Alla Valente

After Montana was found to have violated the constitutional right to a “clean and healthful environment," this is what every risk pro should be considering.

The US Federal Trade Commission is officially investigating OpenAI. Learn how you can mitigate your risk exposure by addressing the eight areas of interest outlined in the FTC request.

When thinking of markets on the cusp of disruption, legal tech — and especially contract lifecycle management — is not likely what comes to mind. But it should. Here's why.

Third-party risk management and cyber risk ratings fight better together, making security and risk professionals the beneficiaries of the alliance.

Frameworks and standards are not the same. Learn the difference and get a look at some commonly used ones for sustainability.

Climate events occur more frequently every year. Treat this Earth Day as a call to action, and add climate risks to your systemic risk purview.

Third-party risk management efforts typically focus on software vendors and managed services providers. It's time to broaden that perception.

This blog outlines Forrester’s existing Security & Risk research to help organizations navigate, manage, and prepare their organizations for the implications of the National Cybersecurity Strategy.

Perspectives From A Former CISO/CSO For my second blog in this series, I wanted to share my thoughts on one of my favorite subjects: third-party risk management (TPRM). More specifically, I’m going to primarily focus on the receiving side of the equation — i.e., responding to and dealing with external inquiries about your organization as […]

All businesses rely on contracts. Unlike customer-facing functions, however, the software that powers the creation, execution, and management of these commercial obligations hasn’t made the shift toward digital … until now! In my new report, The Contract Lifecycle Management Landscape, Q1 2023, I looked at the 26 notable contract lifecycle management (CLM) vendors that procurement, […]

Unless you’re a floppy disk aficionado, Tom Persky isn’t likely to be a familiar name. Tom is what you’d call a “last man standing,” as he’s the only bulk seller of floppy disks left, and his business of recycling, stripping, and reselling floppy disks is booming. You may be thinking, so what? Do they still […]

The proposed pivot from suggestion to regulation will require companies to take climate risk seriously — and do a lot of math. All corporations that file with the SEC will need to be prepared.

Forrester provides guidance on how to succeed with AI governance with the NIST’s AI RMF 1.0.

There’s a significant shift ahead for how public firms and their boards treat cybersecurity risk. The last two years increased the amount of cybersecurity oversight in terms of regulations and guidelines. Voluntary “recommendations” such as the National Institute of Standards and Technology’s guidelines for AI offer a starting point for safer use of artificial intelligence, […]

They say the most inopportune time to buy an umbrella is when it’s raining. That’s exactly what’s happening now to US utilities companies scrambling to procure a critical component required to beef up or repair power lines just as the US hurricane season arrives. At the heart of the headache, for the fourth year in […]

Some 14 Forrester analysts attended this year’s AWS re:Invent in Las Vegas. The conference was a mix of innovation in some areas — particularly compute and networking, along with a co-engineering approach to industry cloud — but plateaus in others, such as hybrid and edge. Efficiency and consolidation were underlying themes, from amping up AI/ML […]

Learn why “fixing” supply chain issues is less important than reducing the long-term risks that create the issues in this Security & Risk event preview.

Classic horror movie quirks closely resemble what we’re seeing in firms looking to innovate and differentiate yet are running from rather than toward AI and advanced automation.

New business priorities, strategic initiatives, and a plethora of new risks mean that security, risk, and compliance professionals must master the art of juggling.