Latest news
TraceSecurity introduced TraceCSO, which allows organizations of any size, industry or security skill set to evaluate, create, implement and manage a risk-based information security program, to protect their organizations from today’s top information security risks, including cloud security and BYOD concerns.TraceCSO identifies and prioritizes risk to an organization’s information – including network vulnerabilities – and identifies, implements and audits security controls. To help organizations stay current with the latest regulatory mandates specific to their industry, TraceCSO leverages a global database of hundreds of authorities and more than 25,000 regulations and citations.
TraceCSO’s wizards guide the system set up of adding users and departments, defining permissions and roles, coordinating network scanning, and selecting authority documents. TraceCSO’s Risk Assessment – the cornerstone for setting up and managing the risk-based information security program – identifies asset threats and controls to mitigate risk, and assigns TraceSecurity’s proprietary Risk Score.
The Risk Score allows an organization to measure and report on mitigation effectiveness, set benchmarks, and analyze trends – ultimately leading to better risk-based decisions and optimized information security allocations.
TraceCSO also identifies existing ineffective or unnecessary controls and recommends the most effective replacements.
Once controls are identified, TraceCSO maps them to a database of more than 25,000 authorities, citations and regulations. This enables the organization to determine industry-specific compliance and allows for a best practice risk-based information security program that organically leads to compliance and eliminates the laborious compliance reporting process.
Finally, information determined during the Risk Assessment filters and pre-populates all functional areas of TraceCSO, making the organization’s information risk and compliance profile more visible, more accessible, more manageable and more valuable than ever.
Spotlight
Is it time to professionalize information security?
Posted on 23 May 2013. | The issue of whether or not information security professionals should be licensed to practice has already been the topic of many a passionate debate.
Review: Logging and Log Management
Posted on 22 May 2013. | Every security practitioner should be aware of the overwhelming advantages of logging and perusing logs for discovering system intrusions. But logging and log management comes with its own set of difficulties.
Experts highlight top data breach vulnerabilities
Posted on 22 May 2013. | Hidden vulnerabilities lie in everyday activities that can expose personal information and lead to data breach, including buying gas with a credit card or wearing a pacemaker.
A closer look at Mega cloud storage
Posted on 21 May 2013. | Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Mega offers 50GB of free space with great pricing on Pro accounts.
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
