Forrester’s Security Consequence Management Framework

June 30th, 2023

With contributors:

Joseph Blankenship , Aidan Riga , Bill Nagel

Summary

Security teams debate whether to punish employees who fail phishing simulations or cybersecurity quizzes or fall victim to scams such as business email compromise. Punishments for offenders range from severe sanctions such as discipline or termination to milder ones like forcing them to sit through additional training. Security leaders find it difficult to tread the line between punitive action, showing empathy to employees, and getting the right level of engagement. This report helps security leaders determine the appropriate consequences to apply when employees err, depending on the frequency and severity of the mistake.

Want to read the full report?

This report is not available for purchase at this time.

Forrester helps business and technology leaders use customer obsession to accelerate growth. That means empowering you to put the customer at the center of everything you do: your leadership strategy, and operations. Becoming a customer-obsessed organization requires change — it requires being bold. We give business and technology leaders the confidence to put bold into action, shaping and guiding how to navigate today's unprecedented change in order to succeed.

Forrester’s Security Consequence Management Framework

Address Cybersecurity Errors With Appropriate Consequences

Summary

Want to read the full report?