Renee Murphy, Principal Analyst and Allie Mellen, Senior Analyst

Show notes:

How much have geopolitical tensions and issues changed your firm’s security strategies? Does your standard risk assessment consider geopolitical issues? It probably should. This week Principal Analyst Renee Murphy and Senior Analyst Allie Mellen provide their insights into how security pros can better assess their organization’s exposure to geopolitical risks and mitigate the impact of those risks.

Mellen starts off by providing Forrester’s definition of geopolitical risk and what it means to security pros. The discussion quickly moves into how CISOs can improve assessment of this risk. Murphy says any risk registry should include questions about geopolitical risk and the relevant mitigation strategies because, in her estimation, the majority of risks listed in the registry could have a geopolitical component.

Then Mellen walks through what a geopolitical risk modelling exercise should include. Geopolitical risks pose a unique challenge because without the insight governments may have, companies can’t easily predict when or where they may strike. The analysts also discuss how CISOs should deal with the possibility of Russian cyberattacks as a result of the Russia-Ukraine war.

The episode closes with a discussion of common mistakes security teams make in assessing their most likely geopolitical risks and predicting their potential impact to the organization. It’s tricky business, but as a guiding principle, Mellen says all decision-making in these areas should be aligned with your brand’s values and focused on how you can maintain trust with customers, employees, and partners.

If this topic interests you, be sure to check out Forrester’s upcoming Security & Risk event Nov. 8 – 9 in Washington, D.C. and online where these analysts will dive deeper into the topic.