FISMA News

Third Brigade Study Reviews 13 Regulations, Uncovers 15 Common Threads

(Dec 18, 2007)-- Third Brigade (IDS/IPS) announced a new white paper outlining 15 common security compliance threads uncovered through research conducted by ReymannGroup on behalf of Third Brigade. According to ReymannGroup, understanding the common compliance threads enables organizations to adopt a more proactive and cost-effective compliance initiative– continuously managing information security and technology risk.

ReymannGroup research has highlighted the importance of selecting and adopting technologies — like host intrusion defense — that can address a broad range of these common security mandates.
“Boards and senior management are now legally accountable for a company’s security and compliance success or failure,” said Paul Reymann, CEO of ReymannGroup. “By identifying and addressing common compliance threads, an enterprise can reduce cost and minimize duplication of effort.”

Through hundreds of conversations and projects with clients and other companies over the last several years, ReymannGroup identified 15 common security compliance threads in today’s key laws, rules and guidelines applicable to a wide range of industries. Companies that focus on complying with these common threads are enabling cost-effective risk management and achieving compliance by default.

“Enterprises are under intense and competing pressures to ensure compliance while reducing costs,” said Wael Mohamed, president and CEO, Third Brigade. “ReymannGroup research has highlighted the importance of selecting and adopting technologies — like host intrusion defense — that can address a broad range of these common security mandates.”

This white paper highlights several of the key information security and IT risk management laws, regulations, and best practice guidelines across multiple industries, and explores the common compliance threads and enabling technologies that provide a common framework of controls. While they may apply to different industries, the mandates are based on a common foundation of recognized best practice risk management principles. Regulations reviewed in the ReymannGroup research included: PCI, HIPAA, SOX, GLBA, BASEL II, FISMA, NIST Special Publication 800-53, MITS, PCAOB, COSO, COBIT, SysTrust and SAS-70.

ReymannGroup also undertook a comprehensive evaluation of the applicability of Third Brigade’s host intrusion defense solution as a means to address these common security compliance threads. The whitepaper, titled Third Brigade: A New Approach to Addressing Regulatory Compliance concludes that Third Brigade gives organizations greater control, and delivers measurable value, to stakeholders across the enterprise. A description of Third Brigade’s capability to enable each of the 15 common security compliance mandates is included in a summary table.

Share or bookmarklet this web page at: