risk management
“No risk, no reward,” may be true, but unnecessary risk is . . . well, unnecessary. Read our insights on risk management and mitigation.
Insights
Blog
Navigating Cyber Regulatory Purgatory Using AI
As cyber regulations continue to multiply, cyber and risk professionals need to make choices about how they comply with cyber regulations that conflict with each other. Find out how generative AI can help in this preview of our upcoming Security & Risk Summit.
Blog
Human Risk Management: From Talk To Action In 18 Months
Since its launch, human risk management has blossomed into a distinct and expanding market, attracting the interest and budget of many organizations. Learn about the fast evolution of HRM in this preview of our upcoming Security & Risk Summit.
Missed It Live? Unlock The Secrets To CIO & CISO 2026 Budget Alignment
Couldn’t join us live? Watch this on-demand session and discover how leading CIOs and CISOs align on 2026 planning, prioritize investments, and build resilient security frameworks for 2026.
Blog
From Digital Sovereignty Platforms To Sovereign Cloud Platforms: Three Reasons For A Title Change
Learn how increased complexity and additional market factors led us to rethink the title of our upcoming Forrester Landscape report on digital sovereignty platforms
Podcast
AI Pricing, Outcome-Based Pricing, Developer Productivity
As the annual budgeting and planning season comes into full swing, we drill down into two unique pricing trends. We then take a detailed look at how to measure developer productivity.
Blog
Master Risk And Conquer Chaos At Forrester’s Security & Risk Summit
For leaders in security, risk, and privacy, this year has been different, with a new level of volatility fueled by geopolitics, new regulatory hurdles, relentless AI disruption, and looming quantum threats. Learn how Forrester’s Security & Risk Summit 2025 can empower you to stay ahead of the chaos, take the right risks, and secure your organization.
Blog
100% Accuracy On Weather Predictions? Well, No, But You Are In Control Of Your Organizational Resilience
This week the UN court said countries must address the “urgent and existential threat” of climate change. It’s easy to see from weather events why this is more urgent than ever before.
Blog
AI Regulations Clear Major Hurdles On Both Sides Of The Atlantic
July has marked a defining moment for global AI regulation, as policymakers in both the US and the EU removed or abandoned some heavy roadblocks that stood in the way of laws mandating transparency and regulations enshrining risk management.
Blog
Jekyll And Hyde: The Dual Role Of Disruptive Technologies In Sustainability
Disruptive technologies such AI can boost efforts towards some strategic priorities, but can also work against environmental sustainability goals. Learn more about the the dual role played by six of the most important disruptive technologies poised to shape sustainability in 2025.
Blog
Systemic Risks Fracture The Business Mosaic
In ancient Rome, mosaics adorned the floors and walls of villas, temples, and public spaces. These intricate works of art were composed of tiny cubic tesserae. Each piece, though small, contributed to a grander design. But damage to even a single tile could disrupt the harmony of the whole. Today’s global business environment is no […]
Blog
Pause Innovation Now And Pay The Price Later: Why AI Readiness Can’t Wait
Even as volatility abounds, business and technology leaders must stay laser-focused on building a strong AI foundation. The first blog in our new quarterly Bold Stances series offers some guidance.
Blog
Announcing The Forrester Wave™: Cyber Risk Quantification Solutions, Q2 2025
Cyber risk quantification (CRQ) solutions are on a mission to transform security and risk operations. The goal: a future where risk is measurable, actionable, and tightly integrated into business strategy. Some solutions emphasize picking up where legacy governance, risk, and compliance (GRC) implementations fall short and provide data-driven risk reporting, continuous monitoring, and third-party risk […]
Blog
Supply Chain, AI, And Operational Resilience Risks Dominate ERM Programs In 2025
For risk professionals, leading through 2025’s volatility has been like living in an “Alice in Wonderland” unreality. Risk teams have never been more important as a function to guide their businesses through challenges such as geopolitical risk events, trade disruption, economic volatility, and regulatory disruption.
New For 2026! Security Budget Planning Guide + Workbook
Prepare your 2026 security budget for critical risks. Get our budget planning guide and workbook to assess, prioritize, and implement investments for fortified security in uncertain times.
Blog
Data- And Agent-Centric Roadmap Inspires Coupa’s Vision For Autonomous Spend Management
Coupa Inspire 2025 unveiled an elevated brand and a new leadership team. Here's the five key insights that came out of the event.
Blog
Coinbase Flips The Coin On Would-Be Extortionists
In a recent example of why managing insider risk is critical, cryptocurrency exchange Coinbase announced that it was the target of an extortion scheme enabled by insiders. Learn more about the incident and how to protect against it in this blog.
Blog
The Cyber Risk Tides Are Turning: RSAC ‘25 And Beyond
RSAC is the largest cybersecurity conference in the world. Leaders and practitioners across all sectors come together to tackle challenges, all under the maxim of “managing risk.” But what does “risk” actually mean at a security conference? Is it a mythical pursuit? Marketing buzzword? Or generic substitute for “the thing we need to detect/prevent/remediate”? RSAC […]
Blog
SLED CIOs: Brace For DOGE Impact
State CIOs now stand at a critical junction — caught between the promise of streamlined, citizen-centric government and the peril of hollowed-out public institutions dressed in the language of reform. Your next move determines whether your DOGE effort becomes a blueprint for smart reform — or a cautionary tale.
Blog
Overregulation Forges A CISO Coalition With The G7 Letter
A coalition of over 40 chief information security officers (CISOs) from leading companies, including Salesforce, Microsoft, AWS, Mastercard, and Siemens, sent a letter to the G7 and OECD, urging them to take action on aligning international cybersecurity regulations.
Master Your 2026 Budget With Our Ultimate Guides And Tools
Plan smarter to thrive in 2026! Access planning guides, workbooks, webinars, and resources to invest wisely, cut costs, and maximize your budget impact — even in uncertain times.
Blog
Global Tariffs: Dynamic Risk Management Meets Its Moment
The recent introduction of US-imposed tariffs has shaken global trade. While economists and financial analysts debate whether this on-again/off-again trade war fits into their model for geopolitical, economic, or supply chain risks, the result is the same: uncertainty and chaos sure to shake up business strategy for the foreseeable future. This new era of volatility […]
Blog
Government Leaders: Prioritize Cyber Efficiency Amid Federal Volatility
Government agencies at the federal, state, and local levels must prepare for a future where they experience uncertainty, headcount reductions, contract cancellations, and budget cuts. This is gut-wrenchingly difficult to process, yet remaining leaders must figure out how to move forward to serve the mission. For public sector cybersecurity leaders, this is even more paramount. […]
Blog
Announcing Forrester’s Security & Risk Enterprise Leadership Award
Forrester is delighted to announce the opening call for our annual Security & Risk Enterprise Leadership Award. This award recognizes organizations that have transformed their security, privacy, and risk management functions into capabilities that fuel the organization’s reputation for trust and its long-term success.
More posts