security risk management
With the proliferation of data and the ubiquity of connected devices, organizations can move with unmatched efficiency, but simultaneously incur increased risks. Read our insights on how security & risk professionals can succeed in this environment.
Discover how Forrester supports IT and security and risk leaders.
Insights
Blog
Ongoing Government Uncertainty Around Cybersecurity Initiatives Is Putting Your Business At Risk
Government instability is undermining key cybersecurity programs like CyberSentry and MITRE’s CVE cataloging, putting critical infrastructure and business operations at risk. This post explores how funding cuts and conflicting AI directives are creating dangerous gaps in threat detection and response.
Blog
Black Hat 2025: Troop Forrester Goes To Hacker Summer Camp
2025 marks the 28th year of Black Hat, and although it remains on the edgier side of corporate-focused cybersecurity conferences, it sometimes feels like the event is considering completely ditching its hoodie in favor of a collared shirt.
Summer Team Up: Security & Risk Summit
This August, seize the opportunity to elevate your team! Buy one pass for Security & Risk Summit and get one free. Don’t wait — reserve your passes today!
Blog
The Real Future Of Proactive Security Isn’t Finding Exposures — It’s Fixing Them
Visibility, prioritization, and remediation will always be the foundation of your proactive program, but many orgs still struggle to optimize all three principles in an integrated fashion. Learn how to prepare your security teams for the future of proactive security in this preview of a keynote at our upcoming Security & Risk Summit.
Blog
Navigating Cyber Regulatory Purgatory Using AI
As cyber regulations continue to multiply, cyber and risk professionals need to make choices about how they comply with cyber regulations that conflict with each other. Find out how generative AI can help in this preview of our upcoming Security & Risk Summit.
Blog
Human Risk Management: From Talk To Action In 18 Months
Since its launch, human risk management has blossomed into a distinct and expanding market, attracting the interest and budget of many organizations. Learn about the fast evolution of HRM in this preview of our upcoming Security & Risk Summit.
Blog
From Digital Sovereignty Platforms To Sovereign Cloud Platforms: Three Reasons For A Title Change
Learn how increased complexity and additional market factors led us to rethink the title of our upcoming Forrester Landscape report on digital sovereignty platforms
Blog
Introducing AEGIS — The Guardrails That CISOs Need For The Agentic Enterprise
AI agents aren’t coming — they’re already here. And they’re not waiting for your security architecture to catch up. Learn how Forrester's new AEGIS framework can help CISOs secure, govern, and manage AI agents and agentic infrastructure.
New For 2026! Security Budget Planning Guide + Workbook
Prepare your 2026 security budget for critical risks. Get our budget planning guide and workbook to assess, prioritize, and implement investments for fortified security in uncertain times.
Blog
Master Risk And Conquer Chaos At Forrester’s Security & Risk Summit
For leaders in security, risk, and privacy, this year has been different, with a new level of volatility fueled by geopolitics, new regulatory hurdles, relentless AI disruption, and looming quantum threats. Learn how Forrester’s Security & Risk Summit 2025 can empower you to stay ahead of the chaos, take the right risks, and secure your organization.
Blog
Announcing The Forrester Wave™: Unified Vulnerability Management Solutions, Q3 2025
Vulnerability management is undergoing a seismic shift. The risk-based prioritization from vulnerability risk management (VRM) has combined with attack surface management (ASM) to form exposure management and continuous security testing — two emerging practices that prioritize visibility and prioritization over remediation and response.
Blog
100% Accuracy On Weather Predictions? Well, No, But You Are In Control Of Your Organizational Resilience
This week the UN court said countries must address the “urgent and existential threat” of climate change. It’s easy to see from weather events why this is more urgent than ever before.
Blog
AI Regulations Clear Major Hurdles On Both Sides Of The Atlantic
July has marked a defining moment for global AI regulation, as policymakers in both the US and the EU removed or abandoned some heavy roadblocks that stood in the way of laws mandating transparency and regulations enshrining risk management.
Blog
Build Your Proactive Security Program By Matching Attacker Velocity
Effective security must mirror attacker agility. Learn how to think like an attacker and build a proactive security strategy in this preview of our upcoming Technology & Innovation Summit EMEA.
Master Your 2026 Budget With Our Ultimate Guides And Tools
Plan smarter to thrive in 2026! Access planning guides, workbooks, webinars, and resources to invest wisely, cut costs, and maximize your budget impact — even in uncertain times.
Blog
Security Planning 2026: Budget To Manage Volatility, Seize Opportunities, And Avoid Threats
Security and risk leaders face an uncertain road ahead in 2026. Wild market swings, geopolitical tensions, and increased cybersecurity threats mean that security and risk leaders must build resilient plans and make bold moves to turn volatility into opportunity. Learn how our Budget Planning Guide for security and risk leaders can help.
Blog
Budget Boom Or Budget Bust? Be Ready For Both In 2026
Though volatility has tempered budget expectations, business and tech leaders should prepare for the unexpected. Forrester’s 2026 Budget Planning Guides can help you make the right strategic moves this budget planning season.
Blog
What’s Hot For Enterprise Fraud Management In APAC In 2025
As AI-driven threats increase across the APAC region, so do enterprise fraud management technologies. Find out what fraud management professionals in APAC should pay attention to when evaluating solutions and vendors.
Blog
Your Zero Trust Strategy Needs An Adversarial Perspective
As IT environments become more complex and alert fatigue grows, the solution isn’t more controls — it’s systematic testing through an attacker’s lens. Find out how your Zero Trust strategy can benefit from this approach in this preview of a new report.
Blog
What International Customers Should Know About Microsoft’s Sovereign Cloud Offerings
Given the increasingly volatile geopolitical environment, Microsoft customers are requesting more details on the company’s digital sovereignty posture. Consequently, Microsoft has now updated its sovereign cloud offerings to include details for Sovereign Public Cloud, Sovereign Private Cloud, and National Partner Cloud. Find out what this means and how it may impact your strategy in this post.
Blog
How To Choose A Security Platform Without Getting Burned
Not all security platforms are created equal. CISOs and security pros can get five tips on selecting a security platform in this preview of a new report.
Blog
Pause Innovation Now And Pay The Price Later: Why AI Readiness Can’t Wait
Even as volatility abounds, business and technology leaders must stay laser-focused on building a strong AI foundation. The first blog in our new quarterly Bold Stances series offers some guidance.
Blog
Announcing The Forrester Wave™: Security Analytics Platforms, Q2 2025 — The SIEM Vs. XDR Fight Intensifies
Find out how our latest analysis of the security analytics platforms space illustrates the dramatic changes this market is undergoing as legacy SIEM vendors are locked in heated competition with surging XDR providers.
More posts