from DSSResources.comTruSecure introduces Risk Commander 2.0HERNDON, Va., June 7, 2004 -- TruSecure (R) Corporation, the leading provider of intelligent risk management and compliance products and services, today released Risk Commander 2.0, the first enterprise software application that provides a revolutionary way to track, manage and demonstrate initial and ongoing compliance with regulations and standards including Sarbanes-Oxley, HIPAA, Basel II, GLB, FFIEC and ISO 17799. Information security risk is now a required component in the calculation of fiscal health, safety and soundness, and related business properties. Risk Commander 2.0 allows the timely and seamless integration of this new metric into established business management practices. Risk Commander is a powerful and flexible application that integrates TruSecure's extensive compliance and security knowledge with the appropriate information about an organization to simplify, prioritize and address the challenges of ensuring compliance with a myriad of regulatory issues facing business today. While most corporate executives are comfortable with how their overall control structures contribute to their internal vision of a well-run organization, they need immediate help in easily and repeatedly proving to regulators and other third-parties that their corporate control structure complies with new and evolving external requirements. Their first investment for the recent flood of legal and regulatory security requirements was in old fashioned locks, paper trails, training and point solutions. Now they need to know if those disparate investments are paying off. Risk Commander 2.0 allows organizations to easily demonstrate the positive correlation between their information security control framework and compliance with various statutory, regulatory and internal requirements. Today's business challenge is determining internally whether existing security control structures really do perform their intended functions--including compliance--and then proving it to a variety of regulators, business partners and other stakeholders. While financial, physical, personnel, continuity and other traditional security control structures are well-understood and tightly integrated with day-to-day operations, information security control structures for networks and systems typically are not. This lack of integration has forced organizations into several expensive and time-consuming exercises including, for example, increasingly complex standards-mapping exercises to make it easy for external reviewers to "follow the logic" of a given local implementation back to external requirements, a difficult exercise that is automated in Risk Commander 2.0. "Serving in our role as the trusted security and compliance advisor to over 700 companies worldwide, TruSecure understands the complexity and importance of achieving compliance with regulatory requirements," said John Becker, CEO of TruSecure Corporation. "TruSecure has leveraged the knowledge and expertise obtained by supporting our customers to create a suite of products and services that combines the critical functions of regulatory compliance and information security risk management. Risk Commander 2.0 is the latest example of TruSecure taking the security industry's leading security risk management services and packaging them into flexible, innovative products that deliver tangible business benefits." Risk Commander 2.0 provides a single repository for capturing and integrating asset data, associated vulnerabilities, internal policies and information on real security risks an organization faces. This is then combined with a powerful business logic engine enabling customers to map and integrate the business data through a series of dashboards, scorecards and reports that prioritize compliance, vulnerability and risk remediation efforts. Customizable filters and flexible questionnaires help customers quickly pinpoint compliance issues of interest to the organization, while Risk Commander's workflow automatically generates a remediation task for every compliance issue identified. This process enables comprehensive remediation management and integration with organizational business processes. "Regulatory compliance needs to be a comprehensive, ongoing effort ultimately aimed at reducing enterprise security and noncompliance risk over time," said Phebe Waterfield, security solutions and service analyst, Yankee Group. "The security industry continues to offer a variety of compliance-related products and services, that deliver point-in-time, ad-hoc compliance or focus on a single regulation. Organizations in heavily-regulated industries such as utilities, financial services and healthcare need to look at holistic solutions that combine superior regulatory and security intelligence, with a flexible application framework that doesn't introduce a new proprietary layer of technology into their organization." Risk Commander 2.0 offers numerous benefits to customers, including: -- A single interface for managing all of an organization's compliance needs, and enabling users to: -- Manage an organization's complete compliance program accurately and consistently -- Produce quantitative risk analysis results -- Identify risk and security issues sooner -- Increase the efficiency of security personnel -- Demonstrate compliance effectiveness -- Unique dashboard and scorecards that offer insight into organizational compliance performance at a glance. -- Aggregation of data from scans, surveys, logs, as well as internal security policies, from any source in virtually any format. -- Seamless importing and integration of data from multiple commercial and proprietary asset management, vulnerability and compliance testing tools. -- Integrated and automated analysis capabilities using a proprietary analysis engine that applies rules developed by subject matter experts and compares collected data to standards and regulations to quickly identify compliance issues. -- Comprehensive management of remediation efforts, from identification through resolution, using an integrated workflow process. -- A strong catalyst for changing the corporate culture. While point-solutions fill gaps, Risk Commander can effect long-term corporate change, improving corporate health and value. "Many companies have focused on meeting specific, individual compliance issues; however, numerous organizations have taken a broader view and realized a need for a reliable and repeatable method for addressing these risks. These customers are looking for a single tool to help simplify and prioritize the compliance challenges facing businesses today," said Eric Cady, product manager at TruSecure. "Risk Commander immediately highlights compliance issues, allowing efficient risk reduction activities for multiple compliance standards, and adapts as future compliance demands are enforced. The product's powerful analysis and reporting prioritizes actions, and then benchmarks continued compliance efforts over time to illustrate progress to senior management, industry regulators and other stakeholders." Pricing and Availability Available now, Risk Commander 2.0 base-pricing starts at U.S. $150,000. For more information please visit www.trusecure.com or call 1-888-396-8348. About TruSecure Corporation TruSecure is the leading provider of intelligent risk management and compliance products and services. TruSecure dramatically improves security and reduces risk by helping organizations make better security decisions and maximizing the effectiveness of existing security people, processes and technology. Leveraging TruSecure's security knowledge and intelligence gathering resources--including ICSA Labs(R), the global leader in information security product certification--as well as innovative technology and time-tested processes, our customers can predict which vulnerabilities present real risk, prioritize remediation efforts, quickly adapt to changes in the security threatscape, measure progress in improving their security posture, and document compliance with applicable security policies, standards and regulations. Headquartered in Herndon, VA, TruSecure Corporation has offices in North and Central America, Europe and the Asia-Pacific region. Our customer-proven solutions are used by more than 700 organizations worldwide. TruSecure, ICSA, ICSA Labs, and IntelliShield are registered trademarks of TruSecure Corporation. All other trademarks and service marks mentioned herein are property of their respective owners. TruSecure Corporation Cynthia S. Shaw, 703-480-8509 PublicRelations@TruSecure.com or Schwartz Communications, Inc. Jason Morris or Laura Ackerman, 781-684-0770 trusecure@schwartz-pr.com |