security risk management

With the proliferation of data and the ubiquity of connected devices, organizations can move with unmatched efficiency, but simultaneously incur increased risks. Read our insights on how security & risk professionals can succeed in this environment.

Discover how Forrester supports IT leaders.

Insights

Blog

Assessment Is Anyone’s Guess: Proving GOAT Status Requires Validation

Erik Nost February 11, 2025
As spectators tuned in to Super Bowl LIX to indulge in American culture rife with consumerism, T. Swift, and rap feuds, the buzz was less around the game and more on determining who is pro football’s GOAT (greatest of all time).
Blog

Choose Your Own MDR Adventure: Avoid The Free-For-All Of “New” MDR Services

Jeff Pollard February 4, 2025
Managed detection and response (MDR) — without a doubt — has successfully claimed the crown of all managed security services for making and keeping clients happy.

Eliminate Your Security Gaps And Redundancies

Learn how to align your security products and services with their functions using Forrester’s Security Tools and Services Mapping (STSM).

Blog

Deepfakes: The Hidden Threat CMOs Can’t Ignore

Karen Tran January 31, 2025
Deepfakes are not just a distant threat; they are a present danger with the potential for long-lasting repercussions. Marketing leaders must understand how to mitigate the risks.
Blog

Tenable To Acquire Vulcan Cyber: More Consolidation In The Vulnerability Management Market

Erik Nost January 30, 2025
The proactive security market is consolidating further as exposure management vendor Tenable announced its intent to acquire Vulcan Cyber, a unified vulnerability management (UVM) vendor that specializes in third-party vulnerability collection, vulnerability response, and application security posture management. This acquisition demonstrates how vendors are reacting to CISOs’ continued need to unify and consolidate their fragmented […]
Blog

Breaking Down Human-Element Breaches To Improve Cybersecurity: FAQ

Jinan Budge January 28, 2025
We are thrilled to announce our new research report, Deconstructing Human-Element Breaches, detailing the many and varied risks posed by and to humans — a problem that has plagued cybersecurity teams for decades. Forrester clients can use this research as a catalyst for productive conversations with executives and peers across functions about controls to mitigate the human-element breach types most common to their organizations and industries.
Blog

Technological And Environmental Risks Take The Top Two Spots In 2025 WEF Risk Report

Paul McKay January 24, 2025
Get the highlights from the World Economic Forum’s 2025 Global Risks Report and find out what it means for global risk leaders.
Blog

Highlights And Implications Of Biden’s Executive Order On Strengthening And Promoting Innovation In The Nation’s Cybersecurity

Heidi Shey January 21, 2025
Forrester's security and risk research team breaks down the key highlights and implications of former US President Joe Biden’s 2025 Executive Order (EO) 14144 on strengthening security, improving accountability for software and cloud service providers, and promoting innovation, including use of emerging technologies.

Missed Our Tech & Security Predictions Webinar?

Watch the replay to catch up! Dive into the top 2025 predictions and discover their impact on your tech and security strategies — with exclusive insights from the analysts who conducted the research.

Podcast

Encore Presentation: How Should Business And Tech Leaders Spend In 2025?

What It Means January 2, 2025
Business and tech leaders expect (slightly) bigger budgets this year. How should they use them? On this episode of What It Means, VPs and Group Research Directors Stephanie Balaouras, Keith Johnston, and Srividya Sridharan dive into Forrester’s Budget Planning Guides’ recommendations for tech, marketing and sales, and customer experience (CX) leaders.
Blog

Protect Your Customers And Your Brand From Holiday-Fueled Phishing

Jess Burn December 2, 2024
As you increase your marketing message volume this holiday shopping season, so do the bad actors using generative AI tools to mimic your logo, language, and landing pages. Learn two things you can do to help reduce your exposure in this post.
Blog

Stop Defending The Three Lines Of Defense

Cody Scott November 14, 2024
Learn how the Forrester Continuous Risk Management Model can replace outdated risk management methods in this preview of a session at the upcoming Security & Risk Summit.
Blog

