security risk management

With the proliferation of data and the ubiquity of connected devices, organizations can move with unmatched efficiency, but simultaneously incur increased risks. Read our insights on how security & risk professionals can succeed in this environment.

Discover how Forrester supports IT and security and risk leaders.

Insights

Blog

Predictions 2026: Cybersecurity And Risk Leaders Grapple With New Tech And Geopolitical Threats

Paddy Harrington October 1, 2025
In 2026, continued political instability coupled with technological advancements being used by cybercriminals will force cybersecurity and risk leaders to adapt their defensive technologies and prepare their workforce for big shifts. Find out more in our 2026 predictions for cybersecurity and risk.
Blog

How To Build AI Red Teams That Actually Work

Jeff Pollard September 30, 2025
AI red teaming blends offensive security tactics with safety evaluations for bias, toxicity, and reputational harm. It’s messy, fragmented and, most of all, necessary. Get six tips to get started on an AI red team that actually works in this preview of our upcoming Security & Risk Summit.

Master Risk And Lead Through Uncertainty

Attend our Security & Risk Summit to get insider access to frameworks and tools that help security professionals navigate AI attacks, understand quantum risks, and redefine resilience.

Blog

Too Big To Fail, Cyber Edition

Jess Burn September 29, 2025
Why did the UK government extend a £1.5 billion guaranteed loan to Jaguar Land Rover after a debilitating ransomware attack? And what can your security team learn from it? Find out in this post.
Blog

Securing AI’s M&A Feeding Frenzy Is On

Jeff Pollard September 22, 2025
The cybersecurity industry is in the middle of a land grab as AI security M&A heats up. In just 18 months, eight major vendors — including Check Point, Cisco, CrowdStrike, F5, and Palo Alto Networks — have spent upwards of $2.0 billion acquiring startups focused on securing enterprise AI. AI for security is already poised to disrupt […]
Blog

Splunk .conf25: Cisco, AI, And Data

Allie Mellen September 15, 2025
The 10th annual Splunk .conf took place in Boston recently. From the opening keynote to various new product releases and enhancements, get a full review of the event in this post.
Blog

The Abyss Of The Salesloft-Salesforce Breach May Reach The Challenger Deep

Paddy Harrington September 12, 2025
Details have been trickling out about a security issue in Salesloft’s Drift product. Find out what data was compromised and what actions you can take to reduce the threat to your business.
Blog

Announcing The Forrester Wave™: IoT Security Solutions, Q3 2025

Paddy Harrington September 10, 2025
IoT devices are a normal part of business and personal life. In enterprises, it is estimated that there are between six and 10 IoT devices for each employee, ranging from long-standing devices, such as printers and cameras, and industry-specific devices like warehouse scanners and medical infusion pumps to modern air quality monitors and soil moisture […]

Lead A Security Org That Performs, Scales, And Thrives

Download our guide to help CISOs prove business value, win budget, and reduce burnout. Use our actionable framework to align security with enterprise goals, justify funding, and lead a high-performing team.

Blog

The Forrester Wave™: Secure Access Service Edge Solutions, Q3 2025 — A Market Transformed

Andre Kindness September 10, 2025
We just released The Forrester Wave™: Secure Access Service Edge Solutions, Q3 2025, and the results mark a dramatic shift from the 2023 Wave on Zero Trust edge solutions.
Blog

Introducing Forrester AI Access: Equipping Organizations With Trusted Insights To Act Fast

Carrie Johnson September 9, 2025
Forrester AI Access is an important milestone in our AI journey, beginning with our 2023 launch of Izola. With AI Access, organizations can validate ideas, innovate, and make smarter decisions faster.
Blog

Partner For Progress: Security And HR Must Team Up For Insider Risk Management

Joseph Blankenship September 8, 2025
Since insider risk is more about people than PCs, security and insider risk management pros must make an unlikely new ally: their colleagues in HR. Find out how HR can help reduce insider risk in this preview of our upcoming Security & Risk Summit.
Blog

Announcing My Latest Forrester Wave™ Covering Managed Detection And Response Services In Europe

Tope Olufon September 4, 2025
The Forrester Wave™: Managed Detection And Response Services In Europe, Q3 2025, is live. It’s our second evaluation of the managed detection and response (MDR) space focused on the European market. It looks a bit different from our 2023 Wave, as European customers now place a greater emphasis on sovereignty, localization, speed, automation, and resilience. […]
Blog

Vibe Hacking And No-Code Ransomware: AI’s Dark Side Is Here

Jeff Pollard August 28, 2025
CISOs must recognize that AI is enabling attackers to scale operations quickly with minimal technical skill. Learn how this is happening and get four key takeaways to better defend your organization in this new era.

The Countdown To 2026 Predictions Has Begun

Don’t miss your chance to lead with confidence. Get early access to Forrester’s expert guidance across marketing, CX, digital, tech, and security.

Webinar

Virtual Roundtable: Forrester’s Technology & Security Summit Sneak Peek

Watch the replay our our virtual roundtable to get a first look at the insights behind our upcoming Technology & Innovation and Security & Risk Summits!
Blog

Ongoing Government Uncertainty Around Cybersecurity Initiatives Is Putting Your Business At Risk

Paddy Harrington August 20, 2025
Government instability is undermining key cybersecurity programs like CyberSentry and MITRE’s CVE cataloging, putting critical infrastructure and business operations at risk. This post explores how funding cuts and conflicting AI directives are creating dangerous gaps in threat detection and response.
Blog

Black Hat 2025: Troop Forrester Goes To Hacker Summer Camp

James Plouffe August 13, 2025
2025 marks the 28th year of Black Hat, and although it remains on the edgier side of corporate-focused cybersecurity conferences, it sometimes feels like the event is considering completely ditching its hoodie in favor of a collared shirt.
Blog

The Real Future Of Proactive Security Isn’t Finding Exposures — It’s Fixing Them

Erik Nost August 12, 2025
Visibility, prioritization, and remediation will always be the foundation of your proactive program, but many orgs still struggle to optimize all three principles in an integrated fashion. Learn how to prepare your security teams for the future of proactive security in this preview of a keynote at our upcoming Security & Risk Summit.
Blog

Navigating Cyber Regulatory Purgatory Using AI

Paul McKay August 12, 2025
As cyber regulations continue to multiply, cyber and risk professionals need to make choices about how they comply with cyber regulations that conflict with each other. Find out how generative AI can help in this preview of our upcoming Security & Risk Summit.

Get Trusted Advice — In Seconds

AI Access puts Forrester’s trusted insights at your fingertips. Validate your strategy, align your team, and get instant advice grounded in proprietary research — no digging, no delays. It’s like having a Forrester analyst by your side, 24/7.

Blog

Human Risk Management: From Talk To Action In 18 Months

Jinan Budge August 12, 2025
Since its launch, human risk management has blossomed into a distinct and expanding market, attracting the interest and budget of many organizations. Learn about the fast evolution of HRM in this preview of our upcoming Security & Risk Summit.
Blog

From Digital Sovereignty Platforms To Sovereign Cloud Platforms: Three Reasons For A Title Change

Dario Maisto August 11, 2025
Learn how increased complexity and additional market factors led us to rethink the title of our upcoming Forrester Landscape report on digital sovereignty platforms
Blog

Introducing AEGIS — The Guardrails That CISOs Need For The Agentic Enterprise

Jeff Pollard August 4, 2025
AI agents aren’t coming — they’re already here. And they’re not waiting for your security architecture to catch up. Learn how Forrester's new AEGIS framework can help CISOs secure, govern, and manage AI agents and agentic infrastructure.
More posts