SlideShare a Scribd company logo
Vol 10|Issue 05| 2019
EDGILEModern Approach towards Protecting
Enterprises
The 10 Most Trusted Risk Management Solution Providers 2019
Don Elledge
CEO
+
Building a Culture
of Risk Management
Solution Provider
Risk is intrinsic to every business and managing
risk is an increasingly important business driver.
Risk concerns in the world of business have
always been the most important aspect. Be it Information
Technology or Healthcare Industry, enterprises today are
on the crisp of the risk crisis.
Today, companies have to deal with multiple forms of
digital change simultaneously, mostly increasing cloud
adoption, but also increasingly mobile, IoT, robotic
process automation, and advanced AI efforts. With each
passing day, attacks on the unsecured digital world are
on the rise, driving up risks in every industry sector
around the globe.
Partners, employees, and customers increasingly
communicate with the digital medium which creates
more risk and jeopardizes compliance. Gartner predicts
that, by 2020, there will be more than 20 billion internet-
connected devices in use, with Internet of Things (IoT)
connecting everything from jet engines and commercial
vehicles to manufacturing equipment & office equipment
to personal cars and consumer electronics.
Educating enterprises about risks and security is one of
the biggest challenges. Most companies see the
productivity gains that can come from technology and
jump – but they don't always understand the risks. Or,
even if they do, they don't understand the urgency.
Protecting private and corporate customers from such
risks is a major challenge for all companies.
What are the best chances to reduce risk? This is where
Risk Management Solution Experts provide a full range
of fraud prevention services to help you effectively
manage ongoing threats. They are here to help. And, that
is why enterprises today critically need trusted Risk and
compliance partners to manage the digital risk.
Editor’s Desk
“Ensuring Enterprises know
their Risks, & easily Detect
and Locate with Risk-
Management Providers”.
What’s unique about Risk Management Solution
Providers? They advise customers on business and
technology challenges in risk management & fraud
prevention. These industries provide real-time
visibility and identify all devices on the network in
real-time. Such organizations identify, analyze, and
evaluate risks that may impact your business.
From global consumer retailers to regional
manufacturing companies, the need to strengthen
compliance management programs, and develop
strong risk culture is paramount. That is the reason
Insights Success introduces “The 10 Most Trusted
Risk Management Solution Providers, 2019”
which is a constantly-changing global risk-
management landscape.
Featuring the Cover Story is is a leader inEdgile
building IRM/GRC programs for highly-regulated
companies, both large and small. A big advantage of
the company's approach is that it allows tailoring
environments to the enterprise's needs while
avoiding true customization that can create
problems down the road. For almost two decades,
Edgile has helped Fortune 500 companies deal with
risk and compliance issues, by tackling the
intersection of the four areas where enterprise GRC
efforts generally fail.
Also, makes sure to scroll through the articles
written by our in-house editorial team and CXO
standpoints of some of the leading industry experts
to have a brief knowledge of the sector.
Kaustav Roy
Editor’s Pick
Data Center Security:
Controlling Possible
Threats
Industry Trends
Key POS Trends
Reshaping the Reatil
ARTICLES
38
20
Cover Story
Edgile
Modern Approach
towards Protecting
Enterprises
08
CFM Partners
Strategic Technology for Modern
Compliance Professionals
Corlytics
Empowering Clients to
Make Informed Choices
18 28
Closing the IoT Security Gap
Matrix-IFS
The Modern Day Crime Fighters.
Protecting Financial Institutions from
Hackers, Fraudsters & Money Launderers.
34 40Great Bay Software
Expert’s Thoughts
What GDPR Forgets
The Physical Security
Industry Intel
Allowing Regulated
Entitiesto Connect and
Structure their Data
Interpreting Risks
Minimizing the
Adverse Effects of
Risks
4232
24
sales@insightssuccess.com
October, 2019
Editor-in-Chief
Senior Sales Manager Business Development Manager
Marketing Manager
Technical Head
Technical Specialist Digital Marketing Manager
Research Analyst
Database Management Technology Consultant
Pooja M. Bansal
Managing Editor
Anish Miller
Executive Editor
Rohit Chaturvedi
Assistant Editors
Jenny Fernandes
Hitesh Dhamani
Visualizer
David King
Art & Design Director
Amol Kamble
Associate Designer
Kushagra Gupta
Kshitij S Philip Walker
John Matthew
Sales Executives
David, Kevin, Andy, Maneesh
Business Development Executives
Steve, Joe, Alan, AnupJacob Smile
Aditya Marry D'Souza
SME-SMO Executive
Prashant Chevale Frank Adams
Circulation Manager
Robert Brown Stella Andrew David Stokes
Karan Gaikwad
Co-designer
Copyright © 2019 Insights Success, All rights reserved. The content and images used in this magazine should not be reproduced or transmitted in any
form or by any means, electronic, mechanical, photocopying, recording or otherwise, without prior permission from Insights Success.
Reprint rights remain solely with Insights Success.
Follow us on : www.facebook.com/insightssuccess/ www.twitter.com/insightssuccess
We are also available on :
Don Elledge
CEO
EdgileModern Approach towards Protecting Enterprises
COVER STORY
Building a culture of
quality and devotion to
service within a
challenging, rewarding
and exciting work
environment.
“
The
Trusted
Fortune 500 enterprises today are engulfed in a tidal wave of digital
changes, which in turn creates hurdles for IT, legal, privacy,
compliance, information security, and the business. Even worse,
these companies are having to deal with multiple forms of digital change
simultaneously, mostly increasing cloud adoption, but also increasingly
mobile, IoT, robotic process automation, and advanced AI efforts.
Employees, partners, and customers are increasingly trying to
communicate digitally, which would be a wonderful advancement- were it
not for those pesky GRC efforts. By its very definition, digital
transformation creates more risk and jeopardizes compliance. That is why
enterprises today critically need trusted risk and compliance partners to
manage the digital risk. But compliance is hardly a static situation. It is a
mix of often-contradictory-- and constantly changing-- rules from state,
federal, global and industry-specific compliance and regulatory
requirements, including PCI, SOX, NIST, NY DFS, FFIEC, HIPPA and a
myriad of state privacy mandates. That’s where Edgile comes in.
Edgile is a leader in building IRM/GRC programs for highly-regulated
companies, both large and small. A big advantage of the company’s
approach is that it allows to tailor environments to the enterprise’s needs
while avoiding true customization that can create problems down the road.
For almost two decades, Edgile has helped Fortune 500 companies deal
with risk and compliance issues, by tackling the intersection of the four
areas where enterprise GRC efforts generally fail. These areas consist of
the constantly-changing global compliance landscape; the evolving threat-
technology landscape; mismatches in roles and responsibilities between
the enterprise and their vendors (e.g., Saas, IaaS) the related nuances of
cloud security compliance; and the almost-limitless configuration and
related product options being offered by the major GRC vendors.
An Organization of GRC implications
Enterprises today face an avalanche of GRC choices. How to migrate to an
earlier platform? What configuration choices make the best sense for that
We secure
the modern
enterprise.
“
“
company, given its size, geography and vertical? What are the GRC
implications as the enterprise moves more and more deeply into the
cloud? For that matter, those answers change depending on which cloud
provider is being leveraged. What GRC tool to implement? Which
implementation partner? Then there are the complexities that happen with
every business unit sale and especially every acquisition, with new
software licenses and homegrown legacy apps forced into the enterprise
technology equation.
The experienced Edgile team members have an average of more than ten
years of experience in a wide range of GRC programs, from functional to
technical engineering. This is rare and difficult to find because other
companies tend to focus on just one of these areas, such as solely dealing
with security or just compliance. But without factoring in all of these
considerations-- the enterprises current and future operations, current and
future compliance changes, partner new or changed capabilities, changes
in the enterprise’s operating environment, such as new cyberthief tactics--
it’s impossible to truly help an enterprise with its complex and ongoing
GRC efforts.
Edgile’s experience in delivering this comprehensive and holistic strategy
has allowed it to create a precise methodology that allows enterprise
executives to understand their GRC environment and to deal with it at
their own chosen pace. Indeed, This methodology doesn’t simply make
efforts easier for IT, Security, Compliance, Auditing, and other traditional
GRC operating units, but it also helps articulate to the CEO, CFO, and
board members that their security dollars are being used shrewdly.
Life Made Easier by Managing Risk
Edgile’s expertise extends beyond its 16 industry verticals, delving deeply
into managing the risk of an enterprise’s entire digital transformation. The
cloud itself, for example, is typically far more naunced and complicated
than most executives assume because of hybrid cloud environments,
where the company is neither fully in the cloud nor fully on-prem but it is
doing both – to varying degrees as it slowly transitions to an eventual all-
cloud environmental. That painstaking slow process must be managed
delicately, as those changes can have non-obvious impacts on both risk
and compliance. And as enterprise shift more of their resources, data,
tools, and other applications to the cloud, the number of elements that are
suddenly – and sometimes invisibly - beyond their control soars.
Edgile offers proven services to help solve
complex security challenges across many
industries including healthcare, financial
services, energy, retail, et al.
“
Mr.Brian Rizman
Another critical area for Edgile is
regulatory change management.
Although it starts with a team of
compliance experts that are tracking
global, federal, state, municipal, and
industry laws, regulations and other
requirements every day, the most
powerful element is applying those
changes-and the anticipated near-term
compliance changes – to the specifics
of each enterprise. How does it impact
that company’s policies and
operations? What are the best changes
to both improve compliance and
reduce risk? That’s what Edgile
delivers.
Approach and Advantage
Edgile has seen a rapid rise in
organizations making the IRM /GRC
move to ServiceNow. This isn’t
surprising as:
ServiceNow is a Gartner Magic
Quadrant Leader in the GRC space
ServiceNow is the authoritative source
for much of what needs to be managed
via GRC so having native access
without API integration is a huge
benefit.
ServiceNow platform enables
synergies across the three lines of
defense
ServiceNow offers the first real
opportunity to achieve continuous
monitoring & automate early warnings
via KPI/KRI sustainably and cost-
effectively.
Unique Client Risk Programs
What’s unique about Edgile is their
focus on building client risk programs,
using their proven 5-pass methodology
and automated access they provide to
the rapidly changing regulatory
environment. Edgile’s ArC, Automated
Regulatory Compliance Managed
Content Service has a team that tracks
so much easier to share information.
“When our auditors come and ask for
specific information around our IT
general controls, we can point them
into ServiceNow rather than having to
send them Zip files or give them access
to SharePoint that would require them
to then have VPN access, etc.,”
Liebergen said.
Committed and Determined Leader
A professional leader with a wealth of
experience has the ability to
understand how businesses operate and
applying his positive enthusiasm,
motivates teams into producing results.
Don Elledge, the CEO is one such
committed and determined leader who
founded Edgile in 2001. Don holds an
undergraduate degree in finance from
the University of Texas, and an MBA
from the University of Washington
with a focus on economics.
Prior to founding Edgile, Don was a
partner at Deloitte, where he
established a national security practice
focused on e-business security. He also
spent four years in New York working
at First Boston in the financial industry.
He advises clients on security and risk
issues by the rapidly changing
technology environment, and his
forward-thinking view has positioned
the company as a trusted, strategic
partner. Don is responsible for growing
the company into a leading security
and risk services organization serving
Fortune 500 companies.
more than 500 states, federal, global &
industry-specific compliance and
regulatory requirements every day.
Edgile’s ArC coupled with its
Regulatory Change Management
Solution allows the company to help
clients’ pinpoint control and policy
changes necessary to achieve
compliance.
Critically, Edgile works closely with
Fortune 500 executives, to understand
not only where they operate today but
to try and focus on where they expect
to be in 6-18 months and where they
are heading strategically in the long-
term. The team then collaborates with
both technology and the business
leaders to frame a roadmap.
Better Services with ServiceNow
One enterprise that both Edgile and
ServiceNow have helped is Banner
Health, which owns 20 hospitals across
six states. “Taking all of those
materials and shifting it into a platform
allowed us to maintain data, to see the
audit trails of who did what when we
just continued referencing it while
putting that data continuously in the
customers’hands,” said Banner Health
IS Governance Director Greg
Liebergen. He also says “I don’t
believe that we did any customization
at all. It’s taking the ServiceNow tool
and using its out-of-box capabilities,
the workflows, the different aspects of
the module that exist and configuring
them so that they use the language that
we use internally the terminology. It
was a big thing for us not to have to
use customization, just to make it
overall easier to use the tool on a day-
to-day basis. But also, when the time
came for platform upgrades, that we’re
not struggling, trying to take our
unique item and fit them into
ServiceNow’s upgraded platform to
provide more capabilities.”
Another advantage of not having to
customize the coding is that it makes it
Address :
Country :City : State : Zip :
Date :Name :
Telephone :
Email :
Che should be drawn in favor of:que INSIGHTS SUCCESS MEDIA TECH LLC
Global Subscription
1 Year.......... $250.00(12 Issues) .... 6 Months ..... (06 Issues) ..... $130.00
3 Months ... (03 Issues) .... $70.00 1 Month ...... (01 Issue) ..... $25.00
SUBSCRIBE TODAY
CFM Partners
Strategic Technology for Modern
Compliance Professionals
High-risk employee behaviors that make headlines,
combined with ever-changing government
regulations, heightened public awareness of
corporate responsibility, and rising risk-related costs have
prompted compliance executives to seek solutions that will
help them manage Governance, Risk, and Compliance
(GRC) efficiently and effectively.
Based in Washington, D.C., CFM Partners has been on the
frontlines of GRC management for over 20 years, offering
knowledge-based solutions to help companies proactively
manage their risk, turn compliance into performance, and
develop effective governance strategies.
The Company that “Gets It”
Employee misconduct often originates from gaps in
communication and adoption of policies among groups,
departments, and individuals -- gaps that the team at CFM
Partners works to bridge through its expertise and
technology.
Businesses spend a tremendous amount of time and effort
carefully developing policies, procedures, and educational
materials to guide employees and management in how to do
their jobs well and minimize the risk of negative incidents.
However, it can be a struggle to implement them in a way
that encourages a culture of compliance, where each
member of the organization understands their role and
responsibilities.
CFM’s flagship solution, Access Compliance™, promotes
cultures of compliance by helping companies modernize
their approach to policy and procedure management
through easily-accessible, relevant, and understandable
training, as well as systematic communication that lets
nothing slip through the cracks.
Access Compliance™
Access Compliance delivers policies, procedures, and other
important information that are directly relevant to the role,
responsibilities, and environment of every user, when and
where they need that information, thereby enhancing
employee productivity while embedding compliance into
day-to-day business practices.
It aligns corporate, business group, and country-specific
policies – at the end-user level – to ensure users don’t have
to sift through volumes of irrelevant information. They see
only the policies they need to do their jobs, stay compliant,
and stay productive. The platform makes role-appropriate
information and education easily searchable and accessible.
Beth Murphy
Founder, President
& CEO
www.insightssuccess.com18 2019|October
Integrated throughout Access Compliance are features that
allow administrators to designate who sees what and when,
via CFM’s exclusive Push-by-Profile™ distribution and
customized audience assignments. This feature has helped
the company secure a well-differentiated position among
regtech providers by ensuring the right information is at the
