Governance, Risk & Compliance (GRC)
GRC is a discipline that aims to synchronize information and activity across governance, risk management and compliance in order to operate more efficiently, enable effective information sharing, more effectively report activities and avoid wasteful overlaps.
Let’s keep this simple: Take whatever GRC use case you want, we don’t dictate what you can and can’t do. Start with our baseline configurations to get your solution up and running fast. Use drag-and-drop, self-serve tools that let users enhance these configurations to best meet their requirements.
- Audit Management
- Policy Management
- Business Continuity
- Regulatory Change
- Enterprise Risk Management
- Exception Management
- Incident management
- Vendor Risk Management
Built for Change
Most GRC platforms are outdated before they’re fully implemented. That’s because vendors usually ask for all requirements upfront and hardwire dependencies during the initial design. Not Rsam. Our platform can adapt to any change you throw its way. Your modules all draw from a single, centralized repository built in a relational architecture. That means you can make changes without fear of breaking dependencies.
Demonstrate Value Quickly
Deploy an out-of-the-box, turnkey baseline configuration that addresses your most urgent use case within 30 days and iterate from there. With Rsam, you can also easily customize the baseline to meet your own unique needs. Iterate each step of the way until you reach 100% of your requirements. This keeps your implementation manageable and moving forward.
Puts Control in Your Hands
Your GRC program is unique to your organization – and Rsam thinks it should stay that way. We give you control over what modules you want to implement and in what order. There is no custom coding or expensive rework if you change your mind. Rsam’s relational architecture leverages a central database so you can build new use cases at your own speed. You save time, resources and money.
Rsam can help you transform GRC from ugly to elegant in 30 days. We keep it simple. Start with your highest priority modules. Add on as you go with a spectrum of modules to meet the most demanding requirements. Whether you need to build an integrated Security Incident Response Platform (SIRP) or get a better handle on your Vulnerabilities, Rsam can help. Rsam’s modules facilitate proactive measures and controls to fill gaps, with comprehensive workflows that trigger fast response.
The Vendor Risk Manager enables organizations to adopt a comprehensive approach to vendor risk that completely addresses their risk and compliance demands.
- Rate and classify vendors using simple classification assessment
- Dynamically assign applicable controls based on vendor classification
- Automatically generate assessment questionnaire based on applicable controls
- Enforce different assessment requirements and frequencies by vendor criticality
- Delegate administration of vendor survey responders to vendor key contacts
- Enable ad-hoc delegation of assessment questions and streamline aggregation of responses
- Reduce vendor training and support requirements with intuitive web based assessment interface
- Measure and report compliance by vendor criticality, by region, or by business unit
- Provide a single repository for all vendor compliance and risk related documents, including policy and control, evidence and supporting document, exceptions and approvals, contracts and service agreements
- Collaborate with vendors on remediation of identified gaps and monitor resolution status
The RiskVision Vendor Risk Manager provides the scalability and flexibility to create a repeatable and sustainable vendor risk and compliance management program. Built on the RiskVision integrated Governance, Risk, and Compliance (GRC) platform, RiskVision,
Vendor Risk Manager enables organizations to adopt a comprehensive approach to vendor risk that completely addresses their risk and compliance demands. With RiskVision, organizations can quickly measure current vendor risk against any standard, regulation or corporate policy, identify gaps, track remediation eorts, and confidently report on compliance. RiskVision Vendor Risk Manager dramatically reduces the time and cost associated with managing vendor risk programs while improving the ability to accurately calculate risk exposure and properly manage risks within acceptable tolerance levels. By centralizing data, automating manual activities and enabling continuous processes, companies can consistently apply controls, gain better visibility into vendor related risk, make more informed decisions, and demonstrate vendor compliance in real-time.
RiskVision Risk Manager is easy to use, deploy, and maintain so that organizations can quickly realize time to value. RiskVision enables a proactive and intelligent approach to vendor risk management by centrally managing vendor information, controls, risk, to easily map their existing vendor assessment processes. Once controls are tested, and view of vendor risk across the organization.
Centralization of data allows organizations to maintain a holistic view of their vendor risk assessment programs. RiskVision Vendor Risk Manager provides a central repository for all vendor contact details, contracts, risk, and compliance related information. Frameworks, controls, risk, evidence, and results are stored on a single searchable platform to provide current and up-to-date vendor information to company stakeholders.
Bolster your defenses beyond foundational endpoint protection with endpoint threat detection and response.
Designed to monitor, control and alert when endpoints are compromised.
An endpoint detection and response tool for advanced threats.
