Alla Valente

Senior Analyst

Forrester Bio

Author Insights

Blog

New TSA Cybersecurity Directive Signals That The Era Of Self-Regulation Is Over (If There Ever Was One)

Alla Valente June 2, 2021
On the heels of the Executive Order on Improving the Nation’s Cybersecurity signed by the President after a ransomware attack forced the shutdown of Colonial Pipeline, the Department of Homeland Security’s Transportation Security Administration (TSA), the agency responsible for overseeing pipeline security, on May 27, 2021, has announced its own Security Directive of new cybersecurity […]
Read More
Blog

GRC Platforms: What You Need To Know Before You Buy

Alla Valente April 13, 2021
Businesses always need to adapt their operations to changing circumstances, and the pandemic has only exacerbated the need to rethink risk management strategies. COVID-19 has simultaneously highlighted the necessity of risk management and exposed the gaps that exist in many governance, risk, and compliance (GRC) programs today. The pandemic also accelerated digital strategy and transformation […]
Read More
Blog

Make COVID-19 The Supply Chain’s Final Cautionary Tale

Alla Valente February 3, 2021
2020 taught us that we underestimate the role of the supply chain until we're inconvenienced. It also taught us that supply chain risk is business risk.
Read More
Blog

Third-Party Risk Management: You Can’t Outsource Your Way Out Of Accountability

Alla Valente August 5, 2020
Firms have been outsourcing systems, business processes, and data processing activities to third-party service providers (TSPs) for years, but they are only one category of relationships that introduce risk into the enterprise. Now, firms are more dependent than ever on the vast network of third-party relationships, from vendors and suppliers to digital marketing agencies and […]
Read More
Blog

Compliance Is Your Floor, Not Your Ceiling: GRC Platforms Move To Value Creation

Alla Valente March 9, 2020
While firms spend millions of dollars conducting and auditing compliance-driven activities, several of the steepest losses in valuation and market share were precipitated by strategic decisions which all but ignored the risks to the customer experience and the financial implications of a tarnished corporate brand. In the age of the customer, unless a technology continues […]
Read More
Blog

Why Whistleblowers Are Uber Important To Your Business

Alla Valente March 5, 2020
Just over two weeks ago, Susan Fowler’s book, Whistleblower: My Journey to Silicon Valley and Fight for Justice at Uber, published. She tells a story of a broken corporate culture where she experienced and witnessed sexism, harassment, and abuse during her time working for Uber. She confronted her HR department, where she was met with […]
Read More
Blog

RSA Conference Cancellations: Coronavirus Fears Or Supply Chain Uncertainty?

Alla Valente February 21, 2020
As 40,000 attendees descend on San Francisco for the annual security pilgrimage that is the RSA Conference, more sponsors pull out of the event citing safety concerns over the Coronavirus (Covid-19) Pandemic.
Read More
Blog

RSA Conference 2020: What’s On My Risk Management Wish List

Alla Valente February 17, 2020
Waiting for the RSA Conference is a bit like counting down the days until Christmas. And RSA with a full conference pass is the security and risk version of the Toys”R”Us “Big Toy Book” but better — my only limits are good time management, a realistic assessment of logistics, and a pair of comfortable shoes. […]
Read More
Blog

Navigate Through GRC Purchasing Decisions With These Three Considerations

Alla Valente January 29, 2020
The market for governance, risk, and compliance (GRC) technologies is competitive, diverse, and supports a broad range of capabilities. Having many options to choose from is a good thing; having too many options without a clear sense of what you need, what you can afford, or what resources are available to utilize the technology you’ve […]
Read More
Blog

Cannabis Dispensaries: Security And Risk Considerations For Continued Growth

Alla Valente January 24, 2020
In the US, cannabis is fully legal (medical and recreational) in 11 states and Washington, DC. For medical use, it is legal in 33 states. This is a flourishing industry, with one study conservatively estimating it will reach $30 billion by 2025. As dispensaries set up shop, they face many of the same risks as […]
Read More
Blog

Extending Cybersecurity Awareness Of The Third-Party Ecosystem

Alla Valente October 29, 2019
This year’s NCSAM theme of “Own IT. Secure IT. Protect IT.” is a powerful call to action for ownership and accountability. However, many heeding this call won’t think about how it also extends to the vast and growing network of third-party relationships. Why? For most organizations, third parties complicate cybersecurity risk management.
Read More
Blog

Transformation, Third Parties, And Threats Shape The Landscape Of GRC Technology

Alla Valente October 25, 2019
The Forrester Tech Tide™: Governance, Risk, And Compliance Management, Q4 2019 report segments critical governance, risk, and compliance (GRC) technologies to aid risk and compliance pros as they seek to prioritize immediate needs and future investment in GRC management technology.
Read More
Blog

Laud Your Whistleblowers Or Pay The Price

Alla Valente August 8, 2019
It's time to reconsider the whistleblower. It's in companies' best interests to know about and fix ethical missteps before they turn into full-blown scandals.
Read More
Blog

Can RegTech Get Us From Compliance To Competitive Advantage?

Alla Valente May 29, 2019
Buzzwords are the bane of my existence! As a former SaaS tech marketer, I’ve used my fair share. Since joining Forrester a month ago as an analyst on the security and risk team, one of the buzzwords I’m hearing most is “RegTech.” RegTech isn’t just hype. Forrester defines RegTech as the technology-enabled transformation of the […]
Read More