fingertips of the right people at the right time.
“Risk is substantially mitigated by consistently making
people aware of how a particular policy, procedure, or
regulation applies to them and their job,” said CEO Beth
Murphy. “We determined early-on that our solutions need to
be configurable to deliver information that is relevant to
each user to be truly effective.”
CFM Partners also led the field in delivering solutions in
the cloud. Leveraging cloud-computing technology, Access
Compliance hosts a suite of solutions and tools that are
modular, integrated, configurable, and customizable.
Applications and content are swiftly deployed across
different regions to specific, appropriate audiences –
providing clients with round-the-clock access to the
information they need to do their jobs well. Modular design
also makes it possible for organizations to acquire as much,
or as little, functionality as they need.
“When we see an opportunity to enhance our solutions in
ways that matter to our clients, we readily pursue those
enhancements and make them a reality. It’s kept us ahead of
the market repeatedly over the years,” Murphy notes.
Streamlined for Managers
The easier it is to administer a solution, the more effective it
will be. Access Compliance includes tools and templates
that make it easy for clients to map policies to groups that
need them.
“We’ve worked to centralize and streamline the
management of policies and procedures, as well as
distribute them through a single interface,” Murphy
explains. "Features provide a way to standardize policy and
procedure development by clearly indicating who owns the
content, when it was last updated, where it impacts the
organization, and more.”
Access Compliance also provides a single access point
where managers can see when, where, and by whom
policies are reviewed. These tracking features are ideal for
managers who understand the importance of monitoring for
red flags that may indicate additional communication or
employee training is needed.
Beyond monitoring, Access Compliance generates reports
that document when policies have been reviewed or training
programs completed. Data is archived for future reference
and regulatory compliance.
Education Is Key
“Simply put, companies that know better, do better,”
Murphy observes.
Effective compliance education starts with a corporation’s
policies and procedures and is supplemented with training
to fully educate employees on complex or critical issues.
Access Compliance’s education and training module
features a suite of online course libraries with topics
including Cybersecurity Awareness, Conflicts of Interest,
Anti-Bribery, Sexual Misconduct Prevention, and Use of
Social Media, to name only a few.
Its robust functionality provides easy course administration,
customizable and tailored content, review and monitoring
of employee progress, reporting, and updates.
Clients Come First
“Every client has its own distinctive needs,” Murphy
reflects. “We meet our clients where they are, and our
philosophy is to adapt our products and services to meet the
needs of each organization.”
Deep knowledge, innovative solutions, and an unwavering
commitment to client success are the keystones upon which
CFM Partners built its business.
When we see an opportunity
to enhance our solutions in
ways that matter to our
clients, we readily pursue
those enhancements and
make them a reality.
It’s kept us ahead of the
market repeatedly over the years.
The
Trusted
www.insightssuccess.com 2019| 19October
In recent times, the retail industry hasn’t seen a more
exciting invention since the invention of cash register.
With new and innovative technologies helping shape
both online and offline experiences for consumers, the
landscape is continuously changing in a way which was
unimaginable even few years back. The best part is that
there seems to be no end of the innovation, which only
influencing the purchase decision of the consumers.
Nowadays the main focus of retailers is to create a safe,
engaging, and unique shopping experience for its
consumers, it’s very important for the retailers to
understand the importance of Big Data and in-store
analytics and adapting to the cloud. With the retail industry
at the verge of massive transformation, we are listing out
few key trends that everyone needs to know to be
successful in the ecosystem that is transforming quickly.
Multi-system Integration
Multi-system integration with various applications gets the
utmost priority from top retailers. Most of the retailers list
out POS integration with other applications as a key priority
alongside the implementation of dynamic marketing content
through mobile devices. This is mostly due to the retailer’s
interest to store all the customer information and purchase
history in a database, which is completely centralized that
could be easily integrated with multiple applications.
However, in order to do that, a retailer needs to use an ERP
database that can handle all these.
Speed
People always look for quick solutions for everything. A
clock starts ticking the moment a customer enters, no matter
how good the product is, if the process is slow and the
attention to details are missing, then customers will leave
disappointed. As a retailer, one cannot please everyone, but
with a modern and efficient POS, the service can be
improved. A modern POS simplifies the communication
between various departments and can save a lot of time for
both the retailer and the customer respectively.
Managing Stocks
Keeping and managing inventory is a nightmare for most of
the retailers, and it’s quite natural. Managing inventory is a
never-ending task and takes a lot of effort, time, and
manpower. However, it is quite important to manage
inventories when it comes to long-time survival. An
efficient POS system always makes the process of
managing the inventory much easier. The best part of a POS
is, one can monitor the status of stocked items, shipped
products, and new orders anytime. This is a huge time saver
for a cumbersome and a tedious process, and eventually
helps retailers to focus on other important aspects of
running the business.
Customized Experience
With POS systems, retailers just need to provide
personalization that scoops out every shopper. Every
passing year, retailers are adapting to personalized
technology solutions that allow an interactive user
experience. Thanks to the emergence of all new mobile
POS technology, now retailers can offer its customers more
choices to accommodate their shopping habits by letting
them to complete transactions anywhere in the store. Now
with the invention of improved POS marketers and
customer service teams can contact the buyer at each point
of their purchase decision. With so much data retailers and
consumers can have better customer service, quicker
payment processes and access to better offers and real-time
personalization.
POS Trends
Reshaping
the Reatil Sector
www.insightssuccess.com20 2019|October
Promotions and Marketing at its Best
Nowadays with the advent of digital technology, marketing
involves maintaining a digital presence as well. A POS can
integrate all the advertised offers with transactions, making
it easier to keep track of all the campaigns. Additionally, it
can integrate with CRM and track customer behavior. When
an offer gets popular among the masses, then the retailer
will see it in his transaction data.
Usage of Big Data analytics
In order to compete with e-commerce, retailers are now
taking the help of Big-Data and in store analytics just to
have a better idea about what’s happening inside the store.
Big-Data analytics helps retailers to track how frequently a
specific item moves from shelf to shopping cart allows
retailers to know the trends that are dominant in the market.
Analytics helps the retail industry in a big way to better
understand consumer purchase pattern and behaviors.
Keeping Track of Employees
To run a business smoothly a retailer, need few people. A
POS system enables to manage them with great accuracy.
With a Point of Sale system in place, employees can sign on
or off easily and the system will automatically log their
work hours and break hours.
Security
Above all, a POS system offers great security protections
that help keeping customer data safe. Retail stores and
businesses are always prime targets for Cyber Criminals,
and a data breach is not good for a business. So, by using
standard encryption and firewall, businesses can be secured
from cyber-attacks and customers can swipe their cards
with a peace of mind.
So, here we have listed out few of the POS trends that will
shape the future of the retail industry. As we look ahead,
these trends will be on focus for both retailers and
customers. The main advantage of an advanced POS system
is greater efficiency and optimization, it links all the
departments together which eventually allows to have better
control over the inventory, better profitability, and to
manage processes in an efficient way.
Industry Trends
www.insightssuccess.com 2019| 21October
Gisle M. Eckhoff
CEO, DigiPlex
www.insightssuccess.com24 2019|October
The Physical Security
Gisle M. Eckhoff joined DigiPlex in August 2014 as Chief Execu ve Officer. He
brings nearly thirty years’ experience in senior posi ons in the IT industry in the
US, Sweden, UK and Denmark as well as at home in Norway. Gisle is the former
Senior Vice President and Managing Director of CGI’s opera on in Norway, and
has also held a number of senior management roles at both country and regional
levels in CSC Computer Sciences Corpora on.
The experience and knowledge gained from heading up the Financial Services
ver cal in the Nordic region, before becoming Vice President and Managing
Director of CSC in both Norway and Sweden, is of great value when
implemen ng DigiPlex’ growth strategy in the Nordic markets.
he EU’s GDPR legislature will have consequences for every company doing business in
TEurope, including American companies. The new directive promises sizeable fines to
anyone that does not take personal data seriously. Meanwhile, the data centre company
DigiPlex urges companies to focus on another important aspect: physical security.
The General Data Protection Regulation’s (GDPR) purpose is to harmonize legislation related to
personal information across the EU’s member states. It does however also create radical challenges
for American businesses holding information on EU customers. Come May 2018, when the
legislation enters into force, companies will have publicly disclosed how the data is used, in addition
to offering transparency for individuals seeking access to their data. The GDPR includes a sanction
mechanism, and the fines for non-compliance can reach 4 percent of a company’s annual revenue.
• Business will obviously change for everyone not taking personal information seriously. This will
clearly raise awareness regarding how the data is secured, but it’s also vital not to forget where the
information is located, says DigiPlex CEO, Gisle M. Eckhoff.
About the Author
www.insightssuccess.com 2019| 25October
Expert’s Thoughts
Moving data to safety
American computer security company, McAfee, published a study of over 800 company leaders from
different sectors. The report reveals that 50 percent of the respondents state that they would like to move
their data to a more secure location. A motivating factor is the new EU legislation. The report also
reveals that 74 percent of the business leaders specified that they thought protecting the data correctly
would attract new customers.
• Data security is not just about protecting yourself against hacking and other digital threats. The
overall security critically depends on where your data is stored. Companies who actively select a
secure data centre to host their data will gain a competitive advantage in the market as the
management of personal information is in the spotlight, says Eckhoff.
Physical security is forgotten
While EU-based companies are in the process of adapting to the GDPR, Gartner predicted only 50
percent of American firms will be ready for the strict regulation by the end of 2018. It’s primarily the
largest companies and public enterprises that are furthest along in the process of adaptation. According
to Eckhoff, they are usually the ones that are the most concerned with data security and where it is
stored. Fire and operational safety are two obvious challenges, but physical security also includes
securing yourself against theft.
• Several smaller businesses and organizations keep their data servers at their offices, and the physical
security in many of the smaller data centers is almost absent. If your data is stored in such a data
center, where someone easily could break in and physically remove the hardware containing your
information, then you are very vulnerable – both operationally and in relation to GDPR, says Eckhoff.
At DigiPlex’s data centers, several layers of security ensure the safety of the data and the personal
information that is stored there. Physical security is one of the most complicated and expensive features
when building or updating a data center. That is why newly established data centers have to reach
critical mass, allowing them to store enough data to compensate for the large security investment.
Adapting to GDPR
One consideration to take, as we are getting closer to the implementation date of GDPR, is where your
data center should be located. Several US based companies are already relocating their centers to the EU
in order to comply. Multiple database providers are helping non-EU companies organize and segregate
EU data from other personal information. The data center industry is well established in Europe, and
some of the most cost and climate efficient centers are located in the Nordic countries.
In the Nordics, the cool climate helps chill down vast amounts of hardware that otherwise would have
been cooled down solely by electricity. Additionally, the electricity that is required by data centers to run
their operations is supplied through easy access to affordable renewable energy.
• In recent years, we have seen political turbulence in larger parts of the world, Europe included. The
stabile political environment in the Nordic countries is also a climate to consider, as the establishment
of data centers is a long-term investment, says Eckhoff.
www.insightssuccess.com26 2019|October
Corlytics
Empowering Clients to Make
Informed Choices
ack in 2008, when the Lehman Brothers filed for
Bbankruptcy, it was done with fear and confusion,
following one of the worst economic meltdown
since 1920’s great depression. Up until then Lehman
Brothers survived the great depression, two world wars,
cash shortage, the Russian debt default of 1998 and the long
term capital management collapse. However, despite
surviving all these, the collapse of the housing market in the
US brought Lehman brothers to its knees.
Back in 2008, compliance was a nuisance function that
banks used to keep in the back office. Its importance wasn’t
fully appreciated, and there had been a complete lack of
investment in it. Fifteen years ago, banks may have paid
attention to the regulators, but they didn’t worry about them
the way they do today.
So, with the target of delivering world class regulatory risk
data and analytics, Corlytics empowers its partners to make
transformational, informed, and positive choices. It uses a
combination of artificial and human intelligence to
categorize and organize regulatory notices and when
required, internal firm data, into highly structured relevant
information. This allows regulated firms to protect
themselves from unexpected exposures and fines.
The Inception Story
Thanks to the global economic meltdown of 2008, banks
and other financial institutions have been confronted by an
intimidating stack of new regulations. However, the
founders of Corlytics found a business opportunity in the
landslide of 54,000 regulatory documents which was
published by 130 different agencies of the G20 countries.
The most shocking part of this financial meltdown was
Lehman Brother’s bankruptcy filing, since the great
depression of 1920s no major bank had failed. And
suddenly one of the top 10 investment banks was gone! Just
like that! This created a problem that was unseen before. In
fact, the biggest risk for the world’s top 20 banks today is
regulatory risk. Last year there were about $100 billion in
fines levied on banks for not complying with regulations. In
2008, before the big financial crisis, that was less than $1
billion.
When the Aim is to Solve Regulatory Risks
Corytics analyses the enforcement outcomes of each
regulator and regulatory categories, allowing banks and
financial institutions to understand the business impact.
Data is presented in a digestible, easy to action dashboard,
with heat-maps and financial impact predictions.
Corlytics’ technology includes:
Taxonomy Mapping: Corlytics’ regulatory taxonomy
John Byrne
CEO & Founder
Corlytics
www.insightssuccess.com28 2019|October
solution enables categorization, mapping and routing of
regulatory content to a firm’s view of compliance risk,
business lines, and controls. Corlytics makes sense of
regulatory notices for departments, teams and individuals so
that only relevant information is highlighted for action. The
solution has also been used to create the world’s first
‘searchable’ intelligent handbook, through taxonomy
mapping.
Monitoring global regulators: Corlytics’ bots scan all
notices from regulators for all types of regulatory content. It
collates this information to a single cloud-based repository,
which can be used for analysis and risk weighting.
®
Risk insights: RiskFusion highlights regulatory concerns
for risk, audit and compliance teams to assist in the
planning and allocation of regulatory compliance
investments. Corlytics collects and categorizes regulatory
data. Relevant data sets are then analyzed and summarized
®
by Corlytics regulatory and legal analysts. RiskFusion risk
