security risk management
With the proliferation of data and the ubiquity of connected devices, organizations can move with unmatched efficiency, but simultaneously incur increased risks. Read our insights on how security & risk professionals can succeed in this environment.
Insights
Blog
Assessment Is Anyone’s Guess: Proving GOAT Status Requires Validation
As spectators tuned in to Super Bowl LIX to indulge in American culture rife with consumerism, T. Swift, and rap feuds, the buzz was less around the game and more on determining who is pro football’s GOAT (greatest of all time).
Blog
Choose Your Own MDR Adventure: Avoid The Free-For-All Of “New” MDR Services
Managed detection and response (MDR) — without a doubt — has successfully claimed the crown of all managed security services for making and keeping clients happy.
Eliminate Your Security Gaps And Redundancies
Learn how to align your security products and services with their functions using Forrester’s Security Tools and Services Mapping (STSM).
Blog
Deepfakes: The Hidden Threat CMOs Can’t Ignore
Deepfakes are not just a distant threat; they are a present danger with the potential for long-lasting repercussions. Marketing leaders must understand how to mitigate the risks.
Blog
Tenable To Acquire Vulcan Cyber: More Consolidation In The Vulnerability Management Market
The proactive security market is consolidating further as exposure management vendor Tenable announced its intent to acquire Vulcan Cyber, a unified vulnerability management (UVM) vendor that specializes in third-party vulnerability collection, vulnerability response, and application security posture management. This acquisition demonstrates how vendors are reacting to CISOs’ continued need to unify and consolidate their fragmented […]
Blog
Breaking Down Human-Element Breaches To Improve Cybersecurity: FAQ
We are thrilled to announce our new research report, Deconstructing Human-Element Breaches, detailing the many and varied risks posed by and to humans — a problem that has plagued cybersecurity teams for decades. Forrester clients can use this research as a catalyst for productive conversations with executives and peers across functions about controls to mitigate the human-element breach types most common to their organizations and industries.
Blog
Technological And Environmental Risks Take The Top Two Spots In 2025 WEF Risk Report
Get the highlights from the World Economic Forum’s 2025 Global Risks Report and find out what it means for global risk leaders.
Blog
Highlights And Implications Of Biden’s Executive Order On Strengthening And Promoting Innovation In The Nation’s Cybersecurity
Forrester's security and risk research team breaks down the key highlights and implications of former US President Joe Biden’s 2025 Executive Order (EO) 14144 on strengthening security, improving accountability for software and cloud service providers, and promoting innovation, including use of emerging technologies.
Missed Our Tech & Security Predictions Webinar?
Watch the replay to catch up! Dive into the top 2025 predictions and discover their impact on your tech and security strategies — with exclusive insights from the analysts who conducted the research.
Podcast
Encore Presentation: How Should Business And Tech Leaders Spend In 2025?
Business and tech leaders expect (slightly) bigger budgets this year. How should they use them? On this episode of What It Means, VPs and Group Research Directors Stephanie Balaouras, Keith Johnston, and Srividya Sridharan dive into Forrester’s Budget Planning Guides’ recommendations for tech, marketing and sales, and customer experience (CX) leaders.
Blog
Protect Your Customers And Your Brand From Holiday-Fueled Phishing
As you increase your marketing message volume this holiday shopping season, so do the bad actors using generative AI tools to mimic your logo, language, and landing pages. Learn two things you can do to help reduce your exposure in this post.
Blog
Stop Defending The Three Lines Of Defense
Learn how the Forrester Continuous Risk Management Model can replace outdated risk management methods in this preview of a session at the upcoming Security & Risk Summit.
Blog
Announcing Forrester’s 2024 Security & Risk Enterprise Leadership Award Winner And Finalist
Learn more about the security strategies that helped Schneider Electric win this year’s Security & Risk Enterprise Leadership Award, which recognizes organizations that have transformed their security, privacy, and risk management functions.
Blog
Predictions 2025: AI’s Mishaps And Patchy Rules Lead To Uneven Pockets Of Trust
Patchy AI standards and regulations across the globe will result in some organizations faring better than others when it comes to building and maintaining trust. Learn more in this preview of our 2025 trust predictions.
Podcast
A Fresh Look At The Future Of The CISO
The role of the chief information security officer (CISO) is more vital than ever. But how are CISOs holding up under the spotlight, and how is the role changing? VP and Principal Analyst Jeff Pollard and Principal Analyst Jess Burn share some new research on the future of the CISO.
Blog
If You Are A Business Resilience Pro, We Need You To Answer A Few Questions!
As more worldwide operational resilience regulations take effect, the business resilience landscape is changing. Help us find out how much it's changing by completing a survey we're conducting in collaboration with the Disaster Recovery Journal.
Podcast
Lessons Learned From The CrowdStrike Outage
On July 19, an update from security software vendor CrowdStrike took down 8.5 million Windows endpoints and caused widespread chaos. In this episode, VP and Research Director Amy DeMartine and Principal Analyst Allie Mellen discuss the lessons learned from the outage and what steps security and business leaders should take as a result.
Blog
Get Visibility Into Healthcare’s Biggest Blind Spot: Concentration Risk
It’s been a banner year for healthcare, and not in a good way. As a healthcare provider, if your patients had trouble filling a prescription, if you struggled to submit claims to generate much-needed revenue, or if you had to ask a patient to reschedule a non-essential medical procedure, your organization has been a victim of healthcare concentration risk.
Blog
Announcing The Forrester Wave™: Attack Surface Management Solutions, Q3 2024
We’re excited to announce the inaugural release of a Forrester Wave™ evaluation covering attack surface management (ASM) solutions. We evaluated the 11 most significant ASM vendors in what is currently a rapidly evolving market segment. Forrester covers ASM and periphery markets such as exposure management and vulnerability risk management (VRM), as these segments all contribute […]
2025 Tech Predictions: Your Must-Have Guide
From AI’s impact to cloud evolution and smarter workflows for the SDLC and AIOps, 2025 is set to be a big year for tech. Download our Predictions guide to see if you’re on track to make the most of these changes.
Blog
Old Dogs Learn New Tricks — The Forrester Wave™: Enterprise Firewall Solutions, Q4 2024
Contrary to expectations the enterprise firewall continues to thrive. and vendors have made significant progress in keeping up with rapid innovations. Learn more in this preview of the recently published report, The Forrester Wave™: Enterprise Firewall Solutions, Q4 2024.
Blog
Visa Risk And Identity Solutions Acquires Fraud Management Vendor Featurespace
Last week, Visa announced the acquisition of Featurespace, a UK-based enterprise fraud management and anti-money-laundering (AML) vendor.
Blog
Predictions 2025: Security And Risk Pros Will Brace For Regulations And Resilience
With cybercrime expected to cost $12 trillion in 2025, regulators will take a more active role in protecting consumer data while organizations pivot to adopt more proactive security measures to limit material impacts. Find out more in our 2025 predictions for cybersecurity, risk, and privacy.
More posts