Alla Valente

Senior Analyst

Forrester Bio

Author Insights

Blog

Forget The FUD: Four Factors Fueling TPRM Platform Adoption Today

Alla Valente 1 day ago
Fear. Uncertainty. Doubt. Also known as “appeal to fear,” fear-uncertainty-doubt (FUD) is a fallacy in which a person tries to create support for an idea (or technology) by attempting to increase fear towards an alternative. Since passage of Sarbanes-Oxley (SOX), the regulation that launched the era of compliance, technology sales have been predicated on creating […]
Blog

The Risk Of Greenwashing: One Step Forward For The Cause, Two Steps Back For The Environment

Alla Valente April 21, 2022
The theme for Earth Day 2022 is “Invest In Our Planet.” In the leadup to the main event on April 22, it’s not unusual for scores of companies big and small and newcomers and household names in every industry to take to social media to highlight their efforts for investing in our planet. After all, […]
Blog

Cyber Insurance: What The Changing Power Dynamics Mean For You

Heidi Shey April 8, 2022
Cyber insurance is only one component of a bigger enterprise cybersecurity risk management program. However, the cyber insurance market has been on a roller coaster, with skyrocketing premiums, changes in coverage, and a demand for policies that outweighs available supply. After years of affordable and readily available policies, the ubiquity of cyber insurance combined with […]
Blog

So aktualisieren Sie Ihr Risikomanagement angesichts des Krieges in der Ukraine

Alla Valente 30 März 2022
Führende Risikomanagementunternehmen in Europa und weltweit sind bereits vom Krieg in der Ukraine und den gegen russische und weißrussische Akteure verhängten Sanktionen betroffen. Forrester-Analysten geben in diesem Beitrag ihre Einschätzung.
Blog

Comment Mettre À Jour Votre Stratégie De Gestion Des Risques Face À La Guerre En Ukraine

Alla Valente 28 Mars 2022
Les leaders de la gestion des risques en Europe et dans le monde sont déjà impactés par la guerre en Ukraine et les sanctions imposées aux acteurs russes et biélorusses. Les analystes de Forrester fournissent leurs conseils dans cet article.
Blog

Fix The Vulnerability Within: Break Gender Bias In Cybersecurity

Jinan Budge March 7, 2022
Forrester predicts that in 2022, one in 10 experienced security pros will exit the industry. This brain drain is the result of a few dynamics colliding: poor financial and advancement incentives; general stress and burnout impacting security teams; and cybersecurity’s dirty little secret, workplace toxicity! And cybersecurity isn’t immune to the hidden epidemic impacting women’s ability […]
Blog

Here’s How To Update Your Risk Management Posture Given The War In Ukraine

Alla Valente February 28, 2022
Risk management leaders in Europe and worldwide are already being impacted by the war in Ukraine and the sanctions imposed on Russian and Belarusian actors. Forrester analysts provide their guidance in this post.
Blog

Setting The Record Straight On The Third-Party Risk Management Market

Alla Valente February 7, 2022
Third-party risk management (TPRM) is high on the list of business priorities and risk management priorities, and that’s a good thing. Despite predictions in the early days of the pandemic that firms would rein in outsourcing strategies, the third-party ecosystem continues to grow, smaller vendors and suppliers remain cybersecurity targets, the global regulatory machine continues […]
Blog

Enterprise Risk Pros Pivot From Compliance To Driving Faster, Better Decisions

Alla Valente February 3, 2022
The average firm’s list of business and risk management priorities looks very different today than it did two years ago. What’s changed? For starters, according to Forrester data, 43% of enterprise risk management (ERM) decision-makers report having experienced three or more discrete critical risk events over the past 12 months. The same group reveals that […]
Blog

The Emerging Cyber Risk Quantification Market: When CISOs Need Decisions, Not More Dashboards

Paul McKay January 31, 2022
Ask any CISO to articulate the ROI of their firm’s cybersecurity investment — or, worse yet — to defend an increase to the security budget, and you’re likely to get anything from a threat heat map to a 5×5 grid to a list of the latest threats with a flowchart of how the firm is […]
Blog

Supreme Court Ruling On Vaccine Mandates Doesn’t Change Your Calculus

J.P. Gownder January 14, 2022
On January 13, the US Supreme Court ruled that the Biden administration’s vaccination-or-test mandate for private businesses employing 100 or more workers could not be enforced by OSHA — the federal agency that covers private sector employers and workers in all 50 states. Ultimately, the ruling takes enforcement out of OSHA’s hands and puts it […]
Blog

Log4j, Open Source Maintenance, And Why SBOMs Are Critical Now

Sandy Carielli December 15, 2021
Beyond the immediate response issues, the Log4j vulnerability poses longer-term risk management and community considerations.
Blog

Divide And Conquer: Rapid Response To The Apache Log4j Vulnerability

Allie Mellen December 13, 2021
It’s been … a weekend for security pros. The Apache Log4j vulnerability (CVE-2021-44228) affects somewhere between 0 and 3 billion-plus of the devices currently running Java. Luckily, a metric ton of amazing advice exists on #InfoSecTwitter right now. It’s a lot to consume at once, which is why we‘ve put together three parallel workstreams you […]
Blog

What The US Infrastructure Bill Means To You

Renee Murphy November 10, 2021
After months of negotiations in Congress, the Infrastructure Investment and Jobs Act is about to become law. This new law will address specifics such as climate change, sustainability, and cybersecurity that all have specific requirements which, in turn, will drive your policy and regulation in the future. If you do business with the US federal […]
Blog

Retailers: Stop The Bots From Further Wreaking Havoc With Your Supply Chain

Sandy Carielli November 8, 2021
Retailers, the time is now to manage supply chain risks, raise bot defenses, and prioritize customers this holiday season.
Video

Predictions 2022: As Digitization Accelerates, Lack Of Equity, Labor, And Trust Will Plague Healthcare

Natalie Schibell November 1, 2021

Blog

When Systemic Risks Collide: Why Supply Chain Issues Are The New Normal

Alla Valente October 26, 2021
Before March of 2020, “supply chain issues” was a term we’d hear after a natural disaster or labor strike — that all ended the moment we ran out of toilet paper. Unquestionably, the supply chain crisis has been a secondary theme of the pandemic, one that continues to escalate. For the 15 months since the […]
Blog

Employee Vaccination Mandates: Indecision Is The Riskiest Decision Of All

Alla Valente October 14, 2021
It can be the carrot or the stick, but the key to a successful vaccination incentive is to make a definitive decision.
Blog

Halloween Comes Early For Syniverse, FB, And Twitch — What We Can Learn From Their Spooky Outages Plus Breaches

Jeff Pollard October 7, 2021
As renowned ghost hunter and solver of mysteries Scooby-Doo would say, “Ruh roh, Raggy!” It looks like more than ghosts are wreaking havoc on haunted networks. We’re less than a full week into October, and Cybersecurity Awareness Month isn’t quite taking shape the way we expected. Ostensibly, orgs decided to pivot and use this time […]
Blog

Facebook’s Outage: Breaking The Ad Empire — For A Day?

Mike Proulx October 4, 2021
The Facebook ecosystem outage should remind advertisers to have proactive risk mitigation plans in place.
More posts