The MetricStream Security Threat and Vulnerability Management (STVM) App enables the effective management of IT assets by proactively aggregating and correlating threats and vulnerabilities from across information sources. The app integrates with multiple STVM tools, security intelligence feeds, and social media channels to automatically pull in STVM information. It then links the data to critical assets to identify risk exposures, and streamline and automate remediation processes.
Blue Hill analyzed 25 GRC deployments in order to identify decisions and practices that helped organizations to minimize the time and cost required in implementation. This analysis includes a profile of Agiliance RiskVision implementation experiences from four organizations to provide a model to benchmark and compare RiskVision implementation experiences with larger GRC market trends.
Authored by Vibhav Agarwal, Senior Manager of Product Marketing, MetricStream and Dr. Michael Redmond, FBCI, MBCP, CEM, PMP, MBA, PHD, CEO and Lead Consultant Redmond Worldwide.
In today's world of connected threats, cybersecurity is a market differentiator and key business enabler. Leaders must now address increased responsibility amid quickly evolving, enterprise-wide challenges.
Organizations attempting to respond to this complex environment often face or create additional challenges due to poor people, process, and technology decisions. Separations in both organizational boundaries, SOC shift structures, and integration and automation of processes inhibit collaboration and prevent rapid containment and resolution of cyber events.
Success in today's dynamic business environment requires organizations to manage and comply with policies, standards, and controls. This is true across the business, but is particularly true in the context of IT governance, risk management, and compliance (IT GRC).
It's no news to CISOs, Chief Compliance Officers, Procurement Officers, GCs, and other key stakeholders in vendor management programs that third parties today represent one of the greatest risks to organizations, nor is it news that that the focus on vendor risk management is only increasing as regulators across a broad spectrum of industries and geographies continue to tout the importance of 1) managing risk throughout the vendor lifecycle, and 2) taking a risk-based approach to focusing due diligence efforts on those business partners who represent the most risk.
A leading Fortune 50 Health Care organization manages their comprehensive large-scale supplier assessment program with Rsam; harmonizing data points from 18 risk & stakeholder organizations to optimize the full supplier lifecycle.
Companies often find themselves struggling to comply with increased third party risk management program regulations because of the difficulties in obtaining timely and insightful information and the complexity of consistently translating that information into risk decisions aligned with corporate risk appetite. But with a simplified approach to compliance—one that includes narrowing focus, enabling lifecycle management, and leveraging technology and analytics—third party risk management can be an integrated function of your business, and not just a cost of compliance. In this Business Insight, Drew Wilkinson discusses the important issues about third party risk management.