Renee Murphy

Principal Analyst

Forrester Bio

Author Insights

BLOG

Integrated Risk Management: What Is It?

Renee Murphy November 8, 2019
I am often asked, “Renee, what is integrated risk management (IRM), and how is it different from GRC?” You are neither misinformed nor are you horribly confused. We have been on a seven-year journey together maturing governance, risk management, and compliance (GRC) programs to eventually give you the process, program, and data to get to […]
Read More
BLOG

J&J Shares Recover Amid $571M Fine, But Its Reputation May Never Recoup

Renee Murphy September 3, 2019
Last week, an Oklahoma court ordered Johnson & Johnson to pay $571 million for involvement in “false, misleading, and dangerous marketing campaigns” that contributed to the opioid addiction crisis in the state. This case is interesting for a couple of reasons: 1) It’s the first ruling in the US to hold a drug manufacturer accountable […]
Read More
BLOG

Collective Bargaining: Your Biggest Risk In The Age Of The Customer

Renee Murphy August 23, 2019
Social media has created customer groups that coalesce around a brand — in effect, a union. They collectively can and will change your corporate policy. With collective bargaining, business as usual is no longer acceptable. Are you ready for the empowered, technically savvy, and motivated customer? It’s the age of the customer: What are you […]
Read More
BLOG

Netflix Hack: Key Lessons In The Economics Of Ransomware And Managing Third-Party Risk

Renee Murphy May 2, 2017
Netflix recently experienced a third-party breach. The data lost is Season 5 of Orange is the New Black, which is original Netflix content. Many are calling it the largest entertainment industry hack since Sony. I guess that is right, but how bad is it really? First, here is what happened. Netflix transferred season five to […]
Read More
BLOG

The FCC is the Most Powerful Privacy Regulator in the Land…What Will Happen Next?

Renee Murphy June 4, 2015
Since the bulk collection of telephone metadata began, the NSA has been keeping those records in a vast database and maintaining and querying that data for 5 years before being required to purge it. Now that the data will be back in the hands of the telecom companies, the Federal Communications Commission’s regulations will determine […]
Read More
BLOG

Don’t Blame Target’s Audit Committee For The Sins Of Technology Management

Renee Murphy May 29, 2014
Yesterday, Institutional Shareholder Services (ISS), a third-party advisor to Target Corp. investors, recommended ousting Target’s Audit Committee because they failed to do appropriate risk management, resulting in a breach of customer data. According to Twin Cities Business Magazine, ISS stated that “… in light of the company’s significant exposure to customer credit card information and […]
Read More
BLOG

The Shuttle Challenger Anniversary Still Offers Risk Management Lessons, If We Are Willing to Learn Them

Renee Murphy February 25, 2014
January 28th was the anniversary of the Space Shuttle Challenger disaster. The Rogers Commission detailed the official account of the disaster, laying bare all of the failures that lead to the loss of a shuttle and its crew. Officially known as The Report of the Presidential Commission on the Space Shuttle Challenger Accident – The […]
Read More
BLOG

Privacy Activists Are Cheering For The NSA Ruling, But It Won’t Be A Lasting Victory

Renee Murphy December 18, 2013
Privacy is on trial in the United States. Legal activist Larry Klayman asked US District Judge Richard J. Leon to require the NSA to stop collecting phone data and immediately delete the data it already has. His argument was that US citizens have a right to privacy and this is a violation of the Fourth Amendment […]
Read More
BLOG

Cold War Security: Four Phones, Two Doors, A Scrap Of Paper, And A Lighter

Renee Murphy October 8, 2013
Outside of Tempe is a place called Sahuarita, Arizona. Sahuarita is the home of Air Force Silo #571-7 where a Titan missile, that was part of the US missile defense system and had a nine-megaton warhead that was at the ready for 25 years, should the United States need to retaliate against a Soviet nuclear […]
Read More
BLOG

Scenario modeling is anything but a guess

Renee Murphy October 1, 2013
Emergency management professionals say,  “The plan is useless, but the planning is priceless.”  There is a lesson in there for risk managers and it’s about the value of scenario modeling. The Federal Emergency Management Administration (FEMA) conducted a study to determine the likelihood and impact of a hurricane hitting New Orleans. FEMA assembled the paramedics, […]
Read More
BLOG

NASA Flunked Its Cloud Computing Audit: Are You Next?

Renee Murphy September 23, 2013
Ok, so NASA failed an audit. Don’t we all? I think it is important to understand the government’s cloud computing adoption timeline before passing judgment on NASA for failing to meet its cloud computing requirements. And, as someone who has read NASA’s risk management program (and the 600 pages of supporting documentation), I can say […]
Read More
BLOG

Are You In A Decision Trap? You Decide.

Renee Murphy September 19, 2013
Before joining Forrester, I ran my own consulting firm. No matter how ridiculous the problem or how complicated the solution, when a client would ask if I could help, I would say yes. Some people might say I was helpful, but I was in an overconfidence trap. There was always this voice in the back […]
Read More
BLOG

Allow Me To Introduce Myself…

Renee Murphy September 13, 2013
Allow me to introduce myself. I am Renee Murphy, and I am new Sr. Analyst here at Forrester Research. Prior to joining Forrester, I was both an internal and external auditor. My experience includes network and data center engineering and management, operations process development and implementation and creating auditable technology environments in many different industries […]
Read More