IT Brief New Zealand - Technology news for CIOs & IT decision-makers
New Zealand
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
internet of things
#
work from home
Search
Story image
#
Compliance
#
Automation
#
Monitoring
SureCloud adds continuous monitoring to GRC solutions
Fri, 9th Jul 2021
FYI, this story is more than a year old
Author image
By Catherine Knowles, Journalist
Follow us

SureCloud has added continuous monitoring capabilities to its suite of IT GRC solutions, in an attempt to help organisations achieve timely detection of compliance and risk issues.

According to the company, the update comes as regulatory change, rising security risks, and increased scrutiny are driving organisations to require more continuous and real-time assurance that high-rated risks are managed, and that appropriate controls are in place and operating effectively.

Continuous monitoring, sometimes referred to as continuous control monitoring (CCM), automates the collection and analysis of data to check that controls are operating effectively in near real-time.

By providing greater transparency into the operations and more timely detection of compliance and risk issues, continuous monitoring enables security and compliance professionals to identify priorities and direct resources to the areas most important to the business, the company states.

Weak or poorly designed controls can be corrected or replaced, therefore enhancing the organisations risk posture.

Historically, organisations have relied on manual, periodic assessments to understand the effectiveness of controls. However, manual reviews only capture a single point in time and can be slow and costly to undertake.

Following the addition of continuous monitoring capabilities, SureCloud allows security and compliance professionals to create key control indicators (KCIs) and define the schedule, frequency and context, together with multiple thresholds, to automatically identify changes in control effectiveness based on pre-defined business logic.

They can also automatically notify everyone involved of any changes, meaning action can be taken before it becomes an issue.

In addition to its continuous monitoring capabilities, SureCloud offers pre-mapped control content, including access to the complete Secure Controls Framework (SCF) catalog, along with automatic updates, for a thorough list of industry regulations and standards.

This includes PCI, HIPAA, ISO 27001, 27002, 27017, NIST 800-52, CSF, Privacy Framework, CSA and more.

SureCloud VP of product Alex Brown says, “Enabling customers to continuously monitor controls complements our existing integration with the SCF.

"Now, customers can make sure that their controls are up-to-date through the content provided by the SCF, as well as make sure they're effective through the continuous monitoring of key control indicators.

SureCloud CEO Richard Hibbert says, “In recent years, the IT GRC industry has realised the importance of moving from point-in-time assessments to continuous monitoring through technology like ours.

"As managing governance, risk, and compliance becomes increasingly complex, organisations need ways to manage their programs that address this complexity.

"Our new continuous monitoring capabilities provide always-on visibility of control effectiveness and the ability to take decisive action when that effectiveness changes.

Related stories
Global Processing boosts efficiency with New Relic AI platform
Illumio unveils AI enhancements for faster Zero Trust Segmentation adoption
GitLab unveils Duo Chat for simplified AI-powered DevSecOps workflows
Deltek introduces Dela, an AI-powered tool to transform project delivery
Spirent partners with online payments platform to boost cyber defenses
Top stories
Axis unveils next-gen Camera Station VMS & cloud solutions
Intel reshuffles Asia Pacific leadership to boost business growth
Coalition integrates cyber risk platform with top cloud services providers
Sapia Labs presents 'revolutionary' AI research at SIOP conference
Armis warns of major cyber-attack risk to 2024 global elections