Alla Valente

Senior Analyst

Forrester Bio

Author Insights


Prescription For Change: Cybersecurity Outage Highlights Critical Vulnerabilities In Healthcare

Jeff Pollard 2 days ago
On February 21, 2024, Change Healthcare, one of the major pharmacy claims processors in the United States, detected a cybersecurity incident and took its systems offline, causing disruptions to pharmacies and medical providers across the country. UnitedHealth Group, its owner, immediately acknowledged this incident in an 8-K filing to the SEC on Feb. 21. The […]

Sustainability Reporting Standards And Frameworks And Regulations, Oh My!

Alla Valente 4 days ago
Finding the right sustainability reporting frameworks and standards can be a daunting task. Get some insights in this preview of our new report.

A Patchwork Of US AI Regulations Is Here — It’s Time To Deal With It

Michele Goetz February 9, 2024
In our new report, Navigate The Patchwork Of US AI Regulations, we answer the top questions to navigating US AI regulatory chaos. Here’s what every organization should know as they continue to develop and deploy AI in safe and legal ways.

The Deadly Effects Of High Concentration Risk

Madelein van der Hout November 10, 2023
Learn why breaches with a high impact on society, such as recent cyberattacks in Germany, bring more focus on concentration risk.

What The SEC Missed, But The NYDFS’s Cybersecurity Rule Got Right, About Third-Party Risk

Alla Valente November 9, 2023
Learn four requirements from the new NYDFS Cybersecurity Rule you can start preparing for now.

Biden’s Executive Order On AI Is Broad In Scope And Laser-Focused On Spurring Innovation Without Undue Risk

Alla Valente November 1, 2023
The new executive order calls for a “societywide effort” from government, the private sector, academia, and civil society to address eight AI priorities.

Prognosen 2024: Risiko- und Sicherheitsexperten werden Schutzmechanismen anwenden, die über Regulierungsvorschriften hinausgehen

Alla Valente 31 Oktober 2023
2024 werden weitere Unternehmen neue GenAI-Initiativen einführen, wobei sie schnelle Innovation mit Governance und Verantwortlichkeit in Einklang bringen müssen. Erfahren Sie mehr über unsere Prognosen 2024 für Cybersicherheit, Risiko und Datenschutz.

Prévisions 2024 : les experts Sécurité & Risques iront plus loin que les exigences réglementaires

Alla Valente 31 Octobre 2023
En 2024, alors que de plus en plus d’organisations lancent de nouvelles initiatives genAI, elles devront compenser l’innovation rapide avec plus de gouvernance et de responsabilité. Pour en savoir plus, consultez nos prévisions 2024 sur la cybersécurité, le risque et la confidentialité.

Predictions 2024: Security And Risk Pros Will Apply Guardrails Beyond Regulatory Mandates

Alla Valente October 31, 2023
In 2024, as more organizations launch new genAI initiatives, they will need to balance fast innovation with governance and accountability. Learn more in our 2024 predictions for cybersecurity, risk, and privacy.

The Whistleblower Diaries: Don’t Blow Off The Disgruntled Employee

Alla Valente October 12, 2023
Ignoring whistleblowers is costly and bad for business. Learn three things that security and risk pros need to know about a new breed of whistleblower.

Marketing: Swipe Right On Your Relationship With Security And Risk

Alla Valente September 7, 2023
Call us matchmakers but we want to consciously couple marketing and S&R to avoid painful missteps when marketing and S&R operate in isolation.

Heed The Warnings And Get Climate Risk On Your Risk Register

Alla Valente August 23, 2023
After Montana was found to have violated the constitutional right to a “clean and healthful environment," this is what every risk pro should be considering.

When The Regulator Comes Knocking, Will You Have Your AI House In Order?

Michele Goetz July 18, 2023
The US Federal Trade Commission is officially investigating OpenAI. Learn how you can mitigate your risk exposure by addressing the eight areas of interest outlined in the FTC request.

The CLM Market Is Ripe For Disruption, And 13 Vendors Vie To Lead The Charge

Alla Valente June 1, 2023
When thinking of markets on the cusp of disruption, legal tech — and especially contract lifecycle management — is not likely what comes to mind. But it should. Here's why.

Wonder Twin Powers, Activate! Cyber Risk Ratings And Third-Party Risk Platforms Are More Powerful Together

Alla Valente May 2, 2023
Third-party risk management and cyber risk ratings fight better together, making security and risk professionals the beneficiaries of the alliance.

Standards And Frameworks Abound For Environmental Sustainability — Don’t Confuse The Two

Alla Valente April 21, 2023
Frameworks and standards are not the same. Learn the difference and get a look at some commonly used ones for sustainability.

This Earth Day, Take Control Of Climate Risk

Cody Scott April 21, 2023
Climate events occur more frequently every year. Treat this Earth Day as a call to action, and add climate risks to your systemic risk purview.

Spotting Reputational Risk In Nontraditional Third-Party Relationships Ain’t So Yeezy

Alla Valente March 14, 2023
Third-party risk management efforts typically focus on software vendors and managed services providers. It's time to broaden that perception.

Get A Head Start On The National Cybersecurity Strategy

Jeff Pollard March 2, 2023
This blog outlines Forrester’s existing Security & Risk research to help organizations navigate, manage, and prepare their organizations for the implications of the National Cybersecurity Strategy.

The Third-Party Risk Questionnaire Equation Doesn’t Add Up: Right Intention, Wrong Execution

David Levine February 23, 2023
Perspectives From A Former CISO/CSO For my second blog in this series, I wanted to share my thoughts on one of my favorite subjects: third-party risk management (TPRM). More specifically, I’m going to primarily focus on the receiving side of the equation — i.e., responding to and dealing with external inquiries about your organization as […]
More posts