security risk management

With the proliferation of data and the ubiquity of connected devices, organizations can move with unmatched efficiency, but simultaneously incur increased risks. Read our insights on how security & risk professionals can succeed in this environment.

Discover how Forrester supports IT leaders.

Insights

Blog

Debunking Infosec Purity And Other Security Myths In The Wake Of Recent Attacks

Sandy Carielli May 21, 2021
Earlier this week, an op-ed published on The Hill sent information security (infosec) Twitter into a tizzy by blaming cybersecurity industry best practices for recent high-profile security breaches. For the security team at Forrester, the op-ed furthered a number of security myths that we felt compelled to bust here. Myth #1: The Best Infosec Pros […]
Read More
Blog

Le Développement Durable : Nouvel Enjeu De La Transformation Des Entreprises

Thomas Husson May 20, 2021
La prochaine vague de transformation des entreprises sera celle du développement durable.
Read More

Predictions 2021 Hub

Explore our blog posts, videos, guides, and other resources to understand the dynamics that will shape 2021.

Blog

Announcing The Forrester Wave™: Endpoint Security Software As A Service, Q2 2021

Christopher Sherman May 14, 2021
I am excited to announce “The Forrester Wave™: Endpoint Security Software As A Service, Q2 2021.” Although Forrester has previously published other endpoint security Wave evaluations, this is the first Wave on endpoint security software that exclusively focuses on SaaS-delivered products and functions. As more security admin and employees shifted to work from home in […]
Read More
Blog

The Colonial Pipeline Cyberattack Is A (Another) Call For Zero Trust And Resilience In Industrial Companies

Brian Kime May 14, 2021
On Friday, May 7, 2021, Colonial Pipeline safely shut down its pipeline operations due to a ransomware incident in its corporate network. Colonial Pipeline transports 45 percent of the fuel along the East Coast of the United States through 5,500 miles of pipeline. To mitigate the disruption of Colonial Pipeline, the US government allowed a […]
Read More
Blog

Trust Is Your Business Imperative

Enza Iannopollo May 12, 2021
Forrester's new research provides a concrete definition of trust and identifies seven key levers to help companies win the trust of their customers, employees, and partners.
Read More
Blog

National Poetry Month And The Case For Whimsy In Security & Risk

Sandy Carielli April 5, 2021
We all need a bit of whimsy in our lives. This is not just an excuse for a whimsical blog post, though there is that. Whimsy and laughter build bridges. And in the security world, where empathy is a critical resource, whimsy can be a first and recurring step in connecting with the teams outside […]
Read More
Video

Systemic Risk For 2021

Renee Murphy March 31, 2021

Watch Now
Blog

2021 Brings New Security Challenges And Regulations For European CISOs

Paul McKay March 31, 2021
Learn three key shifts European CISOs are making to address the COVID-19 pandemic and new regulations.
Read More
Blog

Announcing The Forrester Wave™: External Threat Intelligence Services, Q1 2021

Brian Kime March 23, 2021
We are thrilled to announce the publication of “The Forrester Wave™: External Threat Intelligence Services, Q1 2021.” External threat intelligence services (ETIS) are important to security teams to fill gaps in their existing collection plans with specialized services that will enhance their existing cyber defense and reduce risk. External threat intelligence services are different in […]
Read More
Blog

Security Recommendations 2021: Taking Stock For The Long Term

Sean Ryan March 23, 2021
After a tumultuous period of reactive steps, now is the right time for security and risk pros to get their long-term plans back on track.
Read More
Blog

Stay Vigilant Of The 2021 Threat Landscape And Help Your Org Prepare For “The Next Normal”

Brian Kime March 16, 2021
Earlier this month, a US State Department spokeswoman announced that the US had identified three online publications that were attempting to discredit the Pfizer and Moderna vaccines, all of which were directed by Russian intelligence. In Forrester’s annual report on top security threats, we explore the top security threats that security professionals must monitor, including […]
Read More
Blog

Use Forrester’s Brand-New Global Map Of Privacy Rights And Regulations 2021 To Navigate The Evolving Privacy Landscape

Enza Iannopollo March 15, 2021
Struggling to keep up with changing privacy requirements around the world? Learn the three major trends driving the changes and how a new tool can help.
Read More

COVID-19: Responding, Managing, And Leading During A Pandemic

The latest insights and guidance for leaders to address the growing business and employee experience implications of COVID-19.

Blog

What CISOs Taught Me

Jess Burn March 9, 2021
First off, I’d like to express how thrilled I am to join Forrester’s security and risk research (S&R) team as a senior analyst. I’ve been working closely with this team for eight years in my previous role as a principal advisor to our chief information security officer (CISO) community, and I’m honored to join the […]
Read More
Blog

Okta Acquires Identity Orchestration And CIAM Vendor Auth0 For $6.5B

Andras Cser March 4, 2021
Forrester analysts take a detailed look at what's driving the unprecedented premium being paid in this acquisition.
Read More
Blog

Announcing The Forrester New Wave™: Cybersecurity Risk Ratings Platforms, Q1 2021

Paul McKay February 25, 2021
The cybersecurity risk ratings (CSR) market is a bit like Marmite or SPAM (the pork product in a can, not the unwelcome emails) — some customers love it, others hate it. We see examples of both extremes in our customer interactions, interviews, and research on this market. Our responsibility as analysts is to highlight where […]
Read More
Blog

GRC And IAM — Better Together

Sean Ryan February 11, 2021
Struggling to define where GRC ends and IAM begins? Get a clear breakdown of how the two functions should work together in a broader risk management strategy.
Read More
Blog

(Likely) First Cyberintrusion Into An American Water Treatment System

Brian Kime February 9, 2021
Yesterday, the city of Oldsmar, Florida conducted a press conference to disclose that an unknown person had remotely accessed the city’s water treatment system. The public was never in danger, since operators detected the breach quickly and reversed the changes made by the threat within moments. The change made to the system was “loud” — […]
Read More

Webinar: Coronavirus Disruption in Europe

Gain actionable insights to guide European leaders during this challenging time. We'll cover the impact of COVID-19 on employee experience, lessons learned from APAC’s response so far, and how to build a comprehensive pandemic plan.

Blog

It’s Time To Stop Paying For Commoditized Endpoint Security Features

Christopher Sherman January 21, 2021
Today’s enterprise security buyers evaluating a new endpoint security suite often begin with a security RFP layered thick with many existing endpoint security features and capabilities, including antimalware, host firewall, anti-exploit, and application control. However, as our evaluation in the “The Forrester Wave™: Endpoint Security Suites, Q3 2019” showed, the major differentiation between today’s endpoint […]
Read More
Blog

Recent Dragos Funding Round Demonstrates Growing Demand For OT Security Solutions

Brian Kime December 9, 2020
Operational technology (OT) and industrial control system (ICS) security are vitally important for the safety of the people who work in critical infrastructure and manufacturing. OT security is also necessary for the consumers of the energy, drinking water, and products made in our industrial facilities. OT security is a unique security domain of growing importance, and yesterday’s announcement of Dragos’ Series C funding round of $110 million is another validation of […]
Read More
Blog

COVID Drives M&A Activity In DevOps And IT Management

Sandy Carielli December 4, 2020
Learn how the pandemic's increased uncertainty and volatility has produced some attractive M&A opportunities in DevOps and IT Management.
Read More
More posts