TRENDING:

Compliance Points Way To Risk Management

January 30, 2006     Brian McKenna - Infosecurity Today Magazine

Recent and current pressures on IT security managers in publicly quoted companies to tick regulation boxes have about five more years to run. NetIQ security strategist Chris Pick believes that the discipline of risk management, taking companies beyond mere compliance, is "not there yet” as a driver of IT security spending, but that it will be soon.

The company’s VP of security management product strategy was speaking around the recent launch of its ‘Risk and Compliance Center’ product, which offers a regulation-by-regulation view of security incident data. “It represents a single not multiple effort in terms of understanding security information flows, and gives executives visibility into their enterprises’ security postures. And it automates your compliance efforts so that cost savings are possible from year to year”, he said.

So far the product has three major enterprise customers: a Scottish bank, a Swiss financial services company, and a US grocery chain. Pick confirmed that in each case the Chief Information Security Officer drove and signed off purchase.

Pick said that while the company expects immediate customers to come from compliance challenged public and highly regulated companies, that mid-market enterprises will adopt this kind of dashboard tool as the “science of risk management” matures beyond a reactive response to Sarbox, and Sarbox-like, legislation. "There have been cases of companies who have been compliant, but still got hacked", he pointed out.

Previous
Reducing Online Banking Fraud with Stronger Authentication Methods
Next
Will SOX and GLBA Soon Require Strong Authentication?



Around the Network

Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Why Health Firms Struggle with Cybersecurity Frameworks
Why Health Firms Struggle with Cybersecurity Frameworks

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.