security risk management
With the proliferation of data and the ubiquity of connected devices, organizations can move with unmatched efficiency, but simultaneously incur increased risks. Read our insights on how security & risk professionals can succeed in this environment.
Discover how Forrester supports IT and security and risk leaders.
Insights
Blog
The Abyss Of The Salesloft-Salesforce Breach May Reach The Challenger Deep
News has been trickling out since August 20 about a security issue in Salesloft’s Drift product, a marketing and sales chatbot that integrates with CRM systems to capture and track sales opportunities. The issue started in March, when threat actors accessed Salesloft’s GitHub account and did reconnaissance, which helped them access Drift’s AWS environment and […]
Blog
Announcing The Forrester Wave™: IoT Security Solutions, Q3 2025
IoT devices are a normal part of business and personal life. In enterprises, it is estimated that there are between six and 10 IoT devices for each employee, ranging from long-standing devices, such as printers and cameras, and industry-specific devices like warehouse scanners and medical infusion pumps to modern air quality monitors and soil moisture […]
Master Risk And Lead Through Uncertainty
Attend our Security & Risk Summit to get insider access to frameworks and tools that help security professionals navigate AI attacks, understand quantum risks, and redefine resilience.
Blog
The Forrester Wave™: Secure Access Service Edge Solutions, Q3 2025 — A Market Transformed
We just released The Forrester Wave™: Secure Access Service Edge Solutions, Q3 2025, and the results mark a dramatic shift from the 2023 Wave on Zero Trust edge solutions.
Blog
Introducing Forrester AI Access: Equipping Organizations With Trusted Insights To Act Fast
Forrester AI Access is an important milestone in our AI journey, beginning with our 2023 launch of Izola. With AI Access, organizations can validate ideas, innovate, and make smarter decisions faster.
Blog
Partner For Progress: Security And HR Must Team Up For Insider Risk Management
Since insider risk is more about people than PCs, security and insider risk management pros must make an unlikely new ally: their colleagues in HR. Find out how HR can help reduce insider risk in this preview of our upcoming Security & Risk Summit.
Blog
Announcing My Latest Forrester Wave™ Covering Managed Detection And Response Services In Europe
The Forrester Wave™: Managed Detection And Response Services In Europe, Q3 2025, is live. It’s our second evaluation of the managed detection and response (MDR) space focused on the European market. It looks a bit different from our 2023 Wave, as European customers now place a greater emphasis on sovereignty, localization, speed, automation, and resilience. […]
Blog
Vibe Hacking And No-Code Ransomware: AI’s Dark Side Is Here
CISOs must recognize that AI is enabling attackers to scale operations quickly with minimal technical skill. Learn how this is happening and get four key takeaways to better defend your organization in this new era.
Get Trusted Advice — In Seconds
AI Access puts Forrester’s trusted insights at your fingertips. Validate your strategy, align your team, and get instant advice grounded in proprietary research — no digging, no delays. It’s like having a Forrester analyst by your side, 24/7.
Webinar
Virtual Roundtable: Forrester’s Technology & Security Summit Sneak Peek
Join Forrester’s analysts for an exclusive virtual roundtable. You’ll get a first look at the insights behind our upcoming Technology & Innovation and Security & Risk Summits—plus a chance to engage directly with experts and peers in a small-group setting.
Blog
Ongoing Government Uncertainty Around Cybersecurity Initiatives Is Putting Your Business At Risk
Government instability is undermining key cybersecurity programs like CyberSentry and MITRE’s CVE cataloging, putting critical infrastructure and business operations at risk. This post explores how funding cuts and conflicting AI directives are creating dangerous gaps in threat detection and response.
Blog
Black Hat 2025: Troop Forrester Goes To Hacker Summer Camp
2025 marks the 28th year of Black Hat, and although it remains on the edgier side of corporate-focused cybersecurity conferences, it sometimes feels like the event is considering completely ditching its hoodie in favor of a collared shirt.
Blog
The Real Future Of Proactive Security Isn’t Finding Exposures — It’s Fixing Them
Visibility, prioritization, and remediation will always be the foundation of your proactive program, but many orgs still struggle to optimize all three principles in an integrated fashion. Learn how to prepare your security teams for the future of proactive security in this preview of a keynote at our upcoming Security & Risk Summit.
Blog
Navigating Cyber Regulatory Purgatory Using AI
As cyber regulations continue to multiply, cyber and risk professionals need to make choices about how they comply with cyber regulations that conflict with each other. Find out how generative AI can help in this preview of our upcoming Security & Risk Summit.
New For 2026! Security Budget Planning Guide + Workbook
Prepare your 2026 security budget for critical risks. Get our budget planning guide and workbook to assess, prioritize, and implement investments for fortified security in uncertain times.
Blog
Human Risk Management: From Talk To Action In 18 Months
Since its launch, human risk management has blossomed into a distinct and expanding market, attracting the interest and budget of many organizations. Learn about the fast evolution of HRM in this preview of our upcoming Security & Risk Summit.
Blog
From Digital Sovereignty Platforms To Sovereign Cloud Platforms: Three Reasons For A Title Change
Learn how increased complexity and additional market factors led us to rethink the title of our upcoming Forrester Landscape report on digital sovereignty platforms
Blog
Introducing AEGIS — The Guardrails That CISOs Need For The Agentic Enterprise
AI agents aren’t coming — they’re already here. And they’re not waiting for your security architecture to catch up. Learn how Forrester's new AEGIS framework can help CISOs secure, govern, and manage AI agents and agentic infrastructure.
Blog
Master Risk And Conquer Chaos At Forrester’s Security & Risk Summit
For leaders in security, risk, and privacy, this year has been different, with a new level of volatility fueled by geopolitics, new regulatory hurdles, relentless AI disruption, and looming quantum threats. Learn how Forrester’s Security & Risk Summit 2025 can empower you to stay ahead of the chaos, take the right risks, and secure your organization.
Blog
Announcing The Forrester Wave™: Unified Vulnerability Management Solutions, Q3 2025
Vulnerability management is undergoing a seismic shift. The risk-based prioritization from vulnerability risk management (VRM) has combined with attack surface management (ASM) to form exposure management and continuous security testing — two emerging practices that prioritize visibility and prioritization over remediation and response.
Master Your 2026 Budget With Our Ultimate Guides And Tools
Plan smarter to thrive in 2026! Access planning guides, workbooks, webinars, and resources to invest wisely, cut costs, and maximize your budget impact — even in uncertain times.
Blog
100% Accuracy On Weather Predictions? Well, No, But You Are In Control Of Your Organizational Resilience
This week the UN court said countries must address the “urgent and existential threat” of climate change. It’s easy to see from weather events why this is more urgent than ever before.
Blog
AI Regulations Clear Major Hurdles On Both Sides Of The Atlantic
July has marked a defining moment for global AI regulation, as policymakers in both the US and the EU removed or abandoned some heavy roadblocks that stood in the way of laws mandating transparency and regulations enshrining risk management.
Blog
Build Your Proactive Security Program By Matching Attacker Velocity
Effective security must mirror attacker agility. Learn how to think like an attacker and build a proactive security strategy in this preview of our upcoming Technology & Innovation Summit EMEA.
More posts