models are applied to the curated data to illustrate the
highest risk jurisdictions, regulations, regulatory topics and
provisions.
Corlytics RED app: This app scans regulators in near real-
time for all types of regulatory developments. These include
regulatory notices, speeches, press releases, consultations,
enforcements and penalties. Users can choose five global
regulators to appear in their feed and RED (regulatory
enforcement data) alerts on content relevant to them.
The Trendsetter
John Byrne is the CEO and founder of Corlytics. When it
comes to setting the company’s vision and strategy, John is
the go to guy. He is a serial entrepreneur in the financial
technology sector, and has built and sold multiple global
technology based enterprises. He also founded one of the
first campus companies in Ireland back in 1985 in the
energy sector. That’s not all; he also built Information
Mosaic in 1997, a global player in the securities software
industry which was later sold to Markit in 2015.
Since the introduction of global regulations for the financial
markets in 2009, John realized that there was complete lack
of intelligence and predictive analytics in order to help the
banks, regulators and their advisers to make informed
decisions.
Picking up Invisible Trends
Corlytics has developed a global taxonomy that structures
all regulatory notices, enabling businesses to look across
jurisdictions for common trends and patterns. This global
intelligence means the company can pick out emerging
trends that are otherwise invisible. In 2017, Corlytics
helped develop the world’s first intelligent regulatory
handbook for the UK’s regulator the Financial Conduct
Authority (FCA). The FCA handbook is used by thousands
of regulated financial institutions and their advisors daily. It
contains binding regulatory obligations and guidance for
firms.
Corlytics has worked with the team at the FCA to apply a
central, common taxonomy to all regulations. Having put
this in place, the existing material in the handbook can be
tagged and machine read. This allows for a much more
user-friendly search and navigation experience.
When Expansion is on the Cards
Corlytics continues to generate promising unsolicited
inward leads and referrals which reflect the strength of its
value proposition and suite of compliance risk applications.
The company’s sales and successes to date with early
adopters including global regulators, large global banks and
financial institutions illustrate substantial validation of its
product.
According to the company, it will continue to pursue its
sales channels in core markets such as Europe and the US.
A strategic partnership with a global bank, advisory practice
or consultancy firm may be considered to accelerate growth
and market approval in new territories.
This year, Corlytics is planning on expanding its core
product offer in terms of strategic geographical and
regulatory coverage to include other jurisdictions. In terms
of market segmentation, it sees significant potential for
sustained growth across asset management, brokerage and
insurance.
We are now at the very fore
of regulatory intelligence
revolution. Our forensic
analysis and forecasting of
regulatory risk and
sentencing globally by four
different professions sees
Corlytics deliver 360-
degree intelligence.
www.insightssuccess.com 2019|October
The
Trusted
W
hat are the latest trends in business world? An
impressive raise in regulatory, compliance and
risk management requirements together with
an exponential growth of data that corporations struggle to
manage. The idea behind Governance.com is a spot-on
observation and vision of our founders, Bert (CEO) and
Rob Boerman (CTO) to allow regulated entities to connect
and structure their data.
As a Regtech, our purpose is to allow our clients to
structure and simplify their data and control their business
by building their workflows, checklists and activities
around it. Governance.com is a totally flexible and
customizable central system which can be interfaced with
legacy and external systems of our clients. All their data
and operational flows are centrally linked and easily
accessible via our platform. This explains our continuous
growth and recognition among the industry (winning
Fintech of the year Award in 2016 in LU, included on
Fintech 50 2018 and Global 100 Regtech in 2017).
We all know that a revolutionary vision and performant
system do not guarantee commercial success. Regtech is a
relatively young concept which has to show all its potential
and concrete value to traditional companies. I truly believe
that the key for a successful collaboration lies on an open
and transparent communication. The biggest concern and
pain point of Regtech companies is the lengthy decision and
procurement process of the companies. There is no point to get
frustrated on this as we have no control on this process. I
believe the optimal way to build long-lasting relationships is
to focus on the challenges, needs and culture of our clients. An
intensive risk assessment, a multi-layer decision taking and
procurement process is part of the DNA of the regulated
companies we are talking to. So, either deal with it or stay
aside for Regtech CCOs.
This is one of the first strategic decisions I have taken as
Commercial Director: rather than beginning to talk how
marvelous and innovative our solution is (and I truly believe
Governance.com is an awesome platform) we always begin
discussions by asking our contacts:
Ÿ How do you manage your business?
Ÿ What would you like to achieve with it?
Ÿ What are you biggest pains?
st
Ÿ Who are the users? What is the 1 thing they will do on
Governance.com?
Based on their feedback, second step is to show the features
and functionalities of our platform adapted to their needs.
During the advanced negotiations phase, we aim to underline
our concrete support and value:
Allowing
Regulated Entities
to Connect and Structure
their Data
Industry Intel
www.insightssuccess.com32 2019|October
About the Author
Olus Kayacan, CCO of Governance.com, has over 20
years of experience in Financial Markets including
prime brokerage and asset management with a
substantial network of Institutional Investors, Retail
and Private Banks, Brokers, Asset managers, Family
Offices and Corporates. His career has allowed him
to meet extremely exciting, interesting and
professional individuals every single day. He has
successfully participated to the launch &
development of several businesses and
overachieved commercial targets on each of
them.
Ÿ Define together the Return on Investment of the project:
our aim is to achieve 600% ROI within 3 years
Ÿ Focus on Simplicity of our platform: our motto is that a
system is useful and will be used massively if it is
simple to use
Ÿ Propose Agile and timely Implementation: tech means a
quick, easy and efficient deployment
Ÿ Close follow-up of their activity: our Business Support
experts are easily accessible during the entire process
and afterwards to assist our clients in case of need
This approach is the key for the strong and long-term
relationships.
It is also vital to integrate the decision-making and
procurement variables very early in the process. Regtech is
a new concept and Senior Management and Decision-
Makers are sometimes informed of the procurement process
once they have decided to use our platform. A pro-active
and continuous support is the key to be able to work with
them quicker and help them throughout the process.
This, I believe, is the reason of our success and our
shortened relationships activation compared to our industry
standards. We are all so proud to be part of this exciting
adventure, which allowed us to grow from 2 to 17 FTE with
offices in Luxembourg and the Netherlands.
We have many exciting challenges for the upcoming year:
Ÿ Continue our international expansion by partnering with
high-quality organizations and direct presence via local
offices. We plan to be present in the UK during 2018
and extend to US and Asia during 2019 to get closer to
our clients worldwide.
Ÿ Ensure continuous enhancement of our functionalities
by listening to our clients
Ÿ Implement Machine Learning and AI functionalities we
are working on our platform
Financial Regulation and Compliance costs around 780 BN
$/year: 1% of Worldwide GDP! This is why it is so exciting
for me to work within tech and being able to participate to a
sustainable economy by providing a cost-efficient, safer and
user-friendly solution!
Olus Kayacan
CCO
Governance.com
www.insightssuccess.com 2019| 33October
Great Bay Software
Closing the IoT Security Gap
hile “Internet of Things” security is the focus of
WGreat Bay Software today, its beginning
predates IoT. The company got its start in
2005, working with clients to help shore up their networks
with network authentication, and they identified a
significant gap in the market: Endpoint Visibility. They
created a product called Beacon, and this became the
flagship product of their new company, Great Bay Software.
With that launch, Beacon was suddenly on the map – it was
quickly OEMed by household names in Network Access
Control. But by 2014, Beacon had outgrown this OEM
status – by then, the product included features like
authentication and enforcement, and it also had the ability
to discover and profile the new world of IoT devices.
With the advent of the “Internet of Things” starting in the
mid to late 2000s, Great Bay knew that Network Security
would need to change. In these early days with Beacon, the
organization envisioned the next generation of IoT Network
Security – and that gave birth to its Network Intelligence
Platform. The company took the core of Beacon and its
agentless architecture and, after years of successfully
ingesting data from enterprise sources, it build out a robust
Open Platform designed for bidirectional integration. The
highly migratory and rapidly evolving nature of IoT
necessitates an elastic and responsive security framework,
in addition to the wisdom and context from the enterprise
environment.
Importance of Security
Security concerns around the “Internet of Things” have
been percolating for decades, but today’s enterprises are on
the cusp of the crisis. For years, an endless barrage of
under-secured gadgets was acquired by consumers at a
dizzying pace, and the tipping point of enterprises hit just a
few years ago– business investment in IoT was $215B in
2015 and is expected to grow as much as $832B by 2020.
Attacks on unsecured IoT are on the rise, driving up risk in
every industry sector around the globe. Gartner forecasts
that, by 2020, there will be more than 20 billion internet-
connected devices in use, with IoT connecting everything
form jet engines and commercial vehicles to manufacturing
equipment and office equipment to personal cars and
consumer electronics. This staggering number, along with
the range of device manufacturers, creates a vastly larger
and more complex environment for enterprises – and a
larger attack surface.
Great Bay Software was the first IoT Security solution on
the market to eliminate the cost and complexity of network
visibility and control with an agentless architecture that
automated the device discovery, threat detection and
defense – well before any other solutions on the market.
Today, the company is a leading provider of IoT Visibility
and Control, and its Network Intelligence Platform provides
organizations of all industries and sizes with unparalleled
visibility, scale, and control to address one of the most
prolific and challenging cybersecurity risks of today’s time:
IoT devices. The company’s vision is to arm every
company with the visibility, and control needed to harness
Ty Powers
Vice President
Technical Solutions
www.insightssuccess.com34 2019|October
the power of IoT – along with the means to protect their
organization, customers, partners and stakeholders at scale.
Risk Management Challenges
Educating enterprises about IoT risks and security is one of
the biggest challenges. Most companies see the productivity
gains that can come from IoT and jump – but they don’t
always understand the risks. Or, even if they do, they don’t
understand the urgency. There are numerous examples
where IoT enterprise threats are here now – and Great Bay
Software is in a place where CISOs and their teams cannot
de-prioritize this any longer. Often, the challenge is based
on budget or IT skills shortages - but the company can very
quickly show how its platform can save organizations’
valuable time. The ROI is there.
In addition, even when risks are understood, many
companies and industry leaders are focused on device
manufacturers – there is a deep desire to drive security
standards from the manufacturing side. While there have
been some improvements, that approach has a critical flaw:
the way IoT devices are manufactured is core to the
problem of security.
When looking at broad manufacturing processes for IoT
devices, there are several players. It starts with the chip
manufacturers, who compete based on price and have slim
profits margins, so there may be limited engineering focus
placed on security. Next, there are the system manufacturers
– they choose off-the-shelf silicon and OEM software,
manufacture the device, and maybe build in some tech
elements, but don’t often put their brand name on it. Finally,
the brand-name company packages and makes sure
everything works and ships the product. At that point,
maintaining the platform, firmware, and patching the OS
may not be a priority (or possible), and the software is often
times outdated even if the product is new to market. Who is
responsible for keeping everything up to date? It’s not clear,
so it doesn’t happen. The waters are even murkier if one of
the entities goes out of business or is acquired.
When evaluating regulated industries like healthcare,
Medical Device manufacturers face another conundrum:
device review and approvals can take as much as 5-7 years,
so the software is often times dated just as soon as the
device is approved for launch. And the device may have a
life span of as much as 15-20 years. This is a far cry from
the 3-5 years expected from most PCs, tablets and mobile
phones.
As such, while manufacturing; security is important, it is
only one control. So, Great Bay Software believes outside
governance is of utmost importance for security to be
delivered – it’s all about checks and balances.
Prompt and Thorough Leader
Ty Powers has been with Great Bay since the beginning –
but, back in 2005, this predated the advent of IoT. That said,
the company’s DNA is in endpoint visibility, security, and
networks. Great Bay Software has worked with CISOs and
CIOs from companies of all sizes and all industries – and
Ty had a front role seat to much of it. As a security analyst,
solution architect, systems engineer, technical product
manager... and now, Vice President Technical Solutions.
His role working alongside customers as they engage with
the company’s platform has been among the most
rewarding.
We ensure that
enterprises know their
real-time IoT risk and
can easily detect, locate
and mitigate device
threats as they emerge.
www.insightssuccess.com 2019| 35October
The
Trusted
Ty brings more than 20 years of network infrastructure and
security experience to Great Bay Software. He has
specialized in all phases of network security, from the
design, planning, and scaling of architectures to the
implementation, integration, and deployment of critical
network security solutions. Ty has held technical positions
at Aruba Networks, Blue Spruce Technologies, Enterasys
Networks, and Cabletron Systems.
Solutions Offered by Great Bay
The company’s Network Intelligence Platform is designed
to discover, profile, and monitor all network-attached
endpoints – in real-time without an agent. It is the first and
the only real-time visibility and enforcement solution
proved to deliver device discovery, robust profiling,
continuous behavior monitoring, and flexible remediation at
an enterprise scale. The company has secured more than 1.5
million devices in a single instance for an enterprise – this
is the largest known deployment in the industry. Great
Bay’s platform includes:
Ÿ Unmatched Visibility: Great Bay Software’s agentless
architecture ensures that it sees 100% of network-
attached devices – arming IT, security, compliance,
clinical and operations teams with a complete view of
all IoT devices. Presented in an intuitive interface, the
company enables professionals to obtain complete and
up-to-the-minute asset inventory, and enable them to
quickly detect, understand, and mitigate device risks
within 2-3 clicks.
Ÿ Real-time Behavior Monitoring & Risk Intelligence
Scoring: The Great Bay Network Intelligence Platform
analyzes the identity and behavioral attributes of
endpoints, identifying real-time events and, when
needed, automating a change to mitigate risk.
Leveraging and correlating multiple risk indicators, the
platform also calculates an enterprise risk score based
on each organizations’ unique environment and
priorities.
Ÿ Dynamic Network Segmentation and VLAN
Strategy: Network Segmentation is a best practice for
security and compliance that is increasingly impractical
to implement and maintain in large corporate
environments. Great Bay Software Network Intelligence
Platform is designed to help identify, devise & enforce
an optimal segmentation strategy – streamlining
operations, and strengthening security by dynamically
taking action to alert administrations when network
security policies are compromised.
Ÿ Bidirectional Integration and Workflow Automation:
The company’s Open Platform is designed to increase
the efficacy of the security architecture and asset
management systems through the sharing of endpoints
attribute data and context. Delivered through our rich
API or Great Bay Data Connector, the bidirectional
data-flows enables powerful feature delivery, such as
dynamic ticket generation, and also improved
