Chris McClean

Vice President, Research Director

Forrester Bio

Christopher McClean

Author Insights

BLOG

Join Us At Forrester's Privacy & Security 2018 Forum

Chris McClean August 8, 2018

Those of us who care about cybersecurity and privacy are a special breed. As long as these disciplines have been around, technologies have gotten more complex, threats have gotten more dangerous, and expectations have skyrocketed. Yet we have not simply persevered; we are now guiding top executives and policymakers to think differently about business models […]

Read More
BLOG

Why Carl Jung Would Criticize Today’s Value-Based Marketing

Chris McClean January 22, 2018

GUEST BLOG POST, FROM DREW GREEN As a voracious media consumer, I’m exposed to a mind-numbing amount of advertising. Enough that trends start to emerge. One recent trend standing out more than others is an influx of “cause marketing” tactics, where brands incorporate their values into their messaging. Look no further than the composition of […]

Read More
BLOG

Lacking Smart Third-Party Risk Regulation, JP Morgan Chase, Bank Of America, Wells Fargo, And American Express Create Company: TruSight

Chris McClean November 15, 2017

  The third-party ecosystem continues to flummox risk managers. Regulators keep pushing for stronger oversight, but they fail to offer real standards or tools to make this possible. What’s worse, technology and service providers  have only helped large companies become more efficient at asking their third parties hundreds of questions; which means these third parties […]

Read More
BLOG

Forrester’s Privacy And Security Forum Brings Diverse Experts To Devious Challenges

Chris McClean September 8, 2017

Well, the privacy hits keep coming: another breach, more than a hundred million people affected, untold losses for another company and its customers. Next week, September 14-15 in Washington DC, Forrester is gathering experts in cybersecurity, privacy, customer experience, regulatory compliance, identity management, personalization, and a range of other related topics to bring clarity to […]

Read More
BLOG

Will The RSA Conference 2017 Make You A Better Security Pro?

Chris McClean February 13, 2017

Today kicks off what’s always an exciting week for the infosec industry; in between meeting old and new friend at the RSA Conference, we’ll hopefully hear about practical new ideas, technologies, and opportunities for better managing information risk. Coincidentally, I’m proud to announce a new report highlighting the best tactics CISOs and security leaders are […]

Read More
BLOG

Tough Decisions Made By Uber, Starbucks, Microsoft, Etc. Foretell Of Future Risk And Compliance Challenges

Chris McClean February 6, 2017

In the past two weeks, we’ve seen Uber’s CEO respond to public criticism by stepping down from President Trump’s advisory council; Starbucks garner public support and condemnation after promising to hire 10,000 refugees; and tech giants including Google, Apple, Facebook, and Microsoft rally together to oppose the President’s recent immigration ban. In the past month, […]

Read More
BLOG

Apple Did The Right Thing To Defend Customer Privacy, But It Will Make Security And Risk Management More Difficult For You

Chris McClean February 18, 2016

Apple's refusal to follow a court order to support the FBI's San Bernardino shooter investigation was the right move for the company and for its customers, as my colleagues and I cover in Fatemeh Khatibloo's blog post here, and in our full, detailed report, here. As we discuss, there are many constituents with a large […]

Read More
BLOG

RSA Conference 2015 – What We Hope And What We Expect To Hear

Chris McClean April 13, 2015

Forrester’s Security and Risk team will have a lot of analysts out once again for this year’s RSA Conference. After all these years (12 for me!) we have to balance our excitement to see old friends and colleagues with our cynicism that says it will be a week of empty buzzwords just slightly updated from […]

Read More
BLOG

Are Corporations Getting More Responsible? Risk Management And Customer Obsession Are Pushing Them To

Chris McClean December 12, 2014

Casual spectators of business behavior can't help being jaded; every day they see news stories about corporate fraud, security breaches, delayed safety recalls, and other sorts of general malfeasance. But what they don't see is the renewed time and investment companies around the world are putting  toward implementing and reporting on responsible behavior (this less […]

Read More
BLOG

Announcing The Forrester Wave: Governance, Risk, And Compliance Platforms, Q1 2014

Chris McClean January 27, 2014

It’s once again time to tear open the GRC platform market and uncover all its amazing technical innovations, vendor successes, and impact on customer organizations. This afternoon, we published our latest iteration of the Forrester Wave: Governance, Risk, And Compliance Platforms. My esteemed colleagues Renee Murphy and Nick Hayes joined me in a fully collaborative, […]

Read More
BLOG

Is Your Security Program Ready To Support Disruptive Business Trends?

