risk management
“No risk, no reward,” may be true, but unnecessary risk is . . . well, unnecessary. Read our insights on risk management and mitigation.
Insights
Blog
Jekyll And Hyde: The Dual Role Of Disruptive Technologies In Sustainability
Disruptive technologies such as automation and AI and autonomous mobility boost efforts toward some strategic priorities but can also work against environmental sustainability goals. For example, these technologies bring high compute demands, increased electronic waste, reliance on critical raw materials, complications to the supply chain, and substantial infrastructure required for deployment. But these disruptive technologies […]
Blog
Systemic Risks Fracture The Business Mosaic
In ancient Rome, mosaics adorned the floors and walls of villas, temples, and public spaces. These intricate works of art were composed of tiny cubic tesserae. Each piece, though small, contributed to a grander design. But damage to even a single tile could disrupt the harmony of the whole. Today’s global business environment is no […]
Blog
Pause Innovation Now And Pay The Price Later: Why AI Readiness Can’t Wait
Even as volatility abounds, business and technology leaders must stay laser-focused on building a strong AI foundation. The first blog in our new quarterly Bold Stances series offers some guidance.
Blog
Announcing The Forrester Wave™: Cyber Risk Quantification Solutions, Q2 2025
Cyber risk quantification (CRQ) solutions are on a mission to transform security and risk operations. The goal: a future where risk is measurable, actionable, and tightly integrated into business strategy. Some solutions emphasize picking up where legacy governance, risk, and compliance (GRC) implementations fall short and provide data-driven risk reporting, continuous monitoring, and third-party risk […]
Blog
Supply Chain, AI, And Operational Resilience Risks Dominate ERM Programs In 2025
For risk professionals, leading through 2025’s volatility has been like living in an “Alice in Wonderland” unreality. Risk teams have never been more important as a function to guide their businesses through challenges such as geopolitical risk events, trade disruption, economic volatility, and regulatory disruption.
Blog
Data- And Agent-Centric Roadmap Inspires Coupa’s Vision For Autonomous Spend Management
Coupa Inspire 2025 unveiled an elevated brand and a new leadership team. Here's the five key insights that came out of the event.
Blog
Coinbase Flips The Coin On Would-Be Extortionists
In a recent example of why managing insider risk is critical, cryptocurrency exchange Coinbase announced that it was the target of an extortion scheme enabled by insiders. Learn more about the incident and how to protect against it in this blog.
Stop The Friction: Align CIOs & CISOs For Smarter 2026 Budget Planning
In uncertain times, teamwork is everything. Join Forrester analysts live on August 6 to align CIOs and CISOs on budget plans, prioritize smart investments, and fortify your security for 2026.
Blog
The Cyber Risk Tides Are Turning: RSAC ‘25 And Beyond
RSAC is the largest cybersecurity conference in the world. Leaders and practitioners across all sectors come together to tackle challenges, all under the maxim of “managing risk.” But what does “risk” actually mean at a security conference? Is it a mythical pursuit? Marketing buzzword? Or generic substitute for “the thing we need to detect/prevent/remediate”? RSAC […]
Blog
SLED CIOs: Brace For DOGE Impact
State CIOs now stand at a critical junction — caught between the promise of streamlined, citizen-centric government and the peril of hollowed-out public institutions dressed in the language of reform. Your next move determines whether your DOGE effort becomes a blueprint for smart reform — or a cautionary tale.
Blog
Overregulation Forges A CISO Coalition With The G7 Letter
A coalition of over 40 chief information security officers (CISOs) from leading companies, including Salesforce, Microsoft, AWS, Mastercard, and Siemens, sent a letter to the G7 and OECD, urging them to take action on aligning international cybersecurity regulations.
Blog
Global Tariffs: Dynamic Risk Management Meets Its Moment
The recent introduction of US-imposed tariffs has shaken global trade. While economists and financial analysts debate whether this on-again/off-again trade war fits into their model for geopolitical, economic, or supply chain risks, the result is the same: uncertainty and chaos sure to shake up business strategy for the foreseeable future. This new era of volatility […]
Blog
Government Leaders: Prioritize Cyber Efficiency Amid Federal Volatility
Government agencies at the federal, state, and local levels must prepare for a future where they experience uncertainty, headcount reductions, contract cancellations, and budget cuts. This is gut-wrenchingly difficult to process, yet remaining leaders must figure out how to move forward to serve the mission. For public sector cybersecurity leaders, this is even more paramount. […]
New For 2026! Security Budget Planning Guide + Workbook
Prepare your 2026 security budget for critical risks. Get our budget planning guide and workbook to assess, prioritize, and implement investments for fortified security in uncertain times.
Blog
Announcing Forrester’s Security & Risk Enterprise Leadership Award
Forrester is delighted to announce the opening call for our annual Security & Risk Enterprise Leadership Award. This award recognizes organizations that have transformed their security, privacy, and risk management functions into capabilities that fuel the organization’s reputation for trust and its long-term success.
Blog
The Tech Exec’s Guide To Decoding Cybersecurity Vendor Performance
Forrester analyzed the earnings calls of the 10 largest cybersecurity vendors by market cap and identified key trends for technology executives.
Blog
New Year, New Us: Introducing Forrester’s International Security & Risk Team Research
Dive into our backgrounds, existing research, and capabilities. As a team, we cover a multitude of security and risk priorities. We are also geographically distributed; no one else is as uniquely positioned to add this level of global perspective to our research and our clients.
Blog
Step Right Up: To Manage Volatility, You’re All Risk Leaders Now!
While business volatility tests resilience, it also creates opportunities. Learn three ways to make your risk management efforts more targeted and effective.
Blog
How CISOs Can Thrive Amid Economic Volatility
In today’s unpredictable economic climate, CISOs face familiar — but intensified — challenges. Get some actionable insights to help navigate through turbulent times in this preview of a new report.
Master Your 2026 Budget With Our Ultimate Guides And Tools
Plan smarter to thrive in 2026! Access planning guides, workbooks, webinars, and resources to invest wisely, cut costs, and maximize your budget impact — even in uncertain times.
Blog
VMware/Siemens: A Cautionary Tale About The Risks Of Software And Services Licensing
Litigation has become the default method for companies to resolve disagreements, force accountability, and establish recourse for everything from breach-related failures to contractual disagreements. A recent lawsuit filed by VMware (now owned by Broadcom) against its customer, Siemens’ US operations, for alleged use of unlicensed software is not unique and should serve as a stark […]
Blog
To Thrive Through Volatility, Master These Three Areas
There’s no end in sight for the current disruption, but making the right strategic moves will help you come out ahead.
Podcast
Finally, An Alternative To 3LOD: Meet Continuous Risk Management
For more than a decade, risk managers have been trying to use the three lines of defense (3LOD) framework for enterprise risk management. But it was never meant for that. In this episode, Senior Analysts Alla Valente and Cody Scott walk through the new Forrester Continuous Risk Management Model, a more holistic and business-centric risk management approach.
More posts