Bolster your defenses beyond foundational endpoint protection with endpoint threat detection and response. McAfee Active Response is a leading innovation in finding and responding to advanced threats. As a key part of an integrated security architecture, it offers continuous visibility and powerful insights into your endpoints, so you can identify breaches faster and gain more control over the threat defense lifecycle. McAfee Active Response gives you the tools you need to correct security issues faster in the way that makes the most sense for your business. Key features include:
Collectors: Find and visualize data from systems.
Triggers and persistent collectors: Continuously monitor critical events or state change with one set of instructions.
Reactions: Get pre-configured and customizable actions when triggered, so you can target and eliminate threats.
Centralized management with McAfee ePolicy Orchestrator: Use a single console for comprehensive security management and automation.
Supported client operating systems
- CentOS 6.5, 32-bit
- RedHat 6.5, 32-bit
- Microsoft Windows
- Windows 8.0, Base, 32-bit, and 64-bit
- Windows 8.1, Base, U1; 32-bit and 64-bit
- Windows 2012, Server Base, R2; U1; 64-bit
- Windows 2008 R2 Enterprise, SP1, 64-bit
- Windows 2008 R2 Standard, SP1, 64-bit
- Windows 7 Enterprise, up to SP1; 32-bit and 64-bit
- Windows 7 Professional, up to SP1; 32-bit and 64-bit
Cognosec can assist you with your digital forensics investigations. This is the application of science to the identification, collection, examination, and analysis of data while preserving the integrity of the information and maintaining a strict chain of custody for the data.
The process for performing digital forensics comprises the following basic phases: Collection: identifying, labeling, recording, and acquiring data from the possible sources of relevant data, while following procedures that preserve the integrity of the data. Examination: forensically processing collected data using a combination of automated and manual methods, and assessing and extracting data of particular interest, while preserving the integrity of the data. Analysis: analyzing the results of the examination, using legally justifiable methods and techniques, to derive useful information that addresses the questions that were the impetus for performing the collection and examination. Reporting: reporting the results of the analysis, which may include describing the actions used, explaining how tools and procedures were selected, determining what other actions need to be performed (e.g., forensic examination of additional data sources, securing identified vulnerabilities, improving existing security controls), and providing recommendations for improvement to policies, procedures, tools, and other aspects of the forensic process.
Over the last decade, the number of crimes that involve computers has grown, spurring an increase in companies and products that aim to assist law enforcement in using computer-based evidence to determine the who, what, where, when, and how for crimes. As a result, computer and network forensics has evolved to assure proper presentation of computer crime evidentiary data into court. Forensic tools and techniques are most often thought of in the context of criminal investigations and computer security incident handlingóused to respond to an event by investigating suspect systems, gathering and preserving evidence, reconstructing events, and assessing the current state of an event. Cognosec can assist you with your digital forensics investigations. This is the application of science to the identification, collection, examination, and analysis of data while preserving the integrity of the information and maintaining a strict chain of custody for the data.
During a forensic investigation Cognosec will identifyi potential data source and acquire the data from the sources. Data acquisition will be performed using a three-step process:
- developing a plan to acquire the data
- acquiring the data
- verifying the integrity of the acquired data
After data has been collected, the next phase is to examine the data, which involves assessing and extracting the relevant pieces of information from the collected data. This phase may also involve bypassing or mitigating OS or application features that obscure data and code, such as data compression, encryption, and access control mechanisms. Once the relevant information has been extracted, Cognosec will study and analyze the data to draw conclusions from it and then prepare and present the information resulting from the analysis phase.
Cognosec’s Incident Response solution is an organized approach for responding to the an incident appropriately and managing the aftermath of the security breach.
Cognosec can assist you with the following steps:
- Creating an incident response policy and plan
- Developing procedures for performing incident handling and reporting
- Setting guidelines for communicating with outside parties regarding incidents
- Establishing relationships and lines of communication between the incident response team and other groups, both internal (e.g., legal department) and external (e.g., law enforcement agencies)
- Determining what services the incident response team should provide
- Training the incident response team
Combating malicious software and events in your environment isn’t just a matter of implementing the right technological solutions. Effectively combating malicious activities is a solution that combines people, processes, and technology.
Cognosec’s Incident Response solution is an organized approach for responding to the an incident appropriately and managing the aftermath of the security breach. Cognosec’s Incident Response solution will also help establish new defenses, protecting your systems and data from future attacks
According to the SANS Institute, there are six steps to handling an incident most effectively:
Preparation: The organization educates users and IT staff of the importance of updated security measures and trains them to respond to computer and network security incidents quickly and correctly.
Identification: The response team is activated to decide whether a particular event is, in fact, a security incident. The team may contact the CERT Coordination Center, which tracks Internet security activity and has the most current information on viruses and worms.