Chris McClean March 7, 2013

  The evolution of business practices is proving as big of an issue for Security and Risk professionals as the changing threat landscape. Sure, attackers exposed hundreds of millions of personal records and government information in security breaches last year, and there are examples all the time of new, sophisticated attack methods… however Security and […]

Read More
BLOG

Implement A Successful GRC Program With Forrester's Governance, Risk, and Compliance Playbook

Chris McClean February 15, 2013

I’m proud to announce that this week Forrester launched our Governance, Risk, and Compliance Playbook, a collection of in-depth reports covering the critical information you need to implement a successful GRC program… one that focuses on supporting business success, not getting in its way. First, because risk and compliance are always such quickly moving targets, […]

Read More
BLOG

Risk Management & Business Technology Resiliency – What’s Changed Since 2009

Chris McClean November 6, 2012

Guest post from Researcher Nick Hayes. Take a second to think back to the year 2009. The US was in the thick of the financial crisis; companies were slashing budgets, and the unemployment rate was in double-digits. And do you remember a little thing called the “swine flu”? The World Health Organization (WHO) deemed the H1N1 […]

Read More
BLOG

Avoid The Headlines, Focus On Corporate Culture

Chris McClean May 23, 2012

Guest post from Researcher Nick Hayes. Chris and I recently published a report describing how to build risk and compliance principles into your company’s corporate culture. As we worked to finalize, edit, and publish the report, a flurry of new corporate scandals emerged, all related to this topic. Here are just a few of them: […]

Read More
BLOG

NASDAQ OMX Acquires BWise… Where Is GRC Headed?

Chris McClean May 8, 2012

Last week saw news that yet another top GRC software vendor has been acquired, following in the footsteps of Paisley, Archer, OpenPages, among others. BWise has always been an impressive vendor in the GRC space, so first off I think congratulations are in order for both parties. That said, if you didn’t foresee NASDAQ getting […]

Read More
BLOG

Don’t Forbid Employees From Using The Escalator, Give Them Reasons To Use The Stairs

Chris McClean March 27, 2012

Guest post from Researcher Nick Hayes. If you had to go up one level in a train station, would you take the stairs or use the escalator? Most people would choose the escalator. But what if the staircase played musical notes like an interactive piano? This may change things, right? A couple of years ago, Volkswagen […]

Read More
BLOG

Announcing Two New Forrester Waves: Enterprise GRC And IT GRC

Chris McClean November 30, 2011

After months of diligent product and vendor evaluations, today we published The Forrester Wave: Enterprise GRC Platforms, Q4 2011. In the next few days, we will also publish The Forrester Wave: IT GRC Platforms, Q4 2011. These two reports feature a total of 20 vendors, all with proven capabilities to help customers tackle their continuously […]

Read More
BLOG

IBM To Acquire Algorithmics... GRC And Financial Risk Management Get A Little Closer

Chris McClean September 1, 2011

Today IBM announced plans to acquire the Fitch Group’s Algorithmics, a heavy-hitter in financial risk management software and services market, for $387 million.  Here are my initial thoughts about today’s announcement: IBM is making a (relatively safe) bet that operational and financial risk functions will continue to comes together. Regulatory pressures from Basel III, Dodd-Frank, […]

Read More
BLOG

A Few Thoughts On Communicating Risk

Chris McClean May 3, 2011

In my new report, The Risk Manager's Handbook: How To Measure And Understand Risks, I present industry best practices and guidance on ways to articulate the extent or size of a risk. More than the interpersonal, political, and leadership skills required of a risk management professional, defining how risks are measured and communicated is where […]

Read More
BLOG

Developing A Formal Risk Management Program

Chris McClean February 28, 2011

Of all the client inquiries and advisories we get related to risk management, one of the most frequent topics of discussion continues to be the role of risk management. Who should be involved? How? What should our objectives be? How should we measure success? I cover these and related topics in my Risk Manager's Handbook series, […]

Read More