core domains of Zero Trust.
Blog
Navigating Cyber Regulatory Purgatory Using AI
As cyber regulations continue to multiply, cyber and risk professionals need to make choices about how they comply with cyber regulations that conflict with each other. Find out how generative AI can help in this preview of our upcoming Security & Risk Summit.
Blog
Master Risk And Conquer Chaos At Forrester’s Security & Risk Summit
For leaders in security, risk, and privacy, this year has been different, with a new level of volatility fueled by geopolitics, new regulatory hurdles, relentless AI disruption, and looming quantum threats. Learn how Forrester’s Security & Risk Summit 2025 can empower you to stay ahead of the chaos, take the right risks, and secure your organization.
Blog
IT Governance As A Secret Weapon: A Blueprint For Thriving In Chaos
Today’s technology executives face a perfect storm of market disruptions, shifting priorities, and relentless pressure to deliver. So why are most still operating with governance models built for a different era? Find out in this preview of our upcoming Technology & Innovation Summit North America.
More posts