infrastructure security and a higher return on
investment.
Innovative Future
Great Bay’s platform is among the first to address and solve
the enormous challenges around IoT device visibility and
control. Understanding of the threats in this market is still
emerging – and the company is poised to help organizations
of all walks and sizes tackle these issues head-on. The
company’s platform continues to evolve as IoT continues to
mature, and Ty is looking forward to announcing several
innovations in the not-too-distant future.
www.insightssuccess.com36 2019|October
Data Center Security
The rise in cyber-crimes is one of the main causes of
Data center outages. As per the recent survey
conducted by industry insiders, cyber-crime caused
22 percent data center outages in 2015 opposed to 2 percent
outages in 2010. Adding to all these, now most of the data
centers are re-evaluating their security policies after the
recent WannaCry ransomware attack.
Data center outages cause companies to loss revenue in
many ways. However, the costliest loss is service
interruption and loss of IT productivity. So, the
organizations are now realizing that traditional security is
no longer secure enough to secure any data center. A recent
study has found that 83 percent of traffic travels east/west
within the data center, which stays undetected by the
perimeter security. In this environment, when an attacker
infiltrates the perimeter firewall, then can jump across the
system with ease, extract information and compromise
valuable data. Additionally, data centers can fail due to
trespassers or a terrorist attack or by natural calamities.
So, how can one secure a data center in the best way
possible from any kind of cyber threat? Don’t worry we’ve
got you covered, with the points below.
As the first step, one should Map the Data Center and flag
the hackers within the virtual and physical infrastructure.
The CSOs and CIOs with a system map of their systems
can react to any suspicious activity and take steps to stop
data breaches. Being able to visualize different traffic
patterns within a network helps to understand threats, that
eventually elevates the level of security.
Understanding and measurement of traffic flow within
the data center boundary are very important. In the case of
any interruption in traffic across east/west vs north/south,
protected vs unprotected one can get to know about a threat.
Additionally, vulnerable zones and unprotected traffic need
to be monitored for a better result.
Firewall rules need to be defined and implemented as per
requirements. Additionally, one should allow traffic only
after thorough verification and selectively allow
communication to ensure maximum protection. The key is
to identify, what is legal and secured and what can be
blocked to enhance security.
One needs to Build a Team with executives who
understand how traffic flows within the premises and can
access & secure information, take necessary measures to
secure important assets along with the implementation of
roadblocks for the attackers.
Security must move as fast as a data center’s technology
adoption and integration. Security Strategy Should
Change Alongside the Technology and it should not be
treated as an add-on option. Additionally, businesses also
should ensure that their virus protection, signatures other
protection features are up to date for better protection.
Businesses should Identify and Place Controls over high-
value assets, which will help to reduce risk. However, older
security solutions are completely blind to new threats, new
security companies have produced latest solutions that
protect data in the virtual world.
Access Restriction also needs to be imposed. Every
business should thoroughly check a person’s background
before giving the access to a prized possession. Access to
the main site and the loading bay must be limited,
Controlling Possible Threats
www.insightssuccess.com38 2019|October
additionally, two-factor authentications and fortified interiors with security guards and roving patrols would help to
safeguard the employees and the data center.
Installing Surveillance Cameras around the data center, alongside removing signs which may provide clues to its function
helps to locate an intruder. A buffer zone between the data center and all the entry points will limit unlawful trespassing to a
great extent. Additionally, the data center needs to be far away from the main road and it should not have any windows other
than administrative purposes for better security.
A data center should Check Test Back-Up Systems regularly as prescribed by the manufacturer. It should also ensure to
make a list and of Do’s and Don’ts in the event of an attack. Recovery plans and security plans also need to be checked
thoroughly.
Data centers are always a Soft Target for The Terrorists, as an attack on them can disrupt and damage major business and
communication infrastructure. So, security needs to be taken seriously and to do that proactive steps should be taken to limit
the impact of a terrorist attack.
Trained Security Guards needs to be posted inside a data center and they should be well trained. Security officers must
undergo strict site-specific training to monitor surveillance footage. Depending on the size of data center and the number of
security cameras multiple security officers may be required on duty. Security officers dedicated to inspecting surveillance
footage helps when it comes to securing a data center.
Disaster Recovery is very much important, that must be in place. If the data center stops functioning after an attack or
natural calamity, it must have a way to restore operations as soon as possible. To be ready for a disaster and to evaluate the
disaster recovery plan, it’s necessary to train staffs well and experience simulated disasters.
To avoid these obstacles, one needs a fair bit of knowledge of new security systems, solid plans, and comprehensive
visibility. The more work a data center can do up front in the above-mentioned areas the better the chances of success with
lesser outages.
www.insightssuccess.com 2019| 39October
Editor’s Pick
Matrix-IFS
The Modern Day Crime Fighters.
Protecting Financial Institutions from
Hackers, Fraudsters & Money Launderers.
ith millions of accounts containing people’s
Wlife savings, security has always been one of
the largest concerns for financial institutions
and their customers. As cybercriminals become more
sophisticated in their hacking techniques, so should a
company’s cybersecurity and fraud prevention systems.
Although new technologies provide more advanced
security options, knowing which ones to use and how to
implementitis achallengemanyinstitutionsfacetoday.
Aa a global leader in financial crime and compliance
consulting and services, Matrix International Financial
Services (Matrix-IFS) places the safety, privacy, and
security of financial institutions and their customers above
all. Led by Chief Executive Officer, Renan Levy, the
company provides bespoke solutions to the financial sector
thataddress emergingthreats.
About Matrix-IFS
Matrix-IFS was founded in 2006, due to the growing need
for tailor-made, cost-effective services in financial crime
domains - risk management, Anti-money Laundering
(AML) andfraudprevention.
“For the past thirteen years, the IT financial crime space
has been exploding as regulations become more
demanding, and technologies such as artificial
intelligence (AI) and Machine Learning continue to
improve. The risk of being a target of illegal activities is
only increasing, requiring the banks and other financial
institutions to adopt various solutions to protect
themselves from different types of attacks. Matrix-IFS was
founded for this particular reason: to help our clients
address these issues by providing domain and IT expertise
of highly qualified and experienced financial crime
specialists.”,Renan commented on the landscape of
financialcrime.
Havingthe Customers’Best Interests at Heart
Renan adds, “As a leading advisory firm, we strive to
deliver only the best-suited solutions for our clients. We
develop customized solutions jointly after a careful
examination of the companies’ requirements, existing
technologies,and processes. One shoe does notfitall.”
Since Matrix-IFS is vendor agnostic, it can offer its
customers “best of breed” solutions, meaning that the
Renan Levy
CEO
www.insightssuccess.com40 2019|October
2019| 41Octoberwww.insightssuccess.com
company’s experts combine different technologies to offer
the most efficient financial crime ecosystem. For example,
whereas some vendors have strong AML systems, they
maylackagood dataqualityor fraudpreventionsolution.
When asked about implementing cutting-edge
technologies, Levy responded, “A robust AML or fraud
prevention program requires a deep understanding of the
data, relevant analytics, and the effective application of
innovative technologies and processes, to name a few:
Machine Learning, AI, and Robotic Process Automation
(RPA).
Renan also states that one of the main challenges faced by
the market today is addressing high volumes of false-
positive alerts generated by transaction monitoring
systems. This inherently wastes a great deal of time and
money due to inaccurate results that can lead to missing
bonafide alerts and causing high rates of customer
frustration. Matrix-IFS’ experts have developed
methodologies to optimizeAML/fraud prevention systems
and models to reduce the false-positive ratio, freeing up
investigators’ time to handle real threats. One method of
making the process more efficient and cost-effective is
through RPA, which automates manual and repetitive
tasks, reducingoverheadandincreasingaccuracy.
Addressing ClientVulnerabilities
Many vendors in the market try to address the issues of
fraud and cybersecurity. Most address 80% to 85% of the
client’s security issues. Matrix-IFS uses penetration
testing to assess the institution’s vulnerability. This
methodology takes a bird’s-eye view, looking at the whole
pictureratherthanonlythemainstream.
Stepping into the Shoes of the Leader
Boasting a proven track record of building and running
several successful companies in the fields of technology,
banking, business, and consumer services, six years ago
Renan took on the role of Matrix-IFS’CEO. Since then, he
has grown the company’s footprint from a single office in
NJ to include a global network of offices. Under his
leadership, the company’s offerings have expanded while
notcompromisingonqualityandinnovation.
AStepAhead of the Competition
According to Renan, “What sets Matrix-IFS apart from
other consulting firms is our domain and technology
expertise, which derive from years of experience providing
risk management and financial crime prevention solutions
solely to the financial sector and, by doing so, honing our
craft. No one is as focused or has as many successful
advisory and implementations projects in the fraud
preventionandAMLspaceunder theirbeltsas wedo.”
He continued to say, “Our number-one value is the client’s
success; it drives the company forward to deliver tangible,
measurable results. This kind of customer-centric culture
across the entire company is what drives us. There is
nothing more rewarding than seeing our clients return to
us timeand timeagainoverthespaceoftwodecades.”
AGlimpseatMatrix-IFS’s Future
Renan aspires to bring even more value to his clients by
developing impenetrable new services, including
cybersecurity offerings, top-of-the-line cloud services, and
trustworthy data quality solutions. He envisions for the
company’s future expansion into new territories -growing
Matrix-IFS’offeringswithinthefinancialsector
andbeyond.
Our number-one value is
the client’s success; it drives
the company forward to
deliver tangible, measurable
results. There is nothing more
rewarding than seeing our
clients return to us time and
time again over the space of
two decades.
The
Trusted
Has the number of security issues you deal with on a
routine basis ever made you feel a bit like Atlas carrying
the world on your shoulders? I can’t tell you the number
of conversations I’ve had with discontented security practitioners
who lament to me the woes of trying to speak with management
about the latest Heartbleed or Spectre/Meltdown vulnerabilities and
‘management just doesn’t understand’. Even worse, when
management inevitably turns a blind eye to the issue, the security
practitioner worries that they’ll be searching for a new job if
the vulnerability is ever exploited. As the Information
Security Program Owner at National Instruments for over
eight years, I frequently find myself offering up the
following bit of advice to my compatriots who are
struggling with what to do in this situation.
When I first started the security program at National
Instruments, I had these same feelings of anxiety. The
tools that I was using to scan our networks, systems,
and applications were coming up with vulnerabilities
left and right, but there were few things that I had the
ability to fix. I had to go to another team, explain what
had been found, and then I had to somehow try and
convince them that they needed to fix it. In some cases
they humored me, but in many cases the result was that
my vulnerabilities were just another bug that they’d get
Minimizing the
Adverse
Effects
of Risks
Josh Sokol
Creator & CEO
SimpleRisk
www.insightssuccess.com42 2019|October
to when they had time. The weight of all of these
unmitigated issues was crushing me. I knew that if I
didn’t find a better way to do things, then I wouldn’t last
long in that role.
I quickly came to realize that my role as a security
practitioner never was to fix the vulnerabilities that I
found. That was the function of the application
administrators. Nor could I control the resources and
roadmaps which determine the prioritizations of the
various mitigations. That role belongs to members of the
business. My primary function as a security practitioner
was to assist in identifying the issues, advise on how to
mitigate them, and ensure that the right stakeholders are
aware and educated so that they could make the most
informed decision possible for the business. In short, my
role was that of a risk manager and my job was to drive
visibility and accountability of the risks the organization
is accepting to the stakeholders who are accepting them.
To formalize the processes around my newly found risk
management role, I did quite a bit of research around
what others were doing. Eventually, I stumbled across
the NIST SP 800-30, a Risk Management Guide for
Information Technology Systems. I’ll admit that it
wasn’t the most titillating document I’ve ever read, but
the content really helped to solidify what our risk
management process needed to look like.
To start with, I needed a way to track all of the risks that
we were collecting through various assessment processes
in our environment. This system, typically referred to as
a risk registry, would become the aggregation of risks
found in our organization through vulnerability
assessment, auditing, interviews, vendor notifications
and many other sources. In order to be successful, I
needed a system that everyone could access quickly and
come across a risk in their environment and a system that
allowed them to enter a minimal amount of data about
the risk so that they could get right back into what they
were doing when they identified the risk. I would then
use that information to later populate the details myself
or to schedule time on their calendar to fill me in. My
system also needed a way for me to understand the
prioritization, or risk level, of the risks I was capturing.
Once the risk had been recorded, I needed a way to track
how we were going to handle the risk. Possible options
ranged from accepting the risk because the likelihood
and impact were within what we considered to be a
tolerable range to planning some sort of mitigation for
the risk. I needed a way to understand the level of effort
involved so we could balance those costs against the risk
level.
If my ultimate goal was to drive visibility and
accountability up the chain of management, my last step
was to have a process for who would perform a review
of the risks. I decided to use a combination of the team a
risk is assigned to and the risk score. Since risk
management is designed to be a cyclical process with
risks re-evaluated on a routine basis, I also used the score
to determine how often the risk would be reviewed.
Most of the organizations I speak with these days about
risk management start out using complicated formulas on
excel spreadsheets, but there are tools called
‘Governance Risk and Compliance’ (GRC) that can help
you with this endeavor. There range options from open
source tools like ‘SimpleRisk’ to more expensive options
like ‘Archer’. It depends on how complicated you need
your workflows to be and how many resources you can
afford to spend to run the program.
I started this discussion with the person telling me that
‘management just doesn’t understand’. The fact of the
matter is that management doesn’t understand because
they weren’t speaking the same language. Your business
understands risk because they use it every day to make
calculated decisions about the investments it is making.
Risk is the language of business and shifting the focus of
your conversations to risk will ensure that everyone is on
the same page and that you are not only viewed by
management as an excellent communicator, but also a
stellar security professional helping to guide the
organization in proper risk management. Not only that,
but you will sleep better at night after shedding that
weight off your shoulders and placing it back on the
solid risk management foundation on which it belongs.
www.insightssuccess.com 2019| 43October
Interpreting Risks
The 10 most trusted risk management solution providers 2019
The 10 most trusted risk management solution providers 2019
The 10 most trusted risk management solution providers 2019

