risk management

“No risk, no reward,” may be true, but unnecessary risk is . . . well, unnecessary. Read our insights on risk management and mitigation.

Discover how Forrester supports IT leaders.

Insights

Blog

Calling Business Resilience Pros: Our Latest State Of Business Continuity Survey Is Live!

Amy DeMartine November 8, 2022
Each year, Forrester Research and the Disaster Recovery Journal (DRJ) team up to launch a study examining the state of business resiliency. We alternate between two resilience domains each year: IT disaster recovery and business continuity. This is the year of business continuity! The last joint survey we did was right in the middle of […]
Blog

How To Avoid The Ill-Fated Quest To “Fix” Global Supply Chains

Alla Valente November 3, 2022
Learn why “fixing” supply chain issues is less important than reducing the long-term risks that create the issues in this Security & Risk event preview.

Turn 2023 Predictions Into Bold Action

Join us for Predictions 2023 Live to learn how to focus your priorities for success in the year ahead.

Podcast

Is Your Organization Equipped To Handle Geopolitical Risks?

What It Means October 27, 2022
Is your security team effectively assessing your exposure to geopolitical risk? Principal Analyst Renee Murphy and Senior Analyst Allie Mellen provide some insights and next steps every security org will want to hear.
Blog

Misguided Fear Of AI And Automation: A Classic Horror Story

Carlos Casanova October 25, 2022
Classic horror movie quirks closely resemble what we’re seeing in firms looking to innovate and differentiate yet are running from rather than toward AI and advanced automation.
Blog

The State Of Third-Party Risk In 2022: The Not-So-Subtle Art Of Keeping All Balls In The Air

Alla Valente October 20, 2022
New business priorities, strategic initiatives, and a plethora of new risks mean that security, risk, and compliance professionals must master the art of juggling.
Blog

Apply Critical Thinking And Culture To Reduce Insider Risk

Joseph Blankenship September 27, 2022
Learn how to reduce the three most common types of insider threats in this Security & Risk event preview.
Blog

Forget Quiet Quitting — Tech Whistleblowers Go Out With A Bang

Sara M. Watson August 26, 2022
When tech companies select people with ideals and integrity, they get people with ideals and integrity. When they behave in ways that betray those employees, they can expect rebellion.

Seize On 2023 Tech Opportunity

Get our Predictions 2023 guide to see how tech leaders are shifting their focus to outpace disruption.

Blog

Random Acts Of Automation: 10 Pitfalls We Must Avoid

Craig Le Clair August 22, 2022
The trend toward automation is not new. The Industrial Revolution started it in the 19th century, but there has never been such rapid automation progress as today. All forms have accelerated, often without understanding their effect. Humans have become choke points in operations, points of disease and legal liability, and friction to smooth digital pathways, […]
Blog

Meta Pixel Fiasco Underscores Why Marketing And Risk Must Work Together

Stephanie Liu August 5, 2022
Marketing and risk share a common goal: building customer trust. By partnering, marketers and S&R pros can use the growing momentum around consumer privacy to grow customer trust.
Blog

Who’s Responsible For Cyber Insurance Policy Misrepresentations? It Depends.

Alla Valente July 14, 2022
On July 6, 2022, the Travelers Property Casualty Company of America (Travelers Insurance) filed a suit in an Illinois federal court against International Control Services, Inc. (ICS) asking for policy rescission and declaratory judgment against ICS. Travelers alleges that ICS misrepresented its use of multifactor authentication (MFA) on its policy application, which should be sufficient […]
Blog

COVID-Related Absenteeism Is Costing Your Business Money

J.P. Gownder June 22, 2022
Many organizations are ill-equipped to manage the problem. Yet it's the sort of systemic risk that leaders need to be ready to face.
Blog

Forget The FUD: Four Factors Fueling TPRM Platform Adoption Today

Alla Valente May 23, 2022
Fear. Uncertainty. Doubt. Also known as “appeal to fear,” fear-uncertainty-doubt (FUD) is a fallacy in which a person tries to create support for an idea (or technology) by attempting to increase fear towards an alternative. Since passage of Sarbanes-Oxley (SOX), the regulation that launched the era of compliance, technology sales have been predicated on creating […]

Tackle 2023 With Bold Action & Clear Focus

Get our Predictions 2023 Guide to see the 12 big-impact dynamics that leaders will have to navigate in the coming year.

Blog

Plan Your Response To CISA Emergency Patching Directives

Erik Nost May 20, 2022
The US Cybersecurity and Infrastructure Security Agency and other government agencies will continue to weigh in on vulnerability and patch management. Be prepared to respond.
Blog

Generally Accepted AI Principles — “GAAIP” — Can Bridge The Trust Gap

Achim Granzen May 19, 2022
Organizations looking to scale their use of AI-enhanced decision-making are facing a dilemma. There is still a large gap between voluntary frameworks for responsible AI and actionable law and enforceable regulations. I wrote about Singapore’s Model AI Governance Framework in an earlier blog post. My colleague Guannan Lu has recently taken a look at China’s […]
Blog

Don’t Adopt Nature-Based Solutions That Come With A Side Of Dumb

Renee Murphy April 29, 2022
As corporations look to express their commitment to the Earth and its earthlings, nature-based solutions (NBS) have taken on new urgency in the boardroom and sometimes not for the right reasons. First things first: NBS are defined by Forrester as natural and nature-based solutions to the consequences and causes of climate change that reduce an […]
Blog

The Risk Of Greenwashing: One Step Forward For The Cause, Two Steps Back For The Environment

Alla Valente April 21, 2022
The theme for Earth Day 2022 is “Invest In Our Planet.” In the leadup to the main event on April 22, it’s not unusual for scores of companies big and small and newcomers and household names in every industry to take to social media to highlight their efforts for investing in our planet. After all, […]
Blog

The Top Systemic Risks Changed In 2022, And Climate Change Was Left Out In The Cold

Renee Murphy April 20, 2022
It’s time for the latest “Top Systemic Risks” report. One of the biggest movers this year was climate change. Last year, as the pandemic dragged on, climate change ranked number five. This year, it ranked number eight. In the age of declaring climate goals and new markets requiring carbon reporting, corporations pushed climate change risk […]

See Why 2023 Fortune Favors The Bold And Focused

Explore our 2023 Predictions to see where strategies are shifting – and where opportunities for bold moves exist.

Blog

Cyber Insurance: What The Changing Power Dynamics Mean For You

Heidi Shey April 8, 2022
Cyber insurance is only one component of a bigger enterprise cybersecurity risk management program. However, the cyber insurance market has been on a roller coaster, with skyrocketing premiums, changes in coverage, and a demand for policies that outweighs available supply. After years of affordable and readily available policies, the ubiquity of cyber insurance combined with […]
Blog

Here’s How To Update Your Risk Management Posture Given The War In Ukraine

Alla Valente February 28, 2022
Risk management leaders in Europe and worldwide are already being impacted by the war in Ukraine and the sanctions imposed on Russian and Belarusian actors. Forrester analysts provide their guidance in this post.
Blog

Evolve Your Nearshore Contingency Plans In Response To War In Ukraine

Jeffrey Rajamani February 25, 2022
Learn which IT service providers have substantial operations in Belarus, Russia, or Ukraine and what steps you should take if you rely on them for services today.
More posts