Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

TruSecure Delivers Info Security Regulatory Compliance Solution

  • 08 June, 2004 09:38

<p>~ Risk Commander 2.0 Delivers the First Comprehensive Solution for Managing Regulatory Compliance and Information Security Risk ~</p>
<p>Sydney, Australia -- June 8, 2004 -- TruSecure® Corporation, the leading provider of intelligent risk management and compliance products and services, today released Risk Commander 2.0, the first enterprise software application that provides a revolutionary way to track, manage and demonstrate initial and ongoing compliance with regulations and standards including Sarbanes-Oxley, HIPAA, Basel II, GLB, FFIEC and ISO 17799. Information security risk is now a required component in the calculation of fiscal health, safety and soundness, and related business properties. Risk Commander 2.0 allows the timely and seamless integration of this new metric into established business management practices. Risk Commander is a powerful and flexible application that integrates TruSecure's extensive compliance and security knowledge with the appropriate information about an organisation to simplify, prioritise and address the challenges of ensuring compliance with a myriad of regulatory issues facing business today.</p>
<p>While most corporate executives are comfortable with how their overall control structures contribute to their internal vision of a well-run organisation, they need immediate help in easily and repeatedly proving to regulators and other third-parties that their corporate control structure complies with new and evolving external requirements. Risk Commander 2.0 allows organisations to easily demonstrate the positive correlation between their information security control framework and compliance with various statutory, regulatory and internal requirements.</p>
<p>Today's business challenge is determining internally whether existing security control structures really do perform their intended functions-including compliance-and then proving it to a variety of regulators, business partners and other stakeholders. While financial, physical, personnel, continuity and other traditional security control structures are well-understood and tightly integrated with day-to-day operations, information security control structures for networks and systems typically are not. This lack of integration has forced organisations into several expensive and time-consuming exercises including, for example, increasingly complex standards-mapping exercises to make it easy for external reviewers to "follow the logic" of a given local implementation back to external requirements, a difficult exercise that is automated in Risk Commander 2.0.</p>
<p>"Serving in our role as the trusted security and compliance advisor to over 700 companies worldwide, TruSecure understands the complexity and importance of achieving compliance with regulatory requirements," said John Becker, CEO of TruSecure Corporation. "TruSecure has leveraged the knowledge and expertise obtained by supporting our customers to create a suite of products and services that combines the critical functions of regulatory compliance and information security risk management. Risk Commander 2.0 is the latest example of TruSecure taking the security industry's leading security risk management services and packaging them into flexible, innovative products that deliver tangible business benefits."</p>
<p>Risk Commander 2.0 provides a single repository for capturing and integrating asset data, associated vulnerabilities, internal policies and information on real security risks an organisation faces. This is then combined with a powerful business logic engine enabling customers to map and integrate the business data through a series of dashboards, scorecards and reports that prioritise compliance, vulnerability and risk remediation efforts. Customisable filters and flexible questionnaires help customers quickly pinpoint compliance issues of interest to the organisation, while Risk Commander's workflow automatically generates a remediation task for every compliance issue identified. This process enables comprehensive remediation management and integration with organisational business processes.</p>
<p>"Regulatory compliance needs to be a comprehensive, ongoing effort ultimately aimed at reducing enterprise security and noncompliance risk over time," said Phebe Waterfield, security solutions and service analyst, Yankee Group. "The security industry continues to offer a variety of compliance-related products and services that deliver point-in-time, ad-hoc compliance or focus on a single regulation. Organisations in heavily-regulated industries such as utilities, financial services and healthcare need to look at holistic solutions that combine superior regulatory and security intelligence, with a flexible application framework that doesn't introduce a new proprietary layer of technology into their organisation."</p>
<p>Risk Commander 2.0 offers numerous benefits to customers, including:</p>
<p>* A single interface for managing all of an organisation's compliance needs, and enabling users to:
o Manage an organisation's complete compliance program accurately and consistently,
o Produce quantitative risk analysis results,
o Identify risk and security issues sooner,
o Increase the efficiency of security personnel,
o Demonstrate compliance effectiveness.</p>
<p>* Unique dashboard and scorecards that offer insight into organisational compliance performance at a glance.</p>
<p>* Aggregation of data from scans, surveys, logs, as well as internal security policies, from any source in virtually any format.</p>
<p>* Seamless importing and integration of data from multiple commercial and proprietary asset management, vulnerability and compliance testing tools.</p>
<p>* Integrated and automated analysis capabilities using a proprietary analysis engine that applies rules developed by subject matter experts and compares collected data to standards and regulations to quickly identify compliance issues.</p>
<p>* Comprehensive management of remediation efforts, from identification through resolution, using an integrated workflow process.</p>
<p>* A strong catalyst for changing the corporate culture. While point-solutions fill gaps, Risk Commander can effect long-term corporate change, improving corporate health and value.</p>
<p>"Many companies have focused on meeting specific, individual compliance issues; however, numerous organisations have taken a broader view and realised a need for a reliable and repeatable method for addressing these risks. These customers are looking for a single tool to help simplify and prioritise the compliance challenges facing businesses today," said Eric Cady, product manager at TruSecure. "Risk Commander immediately highlights compliance issues, allowing efficient risk reduction activities for multiple compliance standards, and adapts as future compliance demands are enforced. The product's powerful analysis and reporting prioritises actions, and then benchmarks continued compliance efforts over time to illustrate progress to senior management, industry regulators and other stakeholders."</p>
Available now, Risk Commander 2.0 base-pricing starts at U.S. $150,000. For more information please visit</p>
TruSecure is the leading provider of intelligent risk management and compliance products and services. TruSecure dramatically improves security and reduces risk by helping organisations make better security decisions and maximising the effectiveness of existing security people, processes and technology. Leveraging TruSecure's security knowledge and intelligence gathering resources-including ICSA Labs®, the global leader in information security product certification-as well as innovative technology and time-tested processes, our customers can predict which vulnerabilities present real risk, prioritise remediation efforts, quickly adapt to changes in the security threatscape, measure progress in improving their security posture, and document compliance with applicable security policies, standards and regulations.</p>
<p>Headquartered in Herndon, VA, TruSecure Corporation has offices in North and Central America, Europe and the Asia-Pacific region. Our customer-proven solutions are used by more than 700 organisations worldwide.</p>
<p>TruSecure, ICSA, ICSA Labs, and IntelliShield are registered trademarks of TruSecure Corporation. All other trademarks and service marks mentioned herein are property of their respective owners.</p>
Chris Bowes or David Sanday
Bowes Communications
+61 (0)2 9387 2332 / 2333 /</p>

Most Popular