More Related Content

What's hot

Keeping security relevant amid digital transformation
Keeping security relevant amid digital transformationKeeping security relevant amid digital transformation
Keeping security relevant amid digital transformation
Symptai Consulting Limited
 
Digital Transformation (Implications for the CXO)
Digital Transformation (Implications for the CXO)Digital Transformation (Implications for the CXO)
Digital Transformation (Implications for the CXO)
Anant Desai
 
Fortifying for the future: Insights from the 2014 IBM Chief Information Secur...
Fortifying for the future: Insights from the 2014 IBM Chief Information Secur...Fortifying for the future: Insights from the 2014 IBM Chief Information Secur...
Fortifying for the future: Insights from the 2014 IBM Chief Information Secur...
IBM Center for Applied Insights
 
EMA Megatrends in Cyber-Security
EMA Megatrends in Cyber-SecurityEMA Megatrends in Cyber-Security
EMA Megatrends in Cyber-Security
Enterprise Management Associates
 
ZDNet Korea event introduction & schedule 2015
ZDNet Korea event introduction & schedule 2015 ZDNet Korea event introduction & schedule 2015
ZDNet Korea event introduction & schedule 2015
Kai [Kyung Seok] Song
 
Decoding Organizational DNA
Decoding Organizational DNADecoding Organizational DNA
Decoding Organizational DNA
accenture
 
The path to self-disruption
The path to self-disruptionThe path to self-disruption
The path to self-disruption
The Economist Media Businesses
 
Vision 2030: A Connected Future
Vision 2030: A Connected FutureVision 2030: A Connected Future
Vision 2030: A Connected Future
Wipro Digital
 
SugarCon 2012 Presentation
SugarCon 2012 PresentationSugarCon 2012 Presentation
SugarCon 2012 Presentation
Jesus Hoyos
 
7 FAQs about cloud by CFOs
7 FAQs about cloud by CFOs7 FAQs about cloud by CFOs
7 FAQs about cloud by CFOs
Deloitte United States
 
Microsoft Corp Full Report - Sept 2016
Microsoft Corp Full Report - Sept 2016Microsoft Corp Full Report - Sept 2016
Microsoft Corp Full Report - Sept 2016
Vipul Arora
 
7 Experts on Transforming Customer Experience with Data Insights (1)
7 Experts on Transforming Customer Experience with Data Insights (1)7 Experts on Transforming Customer Experience with Data Insights (1)
7 Experts on Transforming Customer Experience with Data Insights (1)
Mighty Guides, Inc.
 
Hot technology trends for 2020 and beyond: A preview of Deloitte’s annual Tec...
Hot technology trends for 2020 and beyond: A preview of Deloitte’s annual Tec...Hot technology trends for 2020 and beyond: A preview of Deloitte’s annual Tec...
Hot technology trends for 2020 and beyond: A preview of Deloitte’s annual Tec...
Deloitte United States
 
Cybersecurity through the Deloitte lens
Cybersecurity through the Deloitte lensCybersecurity through the Deloitte lens
Cybersecurity through the Deloitte lens
aakash malhotra
 
Cybersecurity Improvement eBook
Cybersecurity Improvement eBookCybersecurity Improvement eBook
Cybersecurity Improvement eBook
Pablo Junco
 
The state of it complexity in apj whitepaper final
The state of it complexity in apj whitepaper finalThe state of it complexity in apj whitepaper final
The state of it complexity in apj whitepaper final
digitalinasia
 
Digital Literacy Slides
Digital Literacy SlidesDigital Literacy Slides
Digital Literacy Slides
Şirket Haberleri
 
The 10 successful entrepreneur revamping the future compressed
The 10 successful entrepreneur revamping the future compressedThe 10 successful entrepreneur revamping the future compressed
The 10 successful entrepreneur revamping the future compressed
Insights success media and technology pvt ltd
 
The state of it complexity in singapore whitepaper final
The state of it complexity in singapore whitepaper finalThe state of it complexity in singapore whitepaper final
The state of it complexity in singapore whitepaper final
digitalinasia
 
Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014
Kim Jensen
 

What's hot (20)

Keeping security relevant amid digital transformation
Keeping security relevant amid digital transformationKeeping security relevant amid digital transformation
Keeping security relevant amid digital transformation
 
Digital Transformation (Implications for the CXO)
Digital Transformation (Implications for the CXO)Digital Transformation (Implications for the CXO)
Digital Transformation (Implications for the CXO)
 
Fortifying for the future: Insights from the 2014 IBM Chief Information Secur...
Fortifying for the future: Insights from the 2014 IBM Chief Information Secur...Fortifying for the future: Insights from the 2014 IBM Chief Information Secur...
Fortifying for the future: Insights from the 2014 IBM Chief Information Secur...
 
EMA Megatrends in Cyber-Security
EMA Megatrends in Cyber-SecurityEMA Megatrends in Cyber-Security
EMA Megatrends in Cyber-Security
 
ZDNet Korea event introduction & schedule 2015
ZDNet Korea event introduction & schedule 2015 ZDNet Korea event introduction & schedule 2015
ZDNet Korea event introduction & schedule 2015
 
Decoding Organizational DNA
Decoding Organizational DNADecoding Organizational DNA
Decoding Organizational DNA
 
The path to self-disruption
The path to self-disruptionThe path to self-disruption
The path to self-disruption
 
Vision 2030: A Connected Future
Vision 2030: A Connected FutureVision 2030: A Connected Future
Vision 2030: A Connected Future
 
SugarCon 2012 Presentation
SugarCon 2012 PresentationSugarCon 2012 Presentation
SugarCon 2012 Presentation
 
7 FAQs about cloud by CFOs
7 FAQs about cloud by CFOs7 FAQs about cloud by CFOs
7 FAQs about cloud by CFOs
 
Microsoft Corp Full Report - Sept 2016
Microsoft Corp Full Report - Sept 2016Microsoft Corp Full Report - Sept 2016
Microsoft Corp Full Report - Sept 2016
 
7 Experts on Transforming Customer Experience with Data Insights (1)
7 Experts on Transforming Customer Experience with Data Insights (1)7 Experts on Transforming Customer Experience with Data Insights (1)
7 Experts on Transforming Customer Experience with Data Insights (1)
 
Hot technology trends for 2020 and beyond: A preview of Deloitte’s annual Tec...
Hot technology trends for 2020 and beyond: A preview of Deloitte’s annual Tec...Hot technology trends for 2020 and beyond: A preview of Deloitte’s annual Tec...
Hot technology trends for 2020 and beyond: A preview of Deloitte’s annual Tec...
 
Cybersecurity through the Deloitte lens
Cybersecurity through the Deloitte lensCybersecurity through the Deloitte lens
Cybersecurity through the Deloitte lens
 
Cybersecurity Improvement eBook
Cybersecurity Improvement eBookCybersecurity Improvement eBook
Cybersecurity Improvement eBook
 
The state of it complexity in apj whitepaper final
The state of it complexity in apj whitepaper finalThe state of it complexity in apj whitepaper final
The state of it complexity in apj whitepaper final
 
Digital Literacy Slides
Digital Literacy SlidesDigital Literacy Slides
Digital Literacy Slides
 
The 10 successful entrepreneur revamping the future compressed
The 10 successful entrepreneur revamping the future compressedThe 10 successful entrepreneur revamping the future compressed
The 10 successful entrepreneur revamping the future compressed
 
The state of it complexity in singapore whitepaper final
The state of it complexity in singapore whitepaper finalThe state of it complexity in singapore whitepaper final
The state of it complexity in singapore whitepaper final
 
Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014
 

Similar to The 10 most trusted risk management solution providers 2019

eCrime-report-2011-accessible
eCrime-report-2011-accessibleeCrime-report-2011-accessible
eCrime-report-2011-accessible
Charmaine Servado
 
How To Integrate Business Risk & IT Risk
How To Integrate Business Risk & IT Risk How To Integrate Business Risk & IT Risk
How To Integrate Business Risk & IT Risk
SureCloud
 
GRC Strategies in a Business_ Trends and Challenges.pdf
GRC Strategies in a Business_ Trends and Challenges.pdfGRC Strategies in a Business_ Trends and Challenges.pdf
GRC Strategies in a Business_ Trends and Challenges.pdf
basilmph
 
The 10 most trusted erm solution providers 2018
The 10 most trusted erm solution providers 2018The 10 most trusted erm solution providers 2018
The 10 most trusted erm solution providers 2018
Insights success media and technology pvt ltd
 
How Insurers Bring Focus to Digital Initiatives through a Maturity Looking Glass
How Insurers Bring Focus to Digital Initiatives through a Maturity Looking GlassHow Insurers Bring Focus to Digital Initiatives through a Maturity Looking Glass
How Insurers Bring Focus to Digital Initiatives through a Maturity Looking Glass
Cognizant
 
The 10 most trusted cyber security solution providers 2018
The 10 most trusted cyber security solution providers 2018The 10 most trusted cyber security solution providers 2018
The 10 most trusted cyber security solution providers 2018
Insights success media and technology pvt ltd
 
Selling Your Organization on Application Security
Selling Your Organization on Application SecuritySelling Your Organization on Application Security
Selling Your Organization on Application Security
Veracode
 
CroweHorwath
CroweHorwathCroweHorwath
CroweHorwath
Andrew Bird
 
Digital Readiness and the Pandemic: Assessing the Impact
Digital Readiness and the Pandemic: Assessing the ImpactDigital Readiness and the Pandemic: Assessing the Impact
Digital Readiness and the Pandemic: Assessing the Impact
Tata Consultancy Services
 
The Most Trustworthy Enterprise Security Solution Providers of India.pdf
The Most Trustworthy Enterprise Security Solution Providers of India.pdfThe Most Trustworthy Enterprise Security Solution Providers of India.pdf
The Most Trustworthy Enterprise Security Solution Providers of India.pdf
CIO Look Magazine
 
Risk & compliance magazine compressed
Risk & compliance magazine compressed Risk & compliance magazine compressed
Risk & compliance magazine compressed
Mirror Review
 
S sdlc datasheet q1-2015 v fnl
S sdlc datasheet q1-2015 v fnlS sdlc datasheet q1-2015 v fnl
S sdlc datasheet q1-2015 v fnl
Sally Chan
 
The 10 most innovative compliance assessment service provider 2021(1) compressed
The 10 most innovative compliance assessment service provider 2021(1) compressedThe 10 most innovative compliance assessment service provider 2021(1) compressed
The 10 most innovative compliance assessment service provider 2021(1) compressed
insightssuccess2
 
B2B Wave- Creating Ripples in B2B Industry
B2B Wave- Creating Ripples in B2B IndustryB2B Wave- Creating Ripples in B2B Industry
B2B Wave- Creating Ripples in B2B Industry
The Technology Headlines
 
Security Hurts Business - Don't Let It
Security Hurts Business - Don't Let ItSecurity Hurts Business - Don't Let It
Security Hurts Business - Don't Let It
Peak 10
 
The 10 most trusted erm solution providers 2019
The 10 most trusted erm solution providers 2019The 10 most trusted erm solution providers 2019
The 10 most trusted erm solution providers 2019
Insights success media and technology pvt ltd
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
PECB
 
Introduction to Digital Decisioning
Introduction to Digital DecisioningIntroduction to Digital Decisioning
Introduction to Digital Decisioning
Decision Management Solutions
 
Building An AI-Powered Organization To Solve Today’s Business Problems
Building An AI-Powered Organization To Solve Today’s Business ProblemsBuilding An AI-Powered Organization To Solve Today’s Business Problems
Building An AI-Powered Organization To Solve Today’s Business Problems
Bernard Marr
 
The 10 most successful leaders revolutionizing the bfsi sectors 2021
The 10 most successful leaders revolutionizing the bfsi sectors 2021The 10 most successful leaders revolutionizing the bfsi sectors 2021
The 10 most successful leaders revolutionizing the bfsi sectors 2021
Insights success media and technology pvt ltd
 

