February 12, 2013 - MetricStream today announced that it has been named as a company with strong IT Governance, Risk, and Compliance (GRC) solutions in the KuppingerCole Vendor Report titled "MetricStream: Bridging the Gap Between Business GRC and IT GRC." The report has been published by KuppingerCole, a leading Europe-based analyst company for information security both in classical and cloud environments.
Analyzing the IT GRC industry, the KuppingerCole report brings out the security and compliance challenges that organizations face due to the increased use of virtualization technologies and external IT services, as well as emerging and evolving compliance requirements. According to the report, "organizations are in a situation where they are confronted with exponential changes regarding outward-facing processes, users, and external IT services used." What organizations require today is an IT GRC solution that is agile to business changes, integrates with enterprise GRC, manages evolving risks related to information security and compliance, and monitors business performance.
IT and cyber security risks are a growing concern for most European organizations. With therise in media attention on privacy and data breaches, European companies are becoming aware of the risk of a data leak ending up in today's more intense news environment and its impact on business.
Having evaluated the IT GRC market, KuppingerCole says that MetricStream's strong and integrated portfolio of GRC solutions comes with well-defined controls, security features that address risks and threats arising from social, cloud and virtualization technologies, and capabilities that enable organizations to merge Information Security, IT Risks, and Enterprise GRC to drive business performance.
Says Vasant Balasubramanian, Vice President of Product Management at MetricStream, "KuppingerCole's report is a testimony to our rich capabilities in IT GRC, and the innovations we have brought to the market to address complex security and compliance risks in an increasingly virtualized and mobile world. MetricStream's IT GRC solutions enable organizations to harmonize GRC processes across the enterprise, align IT GRC with enterprise GRC processes,andintegrate bottom-up IT control processes with top-down risk intelligence."
With the acquisition of vPanorama cloud GRC technology, MetricStream is enabling its customers to seamlessly manage regulatory compliance, privacy requirements, security threats, vulnerability risks, and performance metrics across the entire spectrum of virtual assets in the cloud, as well as on-premise virtual infrastructure.
Martin Kuppinger, Founder and Principal Analyst at KuppingerCole, says, "From the IT perspective, GRC has moved from technical system-oriented approaches towards information and service governance. We found MetricStream's IT GRC solutions to be well-thought and mature based on parameters such as security, functionality, usability, integration capability, and interoperability. The platform also supports business requirements and integrates with other IT security and GRC point solutions to provide a complete enterprise GRC approach."
The report also recommends that organizations looking for GRC solutions carefully evaluate GRC solution vendors. As per the report, "There are different vendors with fundamentally different offerings. While some provide Enterprise GRC solutions focusing on specific aspects of business, ignoring IT GRC, there are others who provide Enterprise GRC that support IT controls and integrate with specific IT GRC solutions. Organizations therefore need to evaluate and analyze GRC vendors based on whether the vendor's roadmap is aligned with the evolutions in the business landscape and if the current offerings are mature enough to support the changing business requirements of organizations."
Mr. Balasubramanian also goes on to say, "MetricStream has a strong track record in providing IT GRC solutions in the European market, the most recent being the implementation of the solution by one of the world's largest international online sports betting services provider. This is attributed to MetricStream's understanding of the global markets and the specific GRC needs of organizations in different locations."