A firm’s network of third-party relationships can be a source of strength and an Achille’s heel, depending on the maturity of their risk management process. Companies have limited or no control over how third-parties secure their technology infrastructure, their applications, and their data, yet they're on the hook for breaches, cybersecurity incidents, and regulatory fines incurred.
Alla is a principal analyst at Forrester. Her research interests include governance, risk, and compliance (GRC), third-party risk management (TPRM), and contract lifecycle management (CLM), and Alla’s current research focuses on enterprise risk management (ERM), AI risk, and risk management frameworks. Alla helps Forrester’s security & risk clients establish strategy, adopt best practices, and select technology. Alla’s work has enjoyed wide exposure in the media, including in The Wall Street Journal, CNBC, and she speaks frequently at risk and executive conferences.
