Cloud solution delivers risk-based information security programs
Posted on 05 October 2012.
TraceSecurity introduced TraceCSO, which allows organizations of any size, industry or security skill set to evaluate, create, implement and manage a risk-based information security program, to protect their organizations from today’s top information security risks, including cloud security and BYOD concerns.

TraceCSO identifies and prioritizes risk to an organization’s information – including network vulnerabilities – and identifies, implements and audits security controls. To help organizations stay current with the latest regulatory mandates specific to their industry, TraceCSO leverages a global database of hundreds of authorities and more than 25,000 regulations and citations.

TraceCSO’s wizards guide the system set up of adding users and departments, defining permissions and roles, coordinating network scanning, and selecting authority documents. TraceCSO’s Risk Assessment – the cornerstone for setting up and managing the risk-based information security program – identifies asset threats and controls to mitigate risk, and assigns TraceSecurity’s proprietary Risk Score.

The Risk Score allows an organization to measure and report on mitigation effectiveness, set benchmarks, and analyze trends – ultimately leading to better risk-based decisions and optimized information security allocations.

TraceCSO also identifies existing ineffective or unnecessary controls and recommends the most effective replacements.

Once controls are identified, TraceCSO maps them to a database of more than 25,000 authorities, citations and regulations. This enables the organization to determine industry-specific compliance and allows for a best practice risk-based information security program that organically leads to compliance and eliminates the laborious compliance reporting process.

Finally, information determined during the Risk Assessment filters and pre-populates all functional areas of TraceCSO, making the organization’s information risk and compliance profile more visible, more accessible, more manageable and more valuable than ever.


Chrome extension thwarts user profiling based on typing behavior

Infosec consultant Paul Moore came up with a working solution to thwart a type of behavioral profiling. The result is a Chrome extension called Keyboard Privacy, which prevents profiling of users by the way they type by randomizing the rate at which characters reach the DOM.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Jul 29th