Full RSS Feed
Receive
the Free CMSWire NewsletterThis week RSA identifies a number of new trends that will increase the pressure on companies to look to the cloud for new GRC solutions. While security concerns have always been a concern in cloud deployments, there is no shortage of companies like Agiliance to offer solutions for this, while Applied Discovery has added document review to its hosted services.
GRC to Move to the Cloud?
The increasing cost of using GRC software as more and more regulations are introduced is always going to push enterprises to move in the direction of the cloud.
However, while costs may be one driver, the increasing complexity of regulations and the difficulty in achieving compliance with them is one of the other principal drivers.
In the lastest report from the RSA-sponsored Security for Business Innovation Council, a think-tank of Global 1000 security executives, the convergence of four new significant trends is going to force enterprises to take to the cloud. Those trends include:
- Strengthened enforcement
- Global spread of data breach notification laws
- Increasingly prescriptive regulations
- Growing business partner requirements
Entitled, A New Era of Compliance: Raising the Bar for Organizations Worldwide, the report outlines the huge impact new legislation and legal obligations are having on business, forcing companies to develop new strategies to deal with them. It also predicts that legislators will move from light-touch to more interventionist regulation.
As I see it, the trajectory of the law here is one way only, which is towards more frequent regulatory intervention, more disputes, more arguments, and more litigation, Stewart Room Field Fisher Waterhouse LLP says.
There’s a lot more here about security for anyone concerned about new regulations like those that are likely to appear once the signaled changes to the FISMA regulations are introduced. You can get a free copy of the report here.
Agiliance Manages Cloud Risk
While software compliance and moving to the cloud may be a problem for some, for others it provides opportunities.
GRC vendor Agiliance, for example, has just released its new Cloud Risk Management services offering assessment, operations and audit software services for virtualized environments.
Combined, they provide compliance, security and risk transparency for private, public and hybrid clouds, and attempt to bridge what Agilence describes as the trust-gap between physical and virtual operations. The new Cloud Risk Management services include:
- Cloud Risk Readiness: An assessment service for private and public cloud project and operator risk assessments
- Cloud Risk Operations: A monitoring service to assess security policy compliance, cloud threats and vulnerabilities using Agiliance RiskVision
- Cloud Risk Audit: An assurance service offering automated regulatory health checks and providing transparency in their infrastructure (IaaS), platform (PaaS) and software (SaaS) environments.
While there is still considerable GRC concern about moving to the cloud, pricing is going to make it just about inevitable and likely that many more vendors are going to be offering similar services to the ones Agiliance has just launched.
Continue reading this article:
Email It
