Alla Valente

A recent cyberattack on a global medical device manufacturer shows how third-party failures can cascade from enterprise IT into patient-facing operations. This post unpacks what the incident reveals about concentration risk, vendor dependencies, and real-world impact.

The alleged Stryker cyberattack underscores a critical blind spot in enterprise resilience strategies: the outsized risk and impact of compromised device and endpoint management platforms.

What do the Monopoly man’s monocle, the Fruit of the Loom cornucopia, and “Luke, I am your father” have in common? None of them actually exist the way you remember. That glitch is the Mandela effect, a collective misremembering of facts or events, and it is the same mental bug that convinces executives that their […]

In February 2025, Dutch telecom operator Odido disclosed a breach affecting 6.2 million current and former customers (roughly a third of the country’s population), the largest telecom breach in Dutch history. Attackers socially engineered a call center employee into approving a fraudulent MFA request, gaining access to Odido’s Salesforce CRM environment and exfiltrating highly sensitive data […]

Anthropic’s push into agentic AI highlights a core enterprise challenge: Speed alone is not enough. It's governance, trust, and accountability that determine real value.

For those of us of a certain generation, “Black Friday” invokes memories of the Cabbage Patch Kid riots of 1983.

In times of calm, but especially in times of chaos, risk management strategies and their execution must be dictated by context and control. Prioritizing key risks and crafting appropriate responses is essential to keeping the business going.

At its core, California’s new AI law requires safety protocols, best practices, and key compliance policies, but it stops short of prescribing risk frameworks and imposing legal liabilities. Here’s a closer look at what’s in SB 53.

AEGIS is not just another acronym — it’s now a fully cross-referenced, regulation-aware blueprint for building trust in AI systems.

The fourth outage in five years for AWS’s US-East region was traced to DNS resolution failures that affected many core services. Find out what you should do from both the technology and the supplier risk management side to improve your cloud resilience.

The recent breaches at F5 and SonicWall illustrate how attackers are targeting the very infrastructure that enterprises rely on to secure and deliver digital services.

The Netherlands placing Chinese-owned chipmaker Nexperia under ministerial oversight is a sign that Europe has crossed from passive screening to active control to keep IP and capacity in-region. Find out what this means for CISOs and risk leaders and what steps to take next.

July has marked a defining moment for global AI regulation, as policymakers in both the US and the EU removed or abandoned some heavy roadblocks that stood in the way of laws mandating transparency and regulations enshrining risk management.

For risk professionals, leading through 2025’s volatility has been like living in an “Alice in Wonderland” unreality. Risk teams have never been more important as a function to guide their businesses through challenges such as geopolitical risk events, trade disruption, economic volatility, and regulatory disruption.

Coupa Inspire 2025 unveiled an elevated brand and a new leadership team. Here's the five key insights that came out of the event.

RSAC is the largest cybersecurity conference in the world. Leaders and practitioners across all sectors come together to tackle challenges, all under the maxim of “managing risk.” But what does “risk” actually mean at a security conference? Is it a mythical pursuit? Marketing buzzword? Or generic substitute for “the thing we need to detect/prevent/remediate”? RSAC […]

RSAC Conference 2025 featured the 20th annual Innovation Sandbox competition. Learn more about the entrants and results in this review of the event.

From live goats and puppies to robot dogs and animal costumes, the RSAC Conference 2025 delivered some unexpected surprises. But it also delivered the usual insight into various trends in the security market today. Find out more in this RSAC review.

The recent introduction of US-imposed tariffs has shaken global trade. While economists and financial analysts debate whether this on-again/off-again trade war fits into their model for geopolitical, economic, or supply chain risks, the result is the same: uncertainty and chaos sure to shake up business strategy for the foreseeable future. This new era of volatility […]