Forrester is delighted to announce the opening call for our annual Security & Risk Enterprise Leadership Award. This award recognizes organizations that have transformed their security, privacy, and risk management functions into capabilities that fuel the organization’s reputation for trust and its long-term success. In this era of volatility, a reputation for trust is essential. Our award is unique because it:

  • Celebrates the organization, not a single individual. Elevating security, privacy, and risk across the organization takes an entire team committed to having a strong vision and seeing it through. This isn’t an award that one CISO, CPO, or CRO can win on their own. It’s about the efforts of the entire organization.
  • Rewards organizations for their impact on the business. We know from our research that trusted organizations have higher potential and success. This is why trust is a core principle of Forrester’s high-performance IT approach. It’s also why this award isn’t an assessment of an organization’s security posture, controls, or certifications — these are table stakes. Instead, our award recognizes those teams that build trust deliberately with: 1) customer experiences that are secure, private, and resilient by design; 2) employee practices that both protect the organization and help it succeed; and 3) partner ecosystems that unlock innovation without exposing the organization to unnecessary risk.
  • Recognizes that no organization is perfect. No organization is immune from breaches, privacy missteps, or outages. We encourage organizations that have faced crises in the past, and that have implemented the learnings from those events to improve their organizations, to apply and share their lessons.

During the last 20 years, security, privacy, and risk have all become board-level priorities: Expanded influence, budgets, and teams have followed. We’ve made progress, but we can still do more and we must do more, especially when unprecedented AI-led tech disruption, global volatility, and economic uncertainty are increasing risks from malicious deepfakes, nation-state attacks, insider threats, and privacy abuses. These awards not only celebrate the organizations pushing the industry forward; they showcase to the world the critical importance of security, privacy, and risk management to every organization’s reputation for trust and, therefore, their success.

Who Should Apply?

Nominations for Forrester’s Security & Risk Enterprise Leadership Award are open to organizations with 1,000 or more employees in both the public and private sectors, from anywhere in the world. High-tech service providers that compete in these markets are excluded, but they can nominate clients (with those clients’ permission, of course). If you’ve experienced a crisis (a breach, outage, compliance fine, or privacy abuse) recently, we still encourage you to apply, especially if you have insights to share about how your organization handled the crisis and what you learned from the experience.

Last year’s winner for Forrester’s Security & Risk Enterprise Leadership Award was Schneider Electric. Schneider Electric stood out for its holistic approach, which includes a Trust Charter, a dedicated Trust Center, and the integration of Zero Trust principles. The company’s commitment to embedding security into product development, investing in talent development, and conducting global cyber crisis simulations further solidified its leadership in the field.

You can find more information about the award categories, plus the detailed submisstion package and instructions, here. Submissions close on July 23, 2025, and we’ll notify finalists in August. We’ll then announce finalists and award recipients ahead of Forrester’s Security & Risk Summit in North America. The award recipients will join us at the Summit and get on stage to receive and celebrate their award during the event, which will take place in Austin on November 5–7, 2025.