Category Archives: Vendor Risk Management

Incorporating Cloud Security into Your IT Risk Assessment, Penetration Testing and Vendor Risk Management Processes

Posted on January 8, 2016 by lexi

Wes Withrow, cprlorca Cybersecurity Expert 

Information security teams have exhausted a great deal of time and political capital waging an interdepartmental war against a department that doesn’t even officially exist – the Shadow IT department. Historically, the battle with Shadow IT has focused on the unauthorized use of on-premise IT equipment, and now that battle has shifted to the cloud.

So what exactly is Shadow IT and how big of a problem is it? More importantly, how can

Read More...

Posted in IT Risk Management and Risk Assessments, Vendor Risk Management, Vulnerability Management

Take Control over Your Extended Enterprise with TraceCSO Vendor Risk Management Capabilities

Posted on April 8, 2015 by lexi

                                                             

Businesses today integrate third-party vendors into many parts of their infrastructure because of the convenience and expertise they provide. As a result, organizations must account for the IT risk that comes along with these relationships. Forrester Research Inc. urges organizations to “build better risk profiles of your vendors, suppliers, and other third parties” in their “Predictions 2015: The Governance, Risk, And Compliance

Read More...

Posted in IT GRC, Vendor Risk Management

The Importance of Effective Vendor Management in Today’s Cybersecurity Landscape

Posted on February 24, 2015 by ashley

vendor screen

Jonathan Harrell and Madeline Domma, Product Design Specialists

Increasing interdependence amongst organizations has become essential to achieving successful objectives in today’s complex world of business. Now, more than ever, organizations rely heavily on vendors to maintain their operations but with this expertise and convenience comes added risk. According to Forrester Research, Inc. in a report titled “Understand the Business Impact and Cost of a Breach” published January 12, 2015,

Read More...

Posted in Vendor Risk Management

Your First Look into Trends and Topics at the 2015 RSA Conference (RSAC)

Posted on December 18, 2014 by ashley

RSAC 2015 Word Cloud

This word cloud was provided by the RSA Conference during its December 15th, 2014 webinar and reflects the most frequent terms used across more than 1700 speaking submissions. The largest words are those most commonly cited in conference session titles that were submitted for consideration to be included in this year’s RSA Conference agenda. 

During this December 15th RSAC webinar, Britta Glade, Senior Content Manager and Hugh Thompson, Program Committee Chair, for RSA Conferences shared

Read More...

Posted in Incident Response Management, IT Audit Management, IT Compliance and Regulatory Change Management, IT GRC, IT Risk Management and Risk Assessments, Policy Management, Security Awareness Training, Social Engineering, Vendor Risk Management, Vulnerability Management

Identity Theft Armageddon is Coming

Posted on March 5, 2014 by ashley

Jim Stickley, Chief Technology Officer

Recently, there has been a lot of press regarding the Target credit card breach, and this has lead to many questions regarding just how vulnerable the entire credit card payment system really is. Now, in case you are unaware of how Target was breached, the basic facts are this. Hackers were able to load malware onto the Point of Sale (POS) servers on Target’s network. This malware was specifically designed to monitor the payment processing software loaded

Read More...

Posted in Cybersecurity, IT Compliance and Regulatory Change Management, IT Risk Management and Risk Assessments, Security Awareness Training, Social Engineering, Vendor Risk Management, Vulnerability Management

Cloud-based Information Security Software: Preparing Your Data for the Cloud

Posted on June 11, 2013 by traceadmin

As organizations continue to place more critical data in the cloud, they must vet their vendors and engage in due diligence to avoid security nightmares. Risks can be extreme when the wrong vendor supports an organization’s cloud-based information security efforts. cprlorca is a pioneer in cloud information security software and has recently introduced TraceCSO, an end-to-end risk management solution that helps companies prepare themselves for their migration to the cloud.

TraceCSO formally

Read More...

Posted in Incident Response Management, IT Audit Management, IT Compliance and Regulatory Change Management, IT Risk Management and Risk Assessments, Vendor Risk Management, Vulnerability Management

cprlorca: Your Information Security Program

Posted on January 21, 2013 by traceadmin

When you’re searching for an Information Security Program, look no further than cprlorca. We are a trusted partner who works closely with you organization to ensure that the software solutions and professional services we provide you with meet your needs now and in the future. Our cloud security officer, TraceCSO, is the first and only risk and compliance solution that enables organizations to create and manage a complete risk-based information security program. The Information Security

Read More...

Posted in Incident Response Management, IT Audit Management, IT Compliance and Regulatory Change Management, IT Risk Management and Risk Assessments, Policy Management, Security Awareness Training, Vendor Risk Management, Vulnerability Management

Information Security Program Development and Implementation

Posted on January 3, 2013 by traceadmin

Information Security Program

Information security program development and implementation is not a simple process, but it is an absolutely essential and on-going process – particularly if your organization is responsible for maintaining the integrity, availability, and confidentiality of customer information or business-critical data. Information security programs are mandated by authorities in industries like health management, banking, and energy, as well as other state and federal agencies, but the legal and business

Read More...

Posted in Incident Response Management, IT Audit Management, IT Compliance and Regulatory Change Management, IT Risk Management and Risk Assessments, Policy Management, Vendor Risk Management, Vulnerability Management

Test de Penetrare, Scanare de Vulnerabilitati, MoldovaTeste de Penetrare, Scanari de Vulnerabilitati, MoldovaPenetration Testing Moldova, Penetration Test Moldova, LogicalPoint