How To Report

Forrester’s Security Consequence Management Framework

Address Cybersecurity Errors With Appropriate Consequences

 and  three contributors
Jun 30, 2023

Summary

Security teams debate whether to punish employees who fail phishing simulations or cybersecurity quizzes or fall victim to scams such as business email compromise. Punishments for offenders range from severe sanctions such as discipline or termination to milder ones like forcing them to sit through additional training. Security leaders find it difficult to tread the line between punitive action, showing empathy to employees, and getting the right level of engagement. This report helps security leaders determine the appropriate consequences to apply when employees err, depending on the frequency and severity of the mistake.

Log in to continue reading
Client log in
Welcome back. Log in to your account to continue reading this research.
Become a client
Become a client today for these benefits:
  • Stay ahead of changing market and customer dynamics with the latest insights.
  • Partner with expert analysts to make progress on your top initiatives.
  • Get answers from trusted research using Izola, Forrester's genAI tool.