Similar to The 10 most trusted risk management solution providers 2019 (20)

eCrime-report-2011-accessible
eCrime-report-2011-accessibleeCrime-report-2011-accessible
eCrime-report-2011-accessible
 
How To Integrate Business Risk & IT Risk
How To Integrate Business Risk & IT Risk How To Integrate Business Risk & IT Risk
How To Integrate Business Risk & IT Risk
 
GRC Strategies in a Business_ Trends and Challenges.pdf
GRC Strategies in a Business_ Trends and Challenges.pdfGRC Strategies in a Business_ Trends and Challenges.pdf
GRC Strategies in a Business_ Trends and Challenges.pdf
 
The 10 most trusted erm solution providers 2018
The 10 most trusted erm solution providers 2018The 10 most trusted erm solution providers 2018
The 10 most trusted erm solution providers 2018
 
How Insurers Bring Focus to Digital Initiatives through a Maturity Looking Glass
How Insurers Bring Focus to Digital Initiatives through a Maturity Looking GlassHow Insurers Bring Focus to Digital Initiatives through a Maturity Looking Glass
How Insurers Bring Focus to Digital Initiatives through a Maturity Looking Glass
 
The 10 most trusted cyber security solution providers 2018
The 10 most trusted cyber security solution providers 2018The 10 most trusted cyber security solution providers 2018
The 10 most trusted cyber security solution providers 2018
 
Selling Your Organization on Application Security
Selling Your Organization on Application SecuritySelling Your Organization on Application Security
Selling Your Organization on Application Security
 
CroweHorwath
CroweHorwathCroweHorwath
CroweHorwath
 
Digital Readiness and the Pandemic: Assessing the Impact
Digital Readiness and the Pandemic: Assessing the ImpactDigital Readiness and the Pandemic: Assessing the Impact
Digital Readiness and the Pandemic: Assessing the Impact
 
The Most Trustworthy Enterprise Security Solution Providers of India.pdf
The Most Trustworthy Enterprise Security Solution Providers of India.pdfThe Most Trustworthy Enterprise Security Solution Providers of India.pdf
The Most Trustworthy Enterprise Security Solution Providers of India.pdf
 
Risk & compliance magazine compressed
Risk & compliance magazine compressed Risk & compliance magazine compressed
Risk & compliance magazine compressed
 
S sdlc datasheet q1-2015 v fnl
S sdlc datasheet q1-2015 v fnlS sdlc datasheet q1-2015 v fnl
S sdlc datasheet q1-2015 v fnl
 
The 10 most innovative compliance assessment service provider 2021(1) compressed
The 10 most innovative compliance assessment service provider 2021(1) compressedThe 10 most innovative compliance assessment service provider 2021(1) compressed
The 10 most innovative compliance assessment service provider 2021(1) compressed
 
B2B Wave- Creating Ripples in B2B Industry
B2B Wave- Creating Ripples in B2B IndustryB2B Wave- Creating Ripples in B2B Industry
B2B Wave- Creating Ripples in B2B Industry
 
Security Hurts Business - Don't Let It
Security Hurts Business - Don't Let ItSecurity Hurts Business - Don't Let It
Security Hurts Business - Don't Let It
 
The 10 most trusted erm solution providers 2019
The 10 most trusted erm solution providers 2019The 10 most trusted erm solution providers 2019
The 10 most trusted erm solution providers 2019
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
 
Introduction to Digital Decisioning
Introduction to Digital DecisioningIntroduction to Digital Decisioning
Introduction to Digital Decisioning
 
Building An AI-Powered Organization To Solve Today’s Business Problems
Building An AI-Powered Organization To Solve Today’s Business ProblemsBuilding An AI-Powered Organization To Solve Today’s Business Problems
Building An AI-Powered Organization To Solve Today’s Business Problems
 
The 10 most successful leaders revolutionizing the bfsi sectors 2021
The 10 most successful leaders revolutionizing the bfsi sectors 2021The 10 most successful leaders revolutionizing the bfsi sectors 2021
The 10 most successful leaders revolutionizing the bfsi sectors 2021
 

More from Insights success media and technology pvt ltd

India's Fastest Growing Start-ups to Watch.pdf
India's Fastest Growing Start-ups to Watch.pdfIndia's Fastest Growing Start-ups to Watch.pdf
India's Fastest Growing Start-ups to Watch.pdf
Insights success media and technology pvt ltd
 
The Fastest Growing Startups in Maharashtra Edition 1.pdf
The Fastest Growing Startups in Maharashtra  Edition 1.pdfThe Fastest Growing Startups in Maharashtra  Edition 1.pdf
The Fastest Growing Startups in Maharashtra Edition 1.pdf
Insights success media and technology pvt ltd
 
Best of 5 Bio-Technology Comapnies In India.pdf
Best of 5 Bio-Technology Comapnies In India.pdfBest of 5 Bio-Technology Comapnies In India.pdf
Best of 5 Bio-Technology Comapnies In India.pdf
Insights success media and technology pvt ltd
 
2022’s Best iPhone 13 Alternatives Presentation.pptx
2022’s Best iPhone 13 Alternatives Presentation.pptx2022’s Best iPhone 13 Alternatives Presentation.pptx
2022’s Best iPhone 13 Alternatives Presentation.pptx
Insights success media and technology pvt ltd
 
The Most Successful Business Leaders to follow-2022.pdf
The Most Successful Business Leaders to follow-2022.pdfThe Most Successful Business Leaders to follow-2022.pdf
The Most Successful Business Leaders to follow-2022.pdf
Insights success media and technology pvt ltd
 
Outstanding Women Lawyers 2022.pdf
Outstanding Women Lawyers  2022.pdfOutstanding Women Lawyers  2022.pdf
Outstanding Women Lawyers 2022.pdf
Insights success media and technology pvt ltd
 
The Top 10 Most Promising EV Solution Providers of 2022-compressed.pdf
The Top 10 Most Promising EV Solution Providers of 2022-compressed.pdfThe Top 10 Most Promising EV Solution Providers of 2022-compressed.pdf
The Top 10 Most Promising EV Solution Providers of 2022-compressed.pdf
Insights success media and technology pvt ltd
 
The 10 Best Franchises to Open in 2022.pdf
The 10 Best Franchises to Open in 2022.pdfThe 10 Best Franchises to Open in 2022.pdf
The 10 Best Franchises to Open in 2022.pdf
Insights success media and technology pvt ltd
 
Inspiring Bollywood Movies, Every Entrepreneur Should Watch.pdf
Inspiring Bollywood Movies, Every Entrepreneur Should Watch.pdfInspiring Bollywood Movies, Every Entrepreneur Should Watch.pdf
Inspiring Bollywood Movies, Every Entrepreneur Should Watch.pdf
Insights success media and technology pvt ltd
 
The 10 Most Profitable Franchises to own April2022.pdf
The 10 Most Profitable Franchises to own April2022.pdfThe 10 Most Profitable Franchises to own April2022.pdf
The 10 Most Profitable Franchises to own April2022.pdf
Insights success media and technology pvt ltd
 
10 Most Promising Architecture & Designing Firms 2021.pdf
10 Most Promising Architecture & Designing Firms 2021.pdf10 Most Promising Architecture & Designing Firms 2021.pdf
10 Most Promising Architecture & Designing Firms 2021.pdf
Insights success media and technology pvt ltd
 
Outstanding Women Lawyers 2022 May2022.pdf
Outstanding Women Lawyers 2022 May2022.pdfOutstanding Women Lawyers 2022 May2022.pdf
Outstanding Women Lawyers 2022 May2022.pdf
Insights success media and technology pvt ltd
 
7 Best Cyber Security Practices for Small Businesses.pdf
7 Best Cyber Security Practices for Small Businesses.pdf7 Best Cyber Security Practices for Small Businesses.pdf
7 Best Cyber Security Practices for Small Businesses.pdf
Insights success media and technology pvt ltd
 
Best of 5 Oil and Gas Companies.pdf
Best of 5 Oil and Gas Companies.pdfBest of 5 Oil and Gas Companies.pdf
Best of 5 Oil and Gas Companies.pdf
Insights success media and technology pvt ltd
 
Yoga Asanas- Help You to Attain the Perfect Mental Health Ever.pdf
Yoga Asanas- Help You to Attain the Perfect Mental Health Ever.pdfYoga Asanas- Help You to Attain the Perfect Mental Health Ever.pdf
Yoga Asanas- Help You to Attain the Perfect Mental Health Ever.pdf
Insights success media and technology pvt ltd
 
India's Emerging Startups
India's Emerging StartupsIndia's Emerging Startups
India's Leading Cyber Security Companies_compressed.pdf
India's Leading Cyber Security Companies_compressed.pdfIndia's Leading Cyber Security Companies_compressed.pdf
India's Leading Cyber Security Companies_compressed.pdf
Insights success media and technology pvt ltd
 
The Most Reliable Packaging Companies.pdf
The Most Reliable Packaging Companies.pdfThe Most Reliable Packaging Companies.pdf
The Most Reliable Packaging Companies.pdf
Insights success media and technology pvt ltd
 
The Most Reliable Fire And Safety Service Providers.pdf
The Most Reliable Fire And Safety Service Providers.pdfThe Most Reliable Fire And Safety Service Providers.pdf
The Most Reliable Fire And Safety Service Providers.pdf
Insights success media and technology pvt ltd
 
The women owining the businss arena.pdf
The women owining the businss arena.pdfThe women owining the businss arena.pdf
The women owining the businss arena.pdf
Insights success media and technology pvt ltd
 

More from Insights success media and technology pvt ltd (20)

India's Fastest Growing Start-ups to Watch.pdf
India's Fastest Growing Start-ups to Watch.pdfIndia's Fastest Growing Start-ups to Watch.pdf
India's Fastest Growing Start-ups to Watch.pdf
 
The Fastest Growing Startups in Maharashtra Edition 1.pdf
The Fastest Growing Startups in Maharashtra  Edition 1.pdfThe Fastest Growing Startups in Maharashtra  Edition 1.pdf
The Fastest Growing Startups in Maharashtra Edition 1.pdf
 
Best of 5 Bio-Technology Comapnies In India.pdf
Best of 5 Bio-Technology Comapnies In India.pdfBest of 5 Bio-Technology Comapnies In India.pdf
Best of 5 Bio-Technology Comapnies In India.pdf
 
2022’s Best iPhone 13 Alternatives Presentation.pptx
2022’s Best iPhone 13 Alternatives Presentation.pptx2022’s Best iPhone 13 Alternatives Presentation.pptx
2022’s Best iPhone 13 Alternatives Presentation.pptx
 
The Most Successful Business Leaders to follow-2022.pdf
The Most Successful Business Leaders to follow-2022.pdfThe Most Successful Business Leaders to follow-2022.pdf
The Most Successful Business Leaders to follow-2022.pdf
 
Outstanding Women Lawyers 2022.pdf
Outstanding Women Lawyers  2022.pdfOutstanding Women Lawyers  2022.pdf
Outstanding Women Lawyers 2022.pdf
 
The Top 10 Most Promising EV Solution Providers of 2022-compressed.pdf
The Top 10 Most Promising EV Solution Providers of 2022-compressed.pdfThe Top 10 Most Promising EV Solution Providers of 2022-compressed.pdf
The Top 10 Most Promising EV Solution Providers of 2022-compressed.pdf
 
The 10 Best Franchises to Open in 2022.pdf
The 10 Best Franchises to Open in 2022.pdfThe 10 Best Franchises to Open in 2022.pdf
The 10 Best Franchises to Open in 2022.pdf
 
Inspiring Bollywood Movies, Every Entrepreneur Should Watch.pdf
Inspiring Bollywood Movies, Every Entrepreneur Should Watch.pdfInspiring Bollywood Movies, Every Entrepreneur Should Watch.pdf
Inspiring Bollywood Movies, Every Entrepreneur Should Watch.pdf
 
The 10 Most Profitable Franchises to own April2022.pdf
The 10 Most Profitable Franchises to own April2022.pdfThe 10 Most Profitable Franchises to own April2022.pdf
The 10 Most Profitable Franchises to own April2022.pdf
 
10 Most Promising Architecture & Designing Firms 2021.pdf
10 Most Promising Architecture & Designing Firms 2021.pdf10 Most Promising Architecture & Designing Firms 2021.pdf
10 Most Promising Architecture & Designing Firms 2021.pdf
 
Outstanding Women Lawyers 2022 May2022.pdf
Outstanding Women Lawyers 2022 May2022.pdfOutstanding Women Lawyers 2022 May2022.pdf
Outstanding Women Lawyers 2022 May2022.pdf
 
7 Best Cyber Security Practices for Small Businesses.pdf
7 Best Cyber Security Practices for Small Businesses.pdf7 Best Cyber Security Practices for Small Businesses.pdf
7 Best Cyber Security Practices for Small Businesses.pdf
 
Best of 5 Oil and Gas Companies.pdf
Best of 5 Oil and Gas Companies.pdfBest of 5 Oil and Gas Companies.pdf
Best of 5 Oil and Gas Companies.pdf
 
Yoga Asanas- Help You to Attain the Perfect Mental Health Ever.pdf
Yoga Asanas- Help You to Attain the Perfect Mental Health Ever.pdfYoga Asanas- Help You to Attain the Perfect Mental Health Ever.pdf
Yoga Asanas- Help You to Attain the Perfect Mental Health Ever.pdf
 
India's Emerging Startups
India's Emerging StartupsIndia's Emerging Startups
India's Emerging Startups
 
India's Leading Cyber Security Companies_compressed.pdf
India's Leading Cyber Security Companies_compressed.pdfIndia's Leading Cyber Security Companies_compressed.pdf
India's Leading Cyber Security Companies_compressed.pdf
 
