security risk management

With the proliferation of data and the ubiquity of connected devices, organizations can move with unmatched efficiency, but simultaneously incur increased risks. Read our insights on how security & risk professionals can succeed in this environment.

Discover how Forrester supports IT leaders.

Insights

Blog

Get A Head Start On The “Easier Said Than Done” Elements In The 2023–2030 Australian Cyber Security Strategy

Jinan Budge 3 days ago
Find which Forrester research can help navigate, manage, and prepare for the newly announced Australian Cyber Security Strategy.
Blog

EDR Is Officially Out, And XDR Still Won’t Solve Your SIEM Problems

Allie Mellen 3 days ago
Forrester predicted that endpoint detection and response (EDR) as we know it would be replaced by extended detection and response (XDR). That day has finally come. Learn the implications of that shift in this blog post.

Global

Don’t Miss Our Live 2024 Predictions Deep Dive

Join us on January 18 to hear from the tech, CX, and B2B analysts behind our 2024 global predictions and get an important generative AI update from Forrester’s CEO, George Colony.

Blog

VMware Customers: Brace For Impact

Tracy Woo November 22, 2023
With the VMware-Broadcom deal set for closing, what should you know? Learn five key things VMware customers can expect in the coming years.
Blog

The Deadly Effects Of High Concentration Risk

Madelein van der Hout November 10, 2023
Learn why breaches with a high impact on society, such as recent cyberattacks in Germany, bring more focus on concentration risk.
Blog

What The SEC Missed, But The NYDFS’s Cybersecurity Rule Got Right, About Third-Party Risk

Alla Valente November 9, 2023
Learn four requirements from the new NYDFS Cybersecurity Rule you can start preparing for now.
Blog

Biden’s Executive Order On AI Is Broad In Scope And Laser-Focused On Spurring Innovation Without Undue Risk

Alla Valente November 1, 2023
The new executive order calls for a “societywide effort” from government, the private sector, academia, and civil society to address eight AI priorities.
Blog

Predictions 2024: Security And Risk Pros Will Apply Guardrails Beyond Regulatory Mandates

Alla Valente October 31, 2023
In 2024, as more organizations launch new genAI initiatives, they will need to balance fast innovation with governance and accountability. Learn more in our 2024 predictions for cybersecurity, risk, and privacy.

60% Of Skeptics Will Use (And Love!) GenAI

Surprised? Download Forrester’s 2024 Predictions guide to see why progress will be driven by exploration — and 14 other global predictions on AI, privacy, B2B buyers, hybrid work, and more.

Blog

Predictions 2024: With The Right Preparation, Your Organization Can Win Trust While Others Lose It

Stephanie Balaouras October 31, 2023
A focus on fundamentals such as empathy, dependability, and accountability will equip companies to weather a tumultuous year ahead.
Blog

The Top Five Things You Need To Know About How Generative AI Is Used In Security Tools

Allie Mellen October 24, 2023
Security leaders need to understand how generative AI is used in security tools and how it may change how their teams operate. Here are five highlights from a new report that will help.
Blog

Influence, The Memo, And Good Old Project Management

David Levine October 18, 2023
Learn a few of the most impactful takeaways from a full year of working with security and risk leaders as an executive partner at Forrester.
Blog

Exposure Management Looks To Usurp Vulnerability Management, But Is The New Emperor Wearing Any Clothes?

Erik Nost October 16, 2023
Hans Christian Anderson’s classic tale of the emperor that gets duped into a fancy, new, and invisible wardrobe provides lessons in swindling, pride, and truth. It’s only when the emperor struts in front of the commoners that a child finally states, “Wait a minute — there’s nothing to this outfit. He’s not wearing anything.” As […]
Blog

The Whistleblower Diaries: Don’t Blow Off The Disgruntled Employee

Alla Valente October 12, 2023
Ignoring whistleblowers is costly and bad for business. Learn three things that security and risk pros need to know about a new breed of whistleblower.

Stay Ahead Of Threats With Detection And Response Engineering

Enhance your security operations by learning the latest detection and response engineering practices.

Podcast

Zero Trust Past, Present, And Future

What It Means October 12, 2023
Zero Trust has evolved since its earliest iterations, but it’s never been more vital than it is today. In this episode, Principal Analyst David Holmes discusses the origins of Zero Trust and its future impact on driving business value.
Blog

Torch The Test: Closing The Cybersecurity Skills Gap Requires Continuous Learning

Jess Burn October 5, 2023
Learn how investing in cybersecurity skills and training (CS&T) platforms can help overcome the cybersecurity skills gap in this preview of the upcoming Forrester Security & Risk Forum.
Blog

Supercharge Your Defense: Level Up AI-Powered Models To Combat Fraud In APAC

Meng Liu October 5, 2023
As authorized push payment fraud rises, learn three things your enterprise fraud management vendor should have to better leverage AI to combat fraud.
Blog

Secure Our World All Year Long

Joseph Blankenship October 2, 2023
Shouldn't every month be Cybersecurity Awareness Month? Learn how you can make cybersecurity a year-round priority for everyone in your organization, not just security teams.
Blog

The CISO And CIO Microsoft Security Dilemma: Fend Off Or Learn To Love?

Jeff Pollard September 28, 2023
Should CISOs fend off Microsoft to keep their preferred products or embrace consolidation? Find out in this blog.

Strenthen Security Operations With Agile SecOps

Read this report to learn how to apply agile software development lifecycle practices (SDLC) to detection and response to create engineering-driven detection operations.

Blog

ASIS GSX 2023: Physical Security Insights From Deep In The Heart Of Texas

Brian Wrozek September 27, 2023
Get five key takeaways from ASIS International's recent 2023 Global Security Exchange (GSX) event held in Dallas, Texas.
Blog

Announcing The Forrester Wave™: Vulnerability Risk Management, Q3 2023

Erik Nost September 21, 2023
Vulnerability risk management (VRM) solutions look very different today than they did in 2019. Learn what's changed in our new Wave report.
Blog

The Good, The Bad, And The Ugly: The Role Of Trust In Insurance Fraud

Ellen Carney September 20, 2023
Fighting insurance fraud is only feasible with synergies among the people, process, and technology domains. Find out more in this preview of our upcoming Security & Risk event.
More posts