security risk management

With the proliferation of data and the ubiquity of connected devices, organizations can move with unmatched efficiency, but simultaneously incur increased risks. Read our insights on how security & risk professionals can succeed in this environment.

Discover how Forrester supports IT and security and risk leaders.

Insights

Blog

Ongoing Government Uncertainty Around Cybersecurity Initiatives Is Putting Your Business At Risk

Paddy Harrington 4 days ago
Government instability is undermining key cybersecurity programs like CyberSentry and MITRE’s CVE cataloging, putting critical infrastructure and business operations at risk. This post explores how funding cuts and conflicting AI directives are creating dangerous gaps in threat detection and response.
Blog

Black Hat 2025: Troop Forrester Goes To Hacker Summer Camp

James Plouffe August 13, 2025
2025 marks the 28th year of Black Hat, and although it remains on the edgier side of corporate-focused cybersecurity conferences, it sometimes feels like the event is considering completely ditching its hoodie in favor of a collared shirt.

Summer Team Up: Security & Risk Summit

This August, seize the opportunity to elevate your team! Buy one pass for Security & Risk Summit and get one free. Don’t wait — reserve your passes today!

Blog

The Real Future Of Proactive Security Isn’t Finding Exposures — It’s Fixing Them

Erik Nost August 12, 2025
Visibility, prioritization, and remediation will always be the foundation of your proactive program, but many orgs still struggle to optimize all three principles in an integrated fashion. Learn how to prepare your security teams for the future of proactive security in this preview of a keynote at our upcoming Security & Risk Summit.
Blog

Navigating Cyber Regulatory Purgatory Using AI

Paul McKay August 12, 2025
As cyber regulations continue to multiply, cyber and risk professionals need to make choices about how they comply with cyber regulations that conflict with each other. Find out how generative AI can help in this preview of our upcoming Security & Risk Summit.
Blog

Human Risk Management: From Talk To Action In 18 Months

Jinan Budge August 12, 2025
Since its launch, human risk management has blossomed into a distinct and expanding market, attracting the interest and budget of many organizations. Learn about the fast evolution of HRM in this preview of our upcoming Security & Risk Summit.
Blog

From Digital Sovereignty Platforms To Sovereign Cloud Platforms: Three Reasons For A Title Change

Dario Maisto August 11, 2025
Learn how increased complexity and additional market factors led us to rethink the title of our upcoming Forrester Landscape report on digital sovereignty platforms
Blog

Introducing AEGIS — The Guardrails That CISOs Need For The Agentic Enterprise

Jeff Pollard August 4, 2025
AI agents aren’t coming — they’re already here. And they’re not waiting for your security architecture to catch up. Learn how Forrester's new AEGIS framework can help CISOs secure, govern, and manage AI agents and agentic infrastructure.

New For 2026! Security Budget Planning Guide + Workbook

Prepare your 2026 security budget for critical risks. Get our budget planning guide and workbook to assess, prioritize, and implement investments for fortified security in uncertain times.

Blog

Master Risk And Conquer Chaos At Forrester’s Security & Risk Summit

Amy DeMartine July 31, 2025
For leaders in security, risk, and privacy, this year has been different, with a new level of volatility fueled by geopolitics, new regulatory hurdles, relentless AI disruption, and looming quantum threats. Learn how Forrester’s Security & Risk Summit 2025 can empower you to stay ahead of the chaos, take the right risks, and secure your organization.
Blog

Announcing The Forrester Wave™: Unified Vulnerability Management Solutions, Q3 2025

Erik Nost July 29, 2025
Vulnerability management is undergoing a seismic shift. The risk-based prioritization from vulnerability risk management (VRM) has combined with attack surface management (ASM) to form exposure management and continuous security testing — two emerging practices that prioritize visibility and prioritization over remediation and response.
Blog

100% Accuracy On Weather Predictions? Well, No, But You Are In Control Of Your Organizational Resilience

Amy DeMartine July 25, 2025
This week the UN court said countries must address the “urgent and existential threat” of climate change. It’s easy to see from weather events why this is more urgent than ever before.
Blog

AI Regulations Clear Major Hurdles On Both Sides Of The Atlantic

Enza Iannopollo July 23, 2025
July has marked a defining moment for global AI regulation, as policymakers in both the US and the EU removed or abandoned some heavy roadblocks that stood in the way of laws mandating transparency and regulations enshrining risk management.
Blog

Build Your Proactive Security Program By Matching Attacker Velocity

Tope Olufon July 17, 2025
Effective security must mirror attacker agility. Learn how to think like an attacker and build a proactive security strategy in this preview of our upcoming Technology & Innovation Summit EMEA.

Master Your 2026 Budget With Our Ultimate Guides And Tools

Plan smarter to thrive in 2026! Access planning guides, workbooks, webinars, and resources to invest wisely, cut costs, and maximize your budget impact — even in uncertain times.

Blog

Security Planning 2026: Budget To Manage Volatility, Seize Opportunities, And Avoid Threats

Jess Burn July 15, 2025
Security and risk leaders face an uncertain road ahead in 2026. Wild market swings, geopolitical tensions, and increased cybersecurity threats mean that security and risk leaders must build resilient plans and make bold moves to turn volatility into opportunity. Learn how our Budget Planning Guide for security and risk leaders can help.
Blog

Budget Boom Or Budget Bust? Be Ready For Both In 2026

Sharyn Leaver July 15, 2025
Though volatility has tempered budget expectations, business and tech leaders should prepare for the unexpected. Forrester’s 2026 Budget Planning Guides can help you make the right strategic moves this budget planning season.
Blog

What’s Hot For Enterprise Fraud Management In APAC In 2025

Meng Liu July 1, 2025
As AI-driven threats increase across the APAC region, so do enterprise fraud management technologies. Find out what fraud management professionals in APAC should pay attention to when evaluating solutions and vendors.
Blog

Your Zero Trust Strategy Needs An Adversarial Perspective

Tope Olufon June 30, 2025
As IT environments become more complex and alert fatigue grows, the solution isn’t more controls — it’s systematic testing through an attacker’s lens. Find out how your Zero Trust strategy can benefit from this approach in this preview of a new report.
Blog

What International Customers Should Know About Microsoft’s Sovereign Cloud Offerings

Dario Maisto June 30, 2025
Given the increasingly volatile geopolitical environment, Microsoft customers are requesting more details on the company’s digital sovereignty posture. Consequently, Microsoft has now updated its sovereign cloud offerings to include details for Sovereign Public Cloud, Sovereign Private Cloud, and National Partner Cloud. Find out what this means and how it may impact your strategy in this post.
Blog

How To Choose A Security Platform Without Getting Burned

Jeff Pollard June 27, 2025
Not all security platforms are created equal. CISOs and security pros can get five tips on selecting a security platform in this preview of a new report.
Blog

Pause Innovation Now And Pay The Price Later: Why AI Readiness Can’t Wait

Stephanie Balaouras June 26, 2025
Even as volatility abounds, business and technology leaders must stay laser-focused on building a strong AI foundation. The first blog in our new quarterly Bold Stances series offers some guidance.
Blog

Announcing The Forrester Wave™: Security Analytics Platforms, Q2 2025 — The SIEM Vs. XDR Fight Intensifies

Allie Mellen June 24, 2025
Find out how our latest analysis of the security analytics platforms space illustrates the dramatic changes this market is undergoing as legacy SIEM vendors are locked in heated competition with surging XDR providers.
More posts