The Most Reliable Packaging Companies.pdf
The Most Reliable Packaging Companies.pdfThe Most Reliable Packaging Companies.pdf
The Most Reliable Packaging Companies.pdf
 
The Most Reliable Fire And Safety Service Providers.pdf
The Most Reliable Fire And Safety Service Providers.pdfThe Most Reliable Fire And Safety Service Providers.pdf
The Most Reliable Fire And Safety Service Providers.pdf
 
The women owining the businss arena.pdf
The women owining the businss arena.pdfThe women owining the businss arena.pdf
The women owining the businss arena.pdf
 

Recently uploaded

Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Satta Matka
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Satta MatkaDpboss Matka Guessing Satta Matta Matka Kalyan Chart Satta Matka
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Satta Matka
➒➌➎➏➑➐➋➑➐➐Dpboss Matka Guessing Satta Matka Kalyan Chart Indian Matka
 
Call 8867766396 Satta Matka Dpboss Matka Guessing Satta batta Matka 420 Satta...
Call 8867766396 Satta Matka Dpboss Matka Guessing Satta batta Matka 420 Satta...Call 8867766396 Satta Matka Dpboss Matka Guessing Satta batta Matka 420 Satta...
Call 8867766396 Satta Matka Dpboss Matka Guessing Satta batta Matka 420 Satta...
bosssp10
 
Digital Transformation Frameworks: Driving Digital Excellence
Digital Transformation Frameworks: Driving Digital ExcellenceDigital Transformation Frameworks: Driving Digital Excellence
Digital Transformation Frameworks: Driving Digital Excellence
Operational Excellence Consulting
 
The APCO Geopolitical Radar - Q3 2024 The Global Operating Environment for Bu...
The APCO Geopolitical Radar - Q3 2024 The Global Operating Environment for Bu...The APCO Geopolitical Radar - Q3 2024 The Global Operating Environment for Bu...
The APCO Geopolitical Radar - Q3 2024 The Global Operating Environment for Bu...
APCO
 
Innovation Management Frameworks: Your Guide to Creativity & Innovation
Innovation Management Frameworks: Your Guide to Creativity & InnovationInnovation Management Frameworks: Your Guide to Creativity & Innovation
Innovation Management Frameworks: Your Guide to Creativity & Innovation
Operational Excellence Consulting
 
Unveiling the Dynamic Personalities, Key Dates, and Horoscope Insights: Gemin...
Unveiling the Dynamic Personalities, Key Dates, and Horoscope Insights: Gemin...Unveiling the Dynamic Personalities, Key Dates, and Horoscope Insights: Gemin...
Unveiling the Dynamic Personalities, Key Dates, and Horoscope Insights: Gemin...
my Pandit
 
Chapter 7 Final business management sciences .ppt
Chapter 7 Final business management sciences .pptChapter 7 Final business management sciences .ppt
Chapter 7 Final business management sciences .ppt
ssuser567e2d
 
2022 Vintage Roman Numerals Men Rings
2022 Vintage Roman  Numerals  Men  Rings2022 Vintage Roman  Numerals  Men  Rings
2022 Vintage Roman Numerals Men Rings
aragme
 
Top mailing list providers in the USA.pptx
Top mailing list providers in the USA.pptxTop mailing list providers in the USA.pptx
Top mailing list providers in the USA.pptx
JeremyPeirce1
 
How MJ Global Leads the Packaging Industry.pdf
How MJ Global Leads the Packaging Industry.pdfHow MJ Global Leads the Packaging Industry.pdf
How MJ Global Leads the Packaging Industry.pdf
MJ Global
 
Maksym Vyshnivetskyi: PMO KPIs (UA) (#12)
Maksym Vyshnivetskyi: PMO KPIs (UA) (#12)Maksym Vyshnivetskyi: PMO KPIs (UA) (#12)
Maksym Vyshnivetskyi: PMO KPIs (UA) (#12)
Lviv Startup Club
 
How to Implement a Strategy: Transform Your Strategy with BSC Designer's Comp...
How to Implement a Strategy: Transform Your Strategy with BSC Designer's Comp...How to Implement a Strategy: Transform Your Strategy with BSC Designer's Comp...
How to Implement a Strategy: Transform Your Strategy with BSC Designer's Comp...
Aleksey Savkin
 
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
taqyea
 
Zodiac Signs and Food Preferences_ What Your Sign Says About Your Taste
Zodiac Signs and Food Preferences_ What Your Sign Says About Your TasteZodiac Signs and Food Preferences_ What Your Sign Says About Your Taste
Zodiac Signs and Food Preferences_ What Your Sign Says About Your Taste
my Pandit
 
Industrial Tech SW: Category Renewal and Creation
Industrial Tech SW:  Category Renewal and CreationIndustrial Tech SW:  Category Renewal and Creation
Industrial Tech SW: Category Renewal and Creation
Christian Dahlen
 
Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...
Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...
Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...
SOFTTECHHUB
 
Best Competitive Marble Pricing in Dubai - ☎ 9928909666
Best Competitive Marble Pricing in Dubai - ☎ 9928909666Best Competitive Marble Pricing in Dubai - ☎ 9928909666
Best Competitive Marble Pricing in Dubai - ☎ 9928909666
Stone Art Hub
 
Digital Marketing with a Focus on Sustainability
Digital Marketing with a Focus on SustainabilityDigital Marketing with a Focus on Sustainability
Digital Marketing with a Focus on Sustainability
sssourabhsharma
 
Part 2 Deep Dive: Navigating the 2024 Slowdown
Part 2 Deep Dive: Navigating the 2024 SlowdownPart 2 Deep Dive: Navigating the 2024 Slowdown
Part 2 Deep Dive: Navigating the 2024 Slowdown
jeffkluth1
 
How are Lilac French Bulldogs Beauty Charming the World and Capturing Hearts....
How are Lilac French Bulldogs Beauty Charming the World and Capturing Hearts....How are Lilac French Bulldogs Beauty Charming the World and Capturing Hearts....
How are Lilac French Bulldogs Beauty Charming the World and Capturing Hearts....
Lacey Max
 

Recently uploaded (20)

Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Satta Matka
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Satta MatkaDpboss Matka Guessing Satta Matta Matka Kalyan Chart Satta Matka
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Satta Matka
 
Call 8867766396 Satta Matka Dpboss Matka Guessing Satta batta Matka 420 Satta...
Call 8867766396 Satta Matka Dpboss Matka Guessing Satta batta Matka 420 Satta...Call 8867766396 Satta Matka Dpboss Matka Guessing Satta batta Matka 420 Satta...
Call 8867766396 Satta Matka Dpboss Matka Guessing Satta batta Matka 420 Satta...
 
Digital Transformation Frameworks: Driving Digital Excellence
Digital Transformation Frameworks: Driving Digital ExcellenceDigital Transformation Frameworks: Driving Digital Excellence
Digital Transformation Frameworks: Driving Digital Excellence
 
The APCO Geopolitical Radar - Q3 2024 The Global Operating Environment for Bu...
The APCO Geopolitical Radar - Q3 2024 The Global Operating Environment for Bu...The APCO Geopolitical Radar - Q3 2024 The Global Operating Environment for Bu...
The APCO Geopolitical Radar - Q3 2024 The Global Operating Environment for Bu...
 
Innovation Management Frameworks: Your Guide to Creativity & Innovation
Innovation Management Frameworks: Your Guide to Creativity & InnovationInnovation Management Frameworks: Your Guide to Creativity & Innovation
Innovation Management Frameworks: Your Guide to Creativity & Innovation
 
Unveiling the Dynamic Personalities, Key Dates, and Horoscope Insights: Gemin...
Unveiling the Dynamic Personalities, Key Dates, and Horoscope Insights: Gemin...Unveiling the Dynamic Personalities, Key Dates, and Horoscope Insights: Gemin...
Unveiling the Dynamic Personalities, Key Dates, and Horoscope Insights: Gemin...
 
Chapter 7 Final business management sciences .ppt
Chapter 7 Final business management sciences .pptChapter 7 Final business management sciences .ppt
Chapter 7 Final business management sciences .ppt
 
2022 Vintage Roman Numerals Men Rings
2022 Vintage Roman  Numerals  Men  Rings2022 Vintage Roman  Numerals  Men  Rings
2022 Vintage Roman Numerals Men Rings
 
Top mailing list providers in the USA.pptx
Top mailing list providers in the USA.pptxTop mailing list providers in the USA.pptx
Top mailing list providers in the USA.pptx
 
How MJ Global Leads the Packaging Industry.pdf
How MJ Global Leads the Packaging Industry.pdfHow MJ Global Leads the Packaging Industry.pdf
How MJ Global Leads the Packaging Industry.pdf
 
Maksym Vyshnivetskyi: PMO KPIs (UA) (#12)
Maksym Vyshnivetskyi: PMO KPIs (UA) (#12)Maksym Vyshnivetskyi: PMO KPIs (UA) (#12)
Maksym Vyshnivetskyi: PMO KPIs (UA) (#12)
 
How to Implement a Strategy: Transform Your Strategy with BSC Designer's Comp...
How to Implement a Strategy: Transform Your Strategy with BSC Designer's Comp...How to Implement a Strategy: Transform Your Strategy with BSC Designer's Comp...
How to Implement a Strategy: Transform Your Strategy with BSC Designer's Comp...
 
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
 
Zodiac Signs and Food Preferences_ What Your Sign Says About Your Taste
Zodiac Signs and Food Preferences_ What Your Sign Says About Your TasteZodiac Signs and Food Preferences_ What Your Sign Says About Your Taste
Zodiac Signs and Food Preferences_ What Your Sign Says About Your Taste
 
Industrial Tech SW: Category Renewal and Creation
Industrial Tech SW:  Category Renewal and CreationIndustrial Tech SW:  Category Renewal and Creation
Industrial Tech SW: Category Renewal and Creation
 
Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...
Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...
Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...
 
Best Competitive Marble Pricing in Dubai - ☎ 9928909666
Best Competitive Marble Pricing in Dubai - ☎ 9928909666Best Competitive Marble Pricing in Dubai - ☎ 9928909666
Best Competitive Marble Pricing in Dubai - ☎ 9928909666
 
Digital Marketing with a Focus on Sustainability
Digital Marketing with a Focus on SustainabilityDigital Marketing with a Focus on Sustainability
Digital Marketing with a Focus on Sustainability
 
Part 2 Deep Dive: Navigating the 2024 Slowdown
Part 2 Deep Dive: Navigating the 2024 SlowdownPart 2 Deep Dive: Navigating the 2024 Slowdown
Part 2 Deep Dive: Navigating the 2024 Slowdown
 
How are Lilac French Bulldogs Beauty Charming the World and Capturing Hearts....
How are Lilac French Bulldogs Beauty Charming the World and Capturing Hearts....How are Lilac French Bulldogs Beauty Charming the World and Capturing Hearts....
How are Lilac French Bulldogs Beauty Charming the World and Capturing Hearts....
 