Containment: The team determines how far the problem has spread and contains the problem by disconnecting all affected systems and devices to prevent further damage.
Eradication: The team investigates to discover the origin of the incident. The root cause of the problem and all traces of malicious code are removed.
Recovery: Data and software are restored from clean backup files, ensuring that no vulnerabilities remain. Systems are monitored for any sign of weakness or recurrence.
Lessons learned: The team analyzes the incident and how it was handled, making recommendations for better future response and for preventing a recurrence.
In general, compliance means conforming to a rule, such as a specification, policy, standard or law. Regulatory compliance describes the goal that organisations aspire to achieve in their efforts to ensure that they are aware of and take steps to comply with relevant laws and regulations.
In general, compliance means conforming to a rule, such as a specification, policy, standard or law. Regulatory compliance describes the goal that organisations aspire to achieve in their efforts to ensure that they are aware of and take steps to comply with relevant laws and regulations. Due to the increasing number of regulations and need for operational transparency, organizations are increasingly adopting the use of consolidated and harmonized sets of compliance controls] This approach is used to ensure that all necessary governance requirements can be met without the unnecessary duplication of effort and activity from resources
Cognosec’s extensive experience and expertise in the Governance, Risk, and Compliance (GRC) sector has proven invaluable to countless organizations expecting to meet internal and external requirements in preparation for receiving certification. Cognosec’s independent and objective assessment on the policies and processes fulfills four major roles:
- Prepares you for the challenging process of certification.
- Avoids the potentially severe financial loss you may suffer for being incompliant with external regulations
- Prioritizes the corrective measures in order of maximum efficiency and effectiveness to your business processes.
- Ensures your regulators, customers, and shareholders that proper due diligence measures have been taken.
Our specialists will work side by side with the compliance, security, and risk officer in the design and improvement of company frameworks, guidelines, and processes.
Cognosec will provide you with an independent and holistic evaluation of your organization’s tasks and activities used for planning, implementing, controlling, and monitoring organizational information security activities.
As with all management processes, an ISMS must remain effective and efficient in the long term, adapting to changes in the internal organization and external environment. The Plan phase is about designing the ISMS, assessing information security risks and selecting appropriate controls. The Do phase involves implementing and operating the controls. The Check phase objective is to review and evaluate the performance (efficiency and effectiveness) of the ISMS. In the Act phase, changes are made where necessary to bring the ISMS back to peak performance
No matter how big or small an organization is, having a well-established Information Security Management System (ISMS) is necessary. Data and information systems need to be kept secure, therefore every facet of your system needs to be taken into consideration. You are only as strong as your weakest link after all. Cognosec will provide you with an independent and holistic evaluation of your organization’s tasks and activities used for planning, implementing, controlling, and monitoring organizational information security activities. Security frameworks can be designed and tailored to your requirements. Cognosec covers everything you need throughout the establishment, development, and maintenance of your new ISMS including the implementation of state-of-the-art GRC solutions, enabling you to automatically map your organization’s business policy framework to industry best-practice frameworks.
The development of an ISMS framework based on ISO/IEC 27001:2005 entails the following six steps:
- Definition of security policy
- Definition of ISMS scope
- Risk assessment (as part of risk management)
- Risk management
- Selection of appropriate controls
- Statement of applicability
The overall objective of penetration testing is to provide an independent and reliable view of the security of the internet-facing infrastructure of an IT environment.
Penetration testing is recommended annually, and in the event of major changes to your infrastructure. It is essential for companies holding intellectual property, information linked to personal identities, or financial information such as credit card data – and is often mandated by regulators. Penetration testing will help:
- Prevent severe financial losses that could arise due to unreliable infrastructure or fraud
- Provide the necessary proof of due diligence for regulators, customers, and shareholders
- Protect the brand from the dreadful loss of reputation
Penetration testing is a crucial element in securing your IT systems. Our team of experts can simulate an attack on multiple levels to determine whether sensitive data is at risk. The overall objective of penetration testing is to provide an independent and reliable view of the security of the internet-facing infrastructure of an IT environment. The assessment identifies weaknesses and vulnerabilities and quantifies the severity thereof – providing the information needed to address and control the threats.
Penetration testing is a ‘mock’ or staged attack to identify vulnerabilities in information systems. Our testers, ‘white hat hackers’, put themselves in the position of someone determined to gain access to resources without knowledge of usernames, passwords and other normal means. Like a hacker or cyber criminal, they try every trick in the book, every possible plan of attack. They find the ways applications could be modified, and confidential information such as price lists or customer databases stolen or subverted. They then provide a report – explaining how they ‘broke in’ and how an organisation can avoid it happening ‘for real’.