“Connected reporting capabilities, control testing, real-time collaboration, cloud-based access, stringent security measure and permissions controls” are considered the leading factors behind CFGI offering Workiva to its clients.
In a move to provide its SOX and GRC clients with a tool that will modernize their compliance reporting and management, CFGI, a US-based high-end technical accounts, risk management, and finance advisory services organization, has entered into a partnership with Workiva.
Beyond the ability to access and collaborate with CFGI remotely, users will also benefit from the customizations that CFGI has integrated into the product that facilitate the process and guide the client to accurately complete reporting.
In the high-end financial risk advisory and compliance space, specialization in the GRC market is required to support the specific needs of clients who face not only Sarbanes-Oxley rules but dozens of global financial and banking regulations. As compliance requirements continue to drive enhanced reporting and controls, market segmentation will likely continue.
Source: SoftwareReviews GRC Data Quadrant, Accessed May 13, 2020.
Governance, risk, and compliance (GRC) vendors will need to distinguish themselves in the market. New methods of providing value, either through the introduction of machine learning and AI capabilities that assess and evaluate incoming data streams (vulnerability input, compliance, etc.) or through vendor collaboration with value-add services such as CFGI and Workiva, set products apart from the pack. This form of collaboration is another way to improve market penetration.
In recent years, another source of differentiation has been the coupling of GRC with enterprise solutions. An example of this in the financial space is SAP. Oracle has also integrated GRC with its enterprise solutions and in the information service management systems (ISMS) space, and ServiceNow has included its GRC as part of its offering.
GRC is not the sexy toy in the IT software basket, and therefore it must find new ways of adding value and reaching new markets in order to expand market share.
PHEMI is a data privacy solution focused on keeping data-processing activities secure by redacting information based on the role of the accessor. Thus, allowing such data to be used for multiple use cases without compromising privacy.
Kenna Security deployed their new data driven vulnerability management program, Kenna.VM and accessory program, Kenna.VI. Released on April 28th, Kenna.VM was created with the purpose to set service-level agreements (SLAs) with risk tolerance in mind.
We often hear that businesses are continually cyber insecure or under attack. However, recent penetration testing from Rapid7 shows that businesses are getting better at securing their networks against cyberattacks. While organizations continue to have exploitable weaknesses, attackers are having greater difficulty penetrating deeper into businesses’ networks.
Four zero-day vulnerabilities were discovered in IBM’s Data Risk Manager. While the vulnerabilities are concerning, more so is IBM’s response when addressed. The company simply stated, “It’s out of scope.” – meaning it had no intention to rectify or address the issue.
The Internet of Things is increasingly embedded with our daily lives. While these devices make life more accessible, for every new device, a new attack vector for cyberattackers is created.
Qualys VMDR has hit the live market. Originally unveiled in February 2020 at Qualys Security Conference, VMDR is now publicly available as of April 16, 2020. Partnering with both large and small MSSPs, VMDR is designed to be scalable to any business enterprise and to automate the entire management cycle on all endpoints.
In March 2020, ZA Bank, Hong Kong’s first virtual bank, selected the OneSumX solution from Wolters Kluwer for regulatory reporting.
In a move to better respond to digital risk resulting from digital transformation and innovation priorities, RSA has updated the RSA Archer and NetWitness Platforms.
ServiceNow’s Orlando release introduced Now Intelligence, a set of features that strengthen ServiceNow’s lead in the AI-powered IT service management (ITSM) and digital transformation space.