risk management
“No risk, no reward,” may be true, but unnecessary risk is . . . well, unnecessary. Read our insights on risk management and mitigation.
Insights
Blog
Overregulation Forges A CISO Coalition With The G7 Letter
A coalition of over 40 chief information security officers (CISOs) from leading companies, including Salesforce, Microsoft, AWS, Mastercard, and Siemens, sent a letter to the G7 and OECD, urging them to take action on aligning international cybersecurity regulations. This move signals a strategic shift: CISOs are no longer only responsible for internal controls but are […]
Blog
Global Tariffs: Dynamic Risk Management Meets Its Moment
The recent introduction of US-imposed tariffs has shaken global trade. While economists and financial analysts debate whether this on-again/off-again trade war fits into their model for geopolitical, economic, or supply chain risks, the result is the same: uncertainty and chaos sure to shake up business strategy for the foreseeable future. This new era of volatility […]
Turn Uncertainty Into Opportunity
Market volatility isn’t a roadblock — it’s your launchpad. With Forrester’s expert resources, you can optimize costs, lead with confidence, and turn challenges into growth.
Blog
Government Leaders: Prioritize Cyber Efficiency Amid Federal Volatility
Government agencies at the federal, state, and local levels must prepare for a future where they experience uncertainty, headcount reductions, contract cancellations, and budget cuts. This is gut-wrenchingly difficult to process, yet remaining leaders must figure out how to move forward to serve the mission. For public sector cybersecurity leaders, this is even more paramount. […]
Blog
Announcing Forrester’s Security & Risk Enterprise Leadership Award
Forrester is delighted to announce the opening call for our annual Security & Risk Enterprise Leadership Award. This award recognizes organizations that have transformed their security, privacy, and risk management functions into capabilities that fuel the organization’s reputation for trust and its long-term success.
Blog
The Tech Exec’s Guide To Decoding Cybersecurity Vendor Performance
Forrester analyzed the earnings calls of the 10 largest cybersecurity vendors by market cap and identified key trends for technology executives.
Blog
New Year, New Us: Introducing Forrester’s International Security & Risk Team Research
Dive into our backgrounds, existing research, and capabilities. As a team, we cover a multitude of security and risk priorities. We are also geographically distributed; no one else is as uniquely positioned to add this level of global perspective to our research and our clients.
Blog
Step Right Up: To Manage Volatility, You’re All Risk Leaders Now!
While business volatility tests resilience, it also creates opportunities. Learn three ways to make your risk management efforts more targeted and effective.
Turn Uncertainty Into Opportunity
Market volatility isn’t a roadblock — it’s your launchpad. With Forrester’s expert resources, you can optimize costs, lead with confidence, and turn challenges into growth.
Blog
How CISOs Can Thrive Amid Economic Volatility
In today’s unpredictable economic climate, CISOs face familiar — but intensified — challenges. Get some actionable insights to help navigate through turbulent times in this preview of a new report.
Blog
VMware/Siemens: A Cautionary Tale About The Risks Of Software And Services Licensing
Litigation has become the default method for companies to resolve disagreements, force accountability, and establish recourse for everything from breach-related failures to contractual disagreements. A recent lawsuit filed by VMware (now owned by Broadcom) against its customer, Siemens’ US operations, for alleged use of unlicensed software is not unique and should serve as a stark […]
Blog
To Thrive Through Volatility, Master These Three Areas
There’s no end in sight for the current disruption, but making the right strategic moves will help you come out ahead.
Podcast
Finally, An Alternative To 3LOD: Meet Continuous Risk Management
For more than a decade, risk managers have been trying to use the three lines of defense (3LOD) framework for enterprise risk management. But it was never meant for that. In this episode, Senior Analysts Alla Valente and Cody Scott walk through the new Forrester Continuous Risk Management Model, a more holistic and business-centric risk management approach.
Blog
Top Recommendations For CISOs In 2025: Deal With Uncertainty … Again
The security landscape continues to evolve, as does global uncertainty, leaving CISOs preparing for turbulence ahead.
Showcase Your Security & Risk Innovation With A Forrester Award
Get recognized for excellence in security, privacy, and risk innovation. Apply for a Forrester Security & Risk Enterprise Leadership Award to celebrate your success in creating resilient operations. Apply by July 23, 2025.
Blog
The Insurance Industry’s Data Posture Is An Existential Risk
Insurers collect a wealth of data, but only a few have found ways to harness its true potential. Most insurance business and technology leaders have very low confidence in their data assets’ ability to meet customer and competitive demands. Almost all incumbent insurance companies support disparate lines of business and individual parts of the value […]
Blog
Quantum Security Isn’t Hype — Every Security Leader Needs It
The commercial availability of quantum computers that can compromise traditional asymmetric cryptography is still five to 10 years away. But security and risk (S&R) professionals must assess and prepare for the impact of quantum security now.
Blog
Contract Lifecycle Management Is The Bridge Between Strategy And Reality — Choose Wisely To Thrive In Uncertainty
In under two months of 2025, organizations face a battery of changing regulations, new tariffs, and economic uncertainty … all while trying to stay competitive, remain resilient, and execute on their AI strategy. Here’s the good news: How well your organization deals with risk, crisis, and operations opportunity will largely depend on … you guessed […]
Blog
Accessibility Is Still Vital For Businesses
Accessibility is still vital for businesses despite recent federal actions.
Blog
Technological And Environmental Risks Take The Top Two Spots In 2025 WEF Risk Report
Get the highlights from the World Economic Forum’s 2025 Global Risks Report and find out what it means for global risk leaders.
Blog
A Run On The Bank: Lack Of Headline Failures Hasn’t Changed Consumer Attitudes
When Silicon Valley, Signature and First Republic failed last year four out of five US online consumers knew about it. This year, bank failures have been less visible. Find out why and what to expect in the future.
Blog
Stop Defending The Three Lines Of Defense
Learn how the Forrester Continuous Risk Management Model can replace outdated risk management methods in this preview of a session at the upcoming Security & Risk Summit.
Blog
Retailers: Adopt Three Application Security Technologies Now
Three application security technologies are key for retailers to adopt before the holiday season.
More posts