CIOview Delivers SecurityNOW!: Provides Financial Transparency for IT Security; Increases Security Auditor Productivity 90%.MAYNARD, Mass. -- CIOview, the leading provider of IT financial software, announced availability of SecurityNOW! SX, a free software package that lets organizations complete a comprehensive IT security self-assessment in 30 minutes or less. SecurityNOW! is designed for the security novice and expert alike to: --Rapidly identify key security vulnerabilities and assign a financial cost to each --Forecast how their security environment will change over time --Evaluate various loss control policies and their effectiveness at reducing risk --Calculate the Return On Security Investment (ROSI ROSI Return on Security Investment ROSI Repository of Student Information ROSI Rollergirls of Southern Indiana (Evansville, IN) ROSI Raytheon Optical Systems Incorporated ROSI Romanian Open Source and Free Software Initiative ) for 100s of possible strategies Part and parcel of SecurityNOW! is a risk quantification using the commonly accepted framework, Risk Assessment Value (RAV). RAV allows organizations to compare their security between departments and over time. In fact, RAV is increasingly the most common security measure demanded by regulatory bodies. According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. Pete Herzog, Managing Director of the Institute for Security and Open Methodologies (ISECOM ISECOM Institute for Security and Open Methodologies ), "This is the first time that a software product has embodied an international security assessment methodology along with a rapid method to determine the financial implications of IT security. Organizations now can have their cake and eat it too -- a practical, easy-to-use metrics metrics Managed care A popular term for standards by which the quality of a product, service, or outcome of a particular form of Pt management is evaluated. See TQM. software package based on a recognized methodology that's also free." Endorsed by ISECOM CIOview's SecurityNOW! has been given ISECOM's Seal of Approval for bringing financial transparency to the world of IT security. SecurityNOW! takes ISECOM's internationally-accepted security methodology and transforms it into a world-class, easy-to-use software package. The software embodies the six capabilities described by ISECOM as the key to making security transparent: --Accelerated - 30 minutes or less to complete --Accessible - 5 MB of industry benchmark data --Objective - a consistent, open methodology --Customized - quantifies risk based on a user's responses --Forward-looking - forecasts risk over time --Graphical - charts compare security to financial costs, tying the two together Two Versions: Professional reduces time to deliver audit results by 90% SecurityNOW! is available in two versions: SX and Professional. SecurityNOW! SX is a complete security analysis software system based on the OSSTMM OSSTMM Open Source Security Testing Methodology Manual , and is available at no charge at the CIOview web site as well as Security Partner sites. Security professionals and auditors will benefit from SecurityNOW! Professional. It provides added automation features that reduce the time to deliver audit results from 30 days to 3 days. Built upon the foundation of the SX version, SecurityNOW! Professional adds the following capabilities: --Validated data can be imported from a number of network port and vulnerability detection scans; --Verified data from OSSTMM or similar security audits can be directly entered; --A financial and business case for security spending as well as a certified See certification. audit report can be published with one mouse click; --All business case reports can be electronically shared with collaborators and coworkers using the free SecurityNOW! SX version. Endorsed by Worldwide Security Partners SecurityNOW! is endorsed by a variety of worldwide Security Partners, who have made the software available via their web sites, including: --ISECOM (www.isecom.org): an open-source collaborative community dedicated to providing practical security awareness Security awareness is the knowledge and attitude members of an organization possess regarding the protection of the physical and, especially, information assets of that organization. , research, certification and business integrity. --Above Security (www.abovesecurity.com): specializes in mitigating computer risk and offers complete 24/7 managed monitoring and strategic information security services Security services are state institutions for the provision of intelligence, primarily of a strategic nature, but also including protective security intelligence. Examples include the Security Service (MI5) and the Secret Intelligence Service (MI6) in the United Kingdom, and the . --CISSP Open Study Guides (www.cccure.org): is a web portal See portal. dedicated to helping security professional reach their CISSP (Certified Information Systems Security Professional) The award for successful completion of an examination in computer security administered by the International Information Systems Security Certification Consortium (ISC)2. or SSCP (1) (System Services Control Point) A controlling program in an SNA domain. It resides in the host and is a component within VTAM. See also SCCP. certification. --Fullerton Infosec (www.fullertoninfosec.com) is a full service security-consulting firm specializing in OSSTMM security testing Security Testing: (The) Process to determine that an IS (Information System) protects data and maintains functionality as intended. The six basic security concepts that need to be covered by security testing are: confidentiality, integrity, authentication, authorisation, as well as various forms of security education. --GCP Global (www.gcpglobal.com) is dedicated to protecting an organization's information assets against attacks committed by competitors, hackers, industrial spies spies n. Plural of spy. v. Third person singular present tense of spy. , etc. Pricing and Availability SecurityNOW! SX and SecurityNOW! Professional are both generally available. SecurityNOW! SX may be downloaded without cost at www.cioview.com as well as at the web sites of SecurityNOW! partners listed above. SecurityNOW! Professional edition is priced at $3,999 for a 12-month license, and may be purchased through CIOview's web site. About CIOview CIOview is the industry standard provider of software products that configure See configuration. (software) configure - A program by Richard Stallman to discover properties of the current platform and to set up make to compile and install gcc. Cygnus configure was a similar system developed by K. , cost and compare technology solutions, so that IT professionals make better purchasing decisions. Use by more than 80% of Fortune 100 companies, CIOview is the standard for comparing value of IT solutions. (www.cioview.com) About ISECOM ISECOM is an open-source collaborative community dedicated to providing practical security awareness, research, certification and business integrity. ISECOM oversees the development of the OSSTMM, an international standard methodology and best practices for security assessment. The OSSTMM is the most widely adopted approach worldwide to assessing the security of a company's computer systems. CIOview(R) and ROInow!(R) are registered trademarks, and TCOnow!(TM) and SecurityNOW!(TM) are trademarks, of CIOview Corp. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion