Security Risk Assessments made simple
CyberCompass™, a best in class cyber risk management automation platform, now makes it easy for providers of cybersecurity and compliance professionals to complete security risk assessments for their clients in 70% less time compared to traditional methods. This improved productivity along with the increasing need for companies to complete security risk assessment has shown increased revenue by 25% for CyberCompass™ partners in less than 12 months.
CyberCompass™ offers built-in expertise for meeting cybersecurity government regulations impacting various industries including HIPAA, GDPR, CIS-20, CCPA, NY DFS, and NIST 171. All of these regulations require a security risk assessment with proof of compliance or their clients face penalties and fines.
The unique feature of CyberCompass™ is its ability to simplify and automate assessments, remediation, proof and “body of evidence” as well as reporting. Today many assessors are stuck using spreadsheets and emails, without automation of workflow, to meet compliance with people and processes involving information security. The survey questions have been rewritten and tailored to the user’s role.
“Our goal is to eliminate having HR professionals read and try to answer ten questions that are IT only related. For example, our approach for HIPAA reduced the number of questions from 165 to only 30 questions while still maintaining integrity and meeting regulations. We have proven CyberCompass™ drives for better responses to moving clients from 27% to 90% compliant in less time.” said Ed Jones, Chief Compliance Officer of Third Rock who developed CyberCompass™.
Only 3 out of 10 large companies have completed security risk assessments
Widely considered to be the cornerstone to cybersecurity and compliance, a security risk assessment is a basis for companies to understand vulnerabilities. Gaining insights into those vulnerabilities is often time-consuming. Most companies lack the expertise to understand compliance regulations. It is estimated that almost 3 out of every 10 companies has never commissioned a security risk assessment, states a study by Trustwave.
With a breach happening every 39 seconds, more regulations are being passed requiring businesses to manage and mitigate cyber risk proactively. The regulations also support that cyber risk is not just an IT issue but has to be managed holistically. Most breaches occur because of employee behavior, vendors not meeting compliance or policies not updated. Only CyberCompass™ automates and simplifies cyber risk management at this holistic level versus an IT focus-only solution.
“CyberCompass™ bridges the gap with automation between cyber security, compliance and cyber risk management. Most companies, vendors and partners focus on technology security. CyberCompass™ connects and closes the gaps that may exist in many organizations due to silos, lack expertise, or lack of resources for the employees, vendors and processes. It allows our partners to come to their clients and offer a simple solution, ” said Robert Felps, CEO of Third Rock.
Our latest features
CyberCompass™ Enterprise, our latest update, has a Task Management System (TMS) feature for consultants and client administrators to assign tasks to client users without having an account on CyberCompass™. TMS features allow a secure link assignment to be emailed, giving the assigned user access to the specific task. The consultant can also assign a survey from an assessment to either an internal or external user using the TMS. The recipient will be assigned a deadline to answer the survey questions before receiving auto-generated reminders.
Other CyberCompass™ enhancements include:
- Up to 10 vulnerability scans
- Custom assessment capabilities
- Prioritizes corrective actions to reduce risk faster
- Step-by-step corrective action guide reducing risk quickly
- Track open issues to completion as tasks
(no more spreadsheets)
- Audit ready Policies and Procedures
- Audit ready Strategic Plans
- On-demand cybersecurity training tracked in Learning Management System
- Vendor agreement management
- Automatically tracks all actions/improvements and executive dashboard
“We are constantly working and looking for ways to help our partners to assess cyber beyond the IT department faster, remediate rapidly and help their clients become more resilient to cyber threats,” said Robert Felps CEO. We have seen our partners using CyberCompass™ increase their bottom line by offering CyberCompass™
CyberCompass™ is actively seeking partners who are currently offering security risk assessments, incident response, and other providers who want to increase their cybersecurity offerings. Contact us for more information.