Announcing Forrester’s 2024 Security & Risk Enterprise Leadership Award Winner And Finalist

Stephanie Balaouras November 14, 2024
Learn more about the security strategies that helped Schneider Electric win this year’s Security & Risk Enterprise Leadership Award, which recognizes organizations that have transformed their security, privacy, and risk management functions.
Blog

Predictions 2025: AI’s Mishaps And Patchy Rules Lead To Uneven Pockets Of Trust

Audrey Chee-Read October 22, 2024
Patchy AI standards and regulations across the globe will result in some organizations faring better than others when it comes to building and maintaining trust. Learn more in this preview of our 2025 trust predictions.
Podcast

A Fresh Look At The Future Of The CISO

What It Means October 17, 2024
The role of the chief information security officer (CISO) is more vital than ever. But how are CISOs holding up under the spotlight, and how is the role changing? VP and Principal Analyst Jeff Pollard and Principal Analyst Jess Burn share some new research on the future of the CISO.
Blog

If You Are A Business Resilience Pro, We Need You To Answer A Few Questions!

Amy DeMartine October 16, 2024
As more worldwide operational resilience regulations take effect, the business resilience landscape is changing. Help us find out how much it's changing by completing a survey we're conducting in collaboration with the Disaster Recovery Journal.
Podcast

Lessons Learned From The CrowdStrike Outage

What It Means October 10, 2024
On July 19, an update from security software vendor CrowdStrike took down 8.5 million Windows endpoints and caused widespread chaos. In this episode, VP and Research Director Amy DeMartine and Principal Analyst Allie Mellen discuss the lessons learned from the outage and what steps security and business leaders should take as a result.
Blog

Get Visibility Into Healthcare’s Biggest Blind Spot: Concentration Risk

Alla Valente October 9, 2024
It’s been a banner year for healthcare, and not in a good way. As a healthcare provider, if your patients had trouble filling a prescription, if you struggled to submit claims to generate much-needed revenue, or if you had to ask a patient to reschedule a non-essential medical procedure, your organization has been a victim of healthcare concentration risk.
Blog

Announcing The Forrester Wave™: Attack Surface Management Solutions, Q3 2024

Erik Nost October 8, 2024
We’re excited to announce the inaugural release of a Forrester Wave™ evaluation covering attack surface management (ASM) solutions. We evaluated the 11 most significant ASM vendors in what is currently a rapidly evolving market segment. Forrester covers ASM and periphery markets such as exposure management and vulnerability risk management (VRM), as these segments all contribute […]

2025 Tech Predictions: Your Must-Have Guide

From AI’s impact to cloud evolution and smarter workflows for the SDLC and AIOps, 2025 is set to be a big year for tech. Download our Predictions guide to see if you’re on track to make the most of these changes.

Blog

Old Dogs Learn New Tricks — The Forrester Wave™: Enterprise Firewall Solutions, Q4 2024

Carlos Rivera October 7, 2024
Contrary to expectations the enterprise firewall continues to thrive. and vendors have made significant progress in keeping up with rapid innovations. Learn more in this preview of the recently published report, The Forrester Wave™: Enterprise Firewall Solutions, Q4 2024.
Blog

Visa Risk And Identity Solutions Acquires Fraud Management Vendor Featurespace

Andras Cser October 2, 2024
Last week, Visa announced the acquisition of Featurespace, a UK-based enterprise fraud management and anti-money-laundering (AML) vendor.
Blog

Predictions 2025: Security And Risk Pros Will Brace For Regulations And Resilience

Cody Scott October 1, 2024
With cybercrime expected to cost $12 trillion in 2025, regulators will take a more active role in protecting consumer data while organizations pivot to adopt more proactive security measures to limit material impacts. Find out more in our 2025 predictions for cybersecurity, risk, and privacy.
More posts