Alla Valente
Senior Analyst

Author Insights
Blog
Forget The FUD: Four Factors Fueling TPRM Platform Adoption Today
Fear. Uncertainty. Doubt. Also known as “appeal to fear,” fear-uncertainty-doubt (FUD) is a fallacy in which a person tries to create support for an idea (or technology) by attempting to increase fear towards an alternative. Since passage of Sarbanes-Oxley (SOX), the regulation that launched the era of compliance, technology sales have been predicated on creating […]
Blog
The Risk Of Greenwashing: One Step Forward For The Cause, Two Steps Back For The Environment
The theme for Earth Day 2022 is “Invest In Our Planet.” In the leadup to the main event on April 22, it’s not unusual for scores of companies big and small and newcomers and household names in every industry to take to social media to highlight their efforts for investing in our planet. After all, […]
Blog
Cyber Insurance: What The Changing Power Dynamics Mean For You
Cyber insurance is only one component of a bigger enterprise cybersecurity risk management program. However, the cyber insurance market has been on a roller coaster, with skyrocketing premiums, changes in coverage, and a demand for policies that outweighs available supply. After years of affordable and readily available policies, the ubiquity of cyber insurance combined with […]
Blog
So aktualisieren Sie Ihr Risikomanagement angesichts des Krieges in der Ukraine
Führende Risikomanagementunternehmen in Europa und weltweit sind bereits vom Krieg in der Ukraine und den gegen russische und weißrussische Akteure verhängten Sanktionen betroffen. Forrester-Analysten geben in diesem Beitrag ihre Einschätzung.
Blog
Comment Mettre À Jour Votre Stratégie De Gestion Des Risques Face À La Guerre En Ukraine
Les leaders de la gestion des risques en Europe et dans le monde sont déjà impactés par la guerre en Ukraine et les sanctions imposées aux acteurs russes et biélorusses. Les analystes de Forrester fournissent leurs conseils dans cet article.
Blog
Fix The Vulnerability Within: Break Gender Bias In Cybersecurity
Forrester predicts that in 2022, one in 10 experienced security pros will exit the industry. This brain drain is the result of a few dynamics colliding: poor financial and advancement incentives; general stress and burnout impacting security teams; and cybersecurity’s dirty little secret, workplace toxicity! And cybersecurity isn’t immune to the hidden epidemic impacting women’s ability […]
Blog
Here’s How To Update Your Risk Management Posture Given The War In Ukraine
Risk management leaders in Europe and worldwide are already being impacted by the war in Ukraine and the sanctions imposed on Russian and Belarusian actors. Forrester analysts provide their guidance in this post.
Blog
Setting The Record Straight On The Third-Party Risk Management Market
Third-party risk management (TPRM) is high on the list of business priorities and risk management priorities, and that’s a good thing. Despite predictions in the early days of the pandemic that firms would rein in outsourcing strategies, the third-party ecosystem continues to grow, smaller vendors and suppliers remain cybersecurity targets, the global regulatory machine continues […]
Blog
Enterprise Risk Pros Pivot From Compliance To Driving Faster, Better Decisions
The average firm’s list of business and risk management priorities looks very different today than it did two years ago. What’s changed? For starters, according to Forrester data, 43% of enterprise risk management (ERM) decision-makers report having experienced three or more discrete critical risk events over the past 12 months. The same group reveals that […]
Blog
The Emerging Cyber Risk Quantification Market: When CISOs Need Decisions, Not More Dashboards
Ask any CISO to articulate the ROI of their firm’s cybersecurity investment — or, worse yet — to defend an increase to the security budget, and you’re likely to get anything from a threat heat map to a 5×5 grid to a list of the latest threats with a flowchart of how the firm is […]
Blog
Supreme Court Ruling On Vaccine Mandates Doesn’t Change Your Calculus
On January 13, the US Supreme Court ruled that the Biden administration’s vaccination-or-test mandate for private businesses employing 100 or more workers could not be enforced by OSHA — the federal agency that covers private sector employers and workers in all 50 states. Ultimately, the ruling takes enforcement out of OSHA’s hands and puts it […]
Blog
Log4j, Open Source Maintenance, And Why SBOMs Are Critical Now
Beyond the immediate response issues, the Log4j vulnerability poses longer-term risk management and community considerations.
Blog
Divide And Conquer: Rapid Response To The Apache Log4j Vulnerability
It’s been … a weekend for security pros. The Apache Log4j vulnerability (CVE-2021-44228) affects somewhere between 0 and 3 billion-plus of the devices currently running Java. Luckily, a metric ton of amazing advice exists on #InfoSecTwitter right now. It’s a lot to consume at once, which is why we‘ve put together three parallel workstreams you […]
Blog
What The US Infrastructure Bill Means To You
After months of negotiations in Congress, the Infrastructure Investment and Jobs Act is about to become law. This new law will address specifics such as climate change, sustainability, and cybersecurity that all have specific requirements which, in turn, will drive your policy and regulation in the future. If you do business with the US federal […]
Blog
Retailers: Stop The Bots From Further Wreaking Havoc With Your Supply Chain
Retailers, the time is now to manage supply chain risks, raise bot defenses, and prioritize customers this holiday season.
Blog
When Systemic Risks Collide: Why Supply Chain Issues Are The New Normal
Before March of 2020, “supply chain issues” was a term we’d hear after a natural disaster or labor strike — that all ended the moment we ran out of toilet paper. Unquestionably, the supply chain crisis has been a secondary theme of the pandemic, one that continues to escalate. For the 15 months since the […]
Blog
Employee Vaccination Mandates: Indecision Is The Riskiest Decision Of All
It can be the carrot or the stick, but the key to a successful vaccination incentive is to make a definitive decision.
Blog
Halloween Comes Early For Syniverse, FB, And Twitch — What We Can Learn From Their Spooky Outages Plus Breaches
As renowned ghost hunter and solver of mysteries Scooby-Doo would say, “Ruh roh, Raggy!” It looks like more than ghosts are wreaking havoc on haunted networks. We’re less than a full week into October, and Cybersecurity Awareness Month isn’t quite taking shape the way we expected. Ostensibly, orgs decided to pivot and use this time […]
Blog
Facebook’s Outage: Breaking The Ad Empire — For A Day?
The Facebook ecosystem outage should remind advertisers to have proactive risk mitigation plans in place.
More posts