Conversations in Risk-Based Security

A close look at the reasons companies fail reveals that there are substantial risks that don't typically fall under the purview of most GRC programs. The Forrester Report, Extend Compliance And Risk Management To What Really Matters For Your Business, explores how companies can improve business performance by expanding the fundamentals of their GRC program to the aspects of their company that drive success with customer interactions, which will in turn drive growth and revenue for the company.

Many companies in the healthcare market struggle with compliance projects and finding the time and knowledgeable resources, as-well-as the budget, to adhere to government regulations in a timely manner.

Taxes are certainly not fun, but there is something worse: an audit. Combine the two in a risk and compliance scenario and you have the onerous “audit tax,” a figurative term used to describe the expenses a company incurs when deploying resources and manpower to satisfy the burgeoning set of internal and external compliance and audit mandates. The good news is that there are ways to reduce the audit tax burden.

Managing IT risk is part of running any business these days. Regardless of what business you’re in, understanding IT risk can help you increase network security, reduce management costs and achieve greater compliance. Corporate leaders who fail to identify, assess and mitigate IT risk are setting themselves up for serious security breaches and financial losses down the road.

Join us for the webinar "Managed Security - How to Boost Your Security Posture Through Outsourcing Security to Experts” featuring research from the 2017 Cybersecurity Trends Spotlight Report published by the Information Security Community on LinkedIn in partnership with Crowd Research.

Organizations increasingly rely on vendors and third-party relationships for strategic business advantage.  Ensuring that these partnerships don’t create an unacceptable risk requires a complete vendor risk management approach.  Join Michael Rasmussen, The GRC Pundit at GRC 20/20, as he presents this 3 part educational webinar series on managing vendor risk and compliance.

Lynx Technology Partners and Lieberman Software recently announced an integration module for Lynx Risk Manager (LRM) which imports privileged account information from Lieberman Software’s Enterprise Random Password Manager (ERPM) and immediately updates security control scores in LRM.  These scores form the basis for continuous measurement of password-related security risks, as well as compliance to a wide range of regulatory frameworks.

Bobby Dominguez will discuss the operationalization of the NIST Cyber Security Framework to create an information technology risk program at ISACA’s CSX 2016 North America conference in Las Vegas, Nevada, USA, 17-19 October 2016. CSX 2016 North America will be focused on practical cybersecurity solutions and guidance, tailored to every level of a security professional’s career.

Due to the high demand for live training and this course in particular, Lynx Technology Partners and the EC Council are partnering to bring CCISO to Pittsburgh October 24 through October 28, 2016.  The event will be hosted at the Lynx Technology Partners offices at 309 Smithfield Street in downtown Pittsburgh. 

Join the ranks of infosec managers making the leap to executive infosec leadership with Live CCISO Training!

In many organizations the genesis of their GRC efforts can be traced back to a few isolated projects that were quick responses to external factors (e.g. scrambling to pass the first PCI audit, “What’s this HIPAA thing all about?”, etc.)  To get these projects going people turned to their reliable “universal tool”, the spreadsheet.  Suddenly spreadsheets became assessment tools, scoring programs, aggregated databases, report generators, etc.  For these projects, spreadsheet-based GRC rose to the occasion and saved the day!