Alla Valente

Fear. Uncertainty. Doubt. Also known as “appeal to fear,” fear-uncertainty-doubt (FUD) is a fallacy in which a person tries to create support for an idea (or technology) by attempting to increase fear towards an alternative. Since passage of Sarbanes-Oxley (SOX), the regulation that launched the era of compliance, technology sales have been predicated on creating […]

The theme for Earth Day 2022 is “Invest In Our Planet.” In the leadup to the main event on April 22, it’s not unusual for scores of companies big and small and newcomers and household names in every industry to take to social media to highlight their efforts for investing in our planet. After all, […]

Cyber insurance is only one component of a bigger enterprise cybersecurity risk management program. However, the cyber insurance market has been on a roller coaster, with skyrocketing premiums, changes in coverage, and a demand for policies that outweighs available supply. After years of affordable and readily available policies, the ubiquity of cyber insurance combined with […]

Führende Risikomanagementunternehmen in Europa und weltweit sind bereits vom Krieg in der Ukraine und den gegen russische und weißrussische Akteure verhängten Sanktionen betroffen. Forrester-Analysten geben in diesem Beitrag ihre Einschätzung.

Les leaders de la gestion des risques en Europe et dans le monde sont déjà impactés par la guerre en Ukraine et les sanctions imposées aux acteurs russes et biélorusses. Les analystes de Forrester fournissent leurs conseils dans cet article.

Forrester predicts that in 2022, one in 10 experienced security pros will exit the industry. This brain drain is the result of a few dynamics colliding: poor financial and advancement incentives; general stress and burnout impacting security teams; and cybersecurity’s dirty little secret, workplace toxicity! And cybersecurity isn’t immune to the hidden epidemic impacting women’s ability […]

Risk management leaders in Europe and worldwide are already being impacted by the war in Ukraine and the sanctions imposed on Russian and Belarusian actors. Forrester analysts provide their guidance in this post.

Third-party risk management (TPRM) is high on the list of business priorities and risk management priorities, and that’s a good thing. Despite predictions in the early days of the pandemic that firms would rein in outsourcing strategies, the third-party ecosystem continues to grow, smaller vendors and suppliers remain cybersecurity targets, the global regulatory machine continues […]

The average firm’s list of business and risk management priorities looks very different today than it did two years ago. What’s changed? For starters, according to Forrester data, 43% of enterprise risk management (ERM) decision-makers report having experienced three or more discrete critical risk events over the past 12 months. The same group reveals that […]

Ask any CISO to articulate the ROI of their firm’s cybersecurity investment — or, worse yet — to defend an increase to the security budget, and you’re likely to get anything from a threat heat map to a 5×5 grid to a list of the latest threats with a flowchart of how the firm is […]

On January 13, the US Supreme Court ruled that the Biden administration’s vaccination-or-test mandate for private businesses employing 100 or more workers could not be enforced by OSHA — the federal agency that covers private sector employers and workers in all 50 states. Ultimately, the ruling takes enforcement out of OSHA’s hands and puts it […]

Beyond the immediate response issues, the Log4j vulnerability poses longer-term risk management and community considerations.

It’s been … a weekend for security pros. The Apache Log4j vulnerability (CVE-2021-44228) affects somewhere between 0 and 3 billion-plus of the devices currently running Java. Luckily, a metric ton of amazing advice exists on #InfoSecTwitter right now. It’s a lot to consume at once, which is why we‘ve put together three parallel workstreams you […]

After months of negotiations in Congress, the Infrastructure Investment and Jobs Act is about to become law. This new law will address specifics such as climate change, sustainability, and cybersecurity that all have specific requirements which, in turn, will drive your policy and regulation in the future. If you do business with the US federal […]

Retailers, the time is now to manage supply chain risks, raise bot defenses, and prioritize customers this holiday season.

Before March of 2020, “supply chain issues” was a term we’d hear after a natural disaster or labor strike — that all ended the moment we ran out of toilet paper. Unquestionably, the supply chain crisis has been a secondary theme of the pandemic, one that continues to escalate. For the 15 months since the […]

It can be the carrot or the stick, but the key to a successful vaccination incentive is to make a definitive decision.

As renowned ghost hunter and solver of mysteries Scooby-Doo would say, “Ruh roh, Raggy!” It looks like more than ghosts are wreaking havoc on haunted networks. We’re less than a full week into October, and Cybersecurity Awareness Month isn’t quite taking shape the way we expected. Ostensibly, orgs decided to pivot and use this time […]