The 10 most trusted risk management solution providers 2019

  • 1. Vol 10|Issue 05| 2019 EDGILEModern Approach towards Protecting Enterprises The 10 Most Trusted Risk Management Solution Providers 2019 Don Elledge CEO +
  • 2.
  • 3.
  • 4. Building a Culture of Risk Management Solution Provider Risk is intrinsic to every business and managing risk is an increasingly important business driver. Risk concerns in the world of business have always been the most important aspect. Be it Information Technology or Healthcare Industry, enterprises today are on the crisp of the risk crisis. Today, companies have to deal with multiple forms of digital change simultaneously, mostly increasing cloud adoption, but also increasingly mobile, IoT, robotic process automation, and advanced AI efforts. With each passing day, attacks on the unsecured digital world are on the rise, driving up risks in every industry sector around the globe. Partners, employees, and customers increasingly communicate with the digital medium which creates more risk and jeopardizes compliance. Gartner predicts that, by 2020, there will be more than 20 billion internet- connected devices in use, with Internet of Things (IoT) connecting everything from jet engines and commercial vehicles to manufacturing equipment & office equipment to personal cars and consumer electronics. Educating enterprises about risks and security is one of the biggest challenges. Most companies see the productivity gains that can come from technology and jump – but they don't always understand the risks. Or, even if they do, they don't understand the urgency. Protecting private and corporate customers from such risks is a major challenge for all companies. What are the best chances to reduce risk? This is where Risk Management Solution Experts provide a full range of fraud prevention services to help you effectively manage ongoing threats. They are here to help. And, that is why enterprises today critically need trusted Risk and compliance partners to manage the digital risk. Editor’s Desk “Ensuring Enterprises know their Risks, & easily Detect and Locate with Risk- Management Providers”.
  • 5. What’s unique about Risk Management Solution Providers? They advise customers on business and technology challenges in risk management & fraud prevention. These industries provide real-time visibility and identify all devices on the network in real-time. Such organizations identify, analyze, and evaluate risks that may impact your business. From global consumer retailers to regional manufacturing companies, the need to strengthen compliance management programs, and develop strong risk culture is paramount. That is the reason Insights Success introduces “The 10 Most Trusted Risk Management Solution Providers, 2019” which is a constantly-changing global risk- management landscape. Featuring the Cover Story is is a leader inEdgile building IRM/GRC programs for highly-regulated companies, both large and small. A big advantage of the company's approach is that it allows tailoring environments to the enterprise's needs while avoiding true customization that can create problems down the road. For almost two decades, Edgile has helped Fortune 500 companies deal with risk and compliance issues, by tackling the intersection of the four areas where enterprise GRC efforts generally fail. Also, makes sure to scroll through the articles written by our in-house editorial team and CXO standpoints of some of the leading industry experts to have a brief knowledge of the sector. Kaustav Roy
  • 6. Editor’s Pick Data Center Security: Controlling Possible Threats Industry Trends Key POS Trends Reshaping the Reatil ARTICLES 38 20 Cover Story Edgile Modern Approach towards Protecting Enterprises 08
  • 7. CFM Partners Strategic Technology for Modern Compliance Professionals Corlytics Empowering Clients to Make Informed Choices 18 28 Closing the IoT Security Gap Matrix-IFS The Modern Day Crime Fighters. Protecting Financial Institutions from Hackers, Fraudsters & Money Launderers. 34 40Great Bay Software Expert’s Thoughts What GDPR Forgets The Physical Security Industry Intel Allowing Regulated Entitiesto Connect and Structure their Data Interpreting Risks Minimizing the Adverse Effects of Risks 4232 24
  • 8.
  • 9. sales@insightssuccess.com October, 2019 Editor-in-Chief Senior Sales Manager Business Development Manager Marketing Manager Technical Head Technical Specialist Digital Marketing Manager Research Analyst Database Management Technology Consultant Pooja M. Bansal Managing Editor Anish Miller Executive Editor Rohit Chaturvedi Assistant Editors Jenny Fernandes Hitesh Dhamani Visualizer David King Art & Design Director Amol Kamble Associate Designer Kushagra Gupta Kshitij S Philip Walker John Matthew Sales Executives David, Kevin, Andy, Maneesh Business Development Executives Steve, Joe, Alan, AnupJacob Smile Aditya Marry D'Souza SME-SMO Executive Prashant Chevale Frank Adams Circulation Manager Robert Brown Stella Andrew David Stokes Karan Gaikwad Co-designer Copyright © 2019 Insights Success, All rights reserved. The content and images used in this magazine should not be reproduced or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without prior permission from Insights Success. Reprint rights remain solely with Insights Success. Follow us on : www.facebook.com/insightssuccess/ www.twitter.com/insightssuccess We are also available on :
  • 11. EdgileModern Approach towards Protecting Enterprises COVER STORY Building a culture of quality and devotion to service within a challenging, rewarding and exciting work environment. “ The Trusted
  • 12.
  • 13. Fortune 500 enterprises today are engulfed in a tidal wave of digital changes, which in turn creates hurdles for IT, legal, privacy, compliance, information security, and the business. Even worse, these companies are having to deal with multiple forms of digital change simultaneously, mostly increasing cloud adoption, but also increasingly mobile, IoT, robotic process automation, and advanced AI efforts. Employees, partners, and customers are increasingly trying to communicate digitally, which would be a wonderful advancement- were it not for those pesky GRC efforts. By its very definition, digital transformation creates more risk and jeopardizes compliance. That is why enterprises today critically need trusted risk and compliance partners to manage the digital risk. But compliance is hardly a static situation. It is a mix of often-contradictory-- and constantly changing-- rules from state, federal, global and industry-specific compliance and regulatory requirements, including PCI, SOX, NIST, NY DFS, FFIEC, HIPPA and a myriad of state privacy mandates. That’s where Edgile comes in. Edgile is a leader in building IRM/GRC programs for highly-regulated companies, both large and small. A big advantage of the company’s approach is that it allows to tailor environments to the enterprise’s needs while avoiding true customization that can create problems down the road. For almost two decades, Edgile has helped Fortune 500 companies deal with risk and compliance issues, by tackling the intersection of the four areas where enterprise GRC efforts generally fail. These areas consist of the constantly-changing global compliance landscape; the evolving threat- technology landscape; mismatches in roles and responsibilities between the enterprise and their vendors (e.g., Saas, IaaS) the related nuances of cloud security compliance; and the almost-limitless configuration and related product options being offered by the major GRC vendors. An Organization of GRC implications Enterprises today face an avalanche of GRC choices. How to migrate to an earlier platform? What configuration choices make the best sense for that We secure the modern enterprise. “ “
  • 14. company, given its size, geography and vertical? What are the GRC implications as the enterprise moves more and more deeply into the cloud? For that matter, those answers change depending on which cloud provider is being leveraged. What GRC tool to implement? Which implementation partner? Then there are the complexities that happen with every business unit sale and especially every acquisition, with new software licenses and homegrown legacy apps forced into the enterprise technology equation. The experienced Edgile team members have an average of more than ten years of experience in a wide range of GRC programs, from functional to technical engineering. This is rare and difficult to find because other companies tend to focus on just one of these areas, such as solely dealing with security or just compliance. But without factoring in all of these considerations-- the enterprises current and future operations, current and future compliance changes, partner new or changed capabilities, changes in the enterprise’s operating environment, such as new cyberthief tactics-- it’s impossible to truly help an enterprise with its complex and ongoing GRC efforts. Edgile’s experience in delivering this comprehensive and holistic strategy has allowed it to create a precise methodology that allows enterprise executives to understand their GRC environment and to deal with it at their own chosen pace. Indeed, This methodology doesn’t simply make efforts easier for IT, Security, Compliance, Auditing, and other traditional GRC operating units, but it also helps articulate to the CEO, CFO, and board members that their security dollars are being used shrewdly. Life Made Easier by Managing Risk Edgile’s expertise extends beyond its 16 industry verticals, delving deeply into managing the risk of an enterprise’s entire digital transformation. The cloud itself, for example, is typically far more naunced and complicated than most executives assume because of hybrid cloud environments, where the company is neither fully in the cloud nor fully on-prem but it is doing both – to varying degrees as it slowly transitions to an eventual all- cloud environmental. That painstaking slow process must be managed delicately, as those changes can have non-obvious impacts on both risk and compliance. And as enterprise shift more of their resources, data, tools, and other applications to the cloud, the number of elements that are suddenly – and sometimes invisibly - beyond their control soars. Edgile offers proven services to help solve complex security challenges across many industries including healthcare, financial services, energy, retail, et al. “
  • 16. Another critical area for Edgile is regulatory change management. Although it starts with a team of compliance experts that are tracking global, federal, state, municipal, and industry laws, regulations and other requirements every day, the most powerful element is applying those changes-and the anticipated near-term compliance changes – to the specifics of each enterprise. How does it impact that company’s policies and operations? What are the best changes to both improve compliance and reduce risk? That’s what Edgile delivers. Approach and Advantage Edgile has seen a rapid rise in organizations making the IRM /GRC move to ServiceNow. This isn’t surprising as: ServiceNow is a Gartner Magic Quadrant Leader in the GRC space ServiceNow is the authoritative source for much of what needs to be managed via GRC so having native access without API integration is a huge benefit. ServiceNow platform enables synergies across the three lines of defense ServiceNow offers the first real opportunity to achieve continuous monitoring & automate early warnings via KPI/KRI sustainably and cost- effectively. Unique Client Risk Programs What’s unique about Edgile is their focus on building client risk programs, using their proven 5-pass methodology and automated access they provide to the rapidly changing regulatory environment. Edgile’s ArC, Automated Regulatory Compliance Managed Content Service has a team that tracks so much easier to share information. “When our auditors come and ask for specific information around our IT general controls, we can point them into ServiceNow rather than having to send them Zip files or give them access to SharePoint that would require them to then have VPN access, etc.,” Liebergen said. Committed and Determined Leader A professional leader with a wealth of experience has the ability to understand how businesses operate and applying his positive enthusiasm, motivates teams into producing results. Don Elledge, the CEO is one such committed and determined leader who founded Edgile in 2001. Don holds an undergraduate degree in finance from the University of Texas, and an MBA from the University of Washington with a focus on economics. Prior to founding Edgile, Don was a partner at Deloitte, where he established a national security practice focused on e-business security. He also spent four years in New York working at First Boston in the financial industry. He advises clients on security and risk issues by the rapidly changing technology environment, and his forward-thinking view has positioned the company as a trusted, strategic partner. Don is responsible for growing the company into a leading security and risk services organization serving Fortune 500 companies. more than 500 states, federal, global & industry-specific compliance and regulatory requirements every day. Edgile’s ArC coupled with its Regulatory Change Management Solution allows the company to help clients’ pinpoint control and policy changes necessary to achieve compliance. Critically, Edgile works closely with Fortune 500 executives, to understand not only where they operate today but to try and focus on where they expect to be in 6-18 months and where they are heading strategically in the long- term. The team then collaborates with both technology and the business leaders to frame a roadmap. Better Services with ServiceNow One enterprise that both Edgile and ServiceNow have helped is Banner Health, which owns 20 hospitals across six states. “Taking all of those materials and shifting it into a platform allowed us to maintain data, to see the audit trails of who did what when we just continued referencing it while putting that data continuously in the customers’hands,” said Banner Health IS Governance Director Greg Liebergen. He also says “I don’t believe that we did any customization at all. It’s taking the ServiceNow tool and using its out-of-box capabilities, the workflows, the different aspects of the module that exist and configuring them so that they use the language that we use internally the terminology. It was a big thing for us not to have to use customization, just to make it overall easier to use the tool on a day- to-day basis. But also, when the time came for platform upgrades, that we’re not struggling, trying to take our unique item and fit them into ServiceNow’s upgraded platform to provide more capabilities.” Another advantage of not having to customize the coding is that it makes it
  • 17.
  • 18.
  • 19. Address : Country :City : State : Zip : Date :Name : Telephone : Email : Che should be drawn in favor of:que INSIGHTS SUCCESS MEDIA TECH LLC Global Subscription 1 Year.......... $250.00(12 Issues) .... 6 Months ..... (06 Issues) ..... $130.00 3 Months ... (03 Issues) .... $70.00 1 Month ...... (01 Issue) ..... $25.00 SUBSCRIBE TODAY
  • 20. CFM Partners Strategic Technology for Modern Compliance Professionals High-risk employee behaviors that make headlines, combined with ever-changing government regulations, heightened public awareness of corporate responsibility, and rising risk-related costs have prompted compliance executives to seek solutions that will help them manage Governance, Risk, and Compliance (GRC) efficiently and effectively. Based in Washington, D.C., CFM Partners has been on the frontlines of GRC management for over 20 years, offering knowledge-based solutions to help companies proactively manage their risk, turn compliance into performance, and develop effective governance strategies. The Company that “Gets It” Employee misconduct often originates from gaps in communication and adoption of policies among groups, departments, and individuals -- gaps that the team at CFM Partners works to bridge through its expertise and technology. Businesses spend a tremendous amount of time and effort carefully developing policies, procedures, and educational materials to guide employees and management in how to do their jobs well and minimize the risk of negative incidents. However, it can be a struggle to implement them in a way that encourages a culture of compliance, where each member of the organization understands their role and responsibilities. CFM’s flagship solution, Access Compliance™, promotes cultures of compliance by helping companies modernize their approach to policy and procedure management through easily-accessible, relevant, and understandable training, as well as systematic communication that lets nothing slip through the cracks. Access Compliance™ Access Compliance delivers policies, procedures, and other important information that are directly relevant to the role, responsibilities, and environment of every user, when and where they need that information, thereby enhancing employee productivity while embedding compliance into day-to-day business practices. It aligns corporate, business group, and country-specific policies – at the end-user level – to ensure users don’t have to sift through volumes of irrelevant information. They see only the policies they need to do their jobs, stay compliant, and stay productive. The platform makes role-appropriate information and education easily searchable and accessible. Beth Murphy Founder, President & CEO www.insightssuccess.com18 2019|October
  • 21. Integrated throughout Access Compliance are features that allow administrators to designate who sees what and when, via CFM’s exclusive Push-by-Profile™ distribution and customized audience assignments. This feature has helped the company secure a well-differentiated position among regtech providers by ensuring the right information is at the fingertips of the right people at the right time. “Risk is substantially mitigated by consistently making people aware of how a particular policy, procedure, or regulation applies to them and their job,” said CEO Beth Murphy. “We determined early-on that our solutions need to be configurable to deliver information that is relevant to each user to be truly effective.” CFM Partners also led the field in delivering solutions in the cloud. Leveraging cloud-computing technology, Access Compliance hosts a suite of solutions and tools that are modular, integrated, configurable, and customizable. Applications and content are swiftly deployed across different regions to specific, appropriate audiences – providing clients with round-the-clock access to the information they need to do their jobs well. Modular design also makes it possible for organizations to acquire as much, or as little, functionality as they need. “When we see an opportunity to enhance our solutions in ways that matter to our clients, we readily pursue those enhancements and make them a reality. It’s kept us ahead of the market repeatedly over the years,” Murphy notes. Streamlined for Managers The easier it is to administer a solution, the more effective it will be. Access Compliance includes tools and templates that make it easy for clients to map policies to groups that need them. “We’ve worked to centralize and streamline the management of policies and procedures, as well as distribute them through a single interface,” Murphy explains. "Features provide a way to standardize policy and procedure development by clearly indicating who owns the content, when it was last updated, where it impacts the organization, and more.” Access Compliance also provides a single access point where managers can see when, where, and by whom policies are reviewed. These tracking features are ideal for managers who understand the importance of monitoring for red flags that may indicate additional communication or employee training is needed. Beyond monitoring, Access Compliance generates reports that document when policies have been reviewed or training programs completed. Data is archived for future reference and regulatory compliance. Education Is Key “Simply put, companies that know better, do better,” Murphy observes. Effective compliance education starts with a corporation’s policies and procedures and is supplemented with training to fully educate employees on complex or critical issues. Access Compliance’s education and training module features a suite of online course libraries with topics including Cybersecurity Awareness, Conflicts of Interest, Anti-Bribery, Sexual Misconduct Prevention, and Use of Social Media, to name only a few. Its robust functionality provides easy course administration, customizable and tailored content, review and monitoring of employee progress, reporting, and updates. Clients Come First “Every client has its own distinctive needs,” Murphy reflects. “We meet our clients where they are, and our philosophy is to adapt our products and services to meet the needs of each organization.” Deep knowledge, innovative solutions, and an unwavering commitment to client success are the keystones upon which CFM Partners built its business. When we see an opportunity to enhance our solutions in ways that matter to our clients, we readily pursue those enhancements and make them a reality. It’s kept us ahead of the market repeatedly over the years. The Trusted www.insightssuccess.com 2019| 19October
  • 22. In recent times, the retail industry hasn’t seen a more exciting invention since the invention of cash register. With new and innovative technologies helping shape both online and offline experiences for consumers, the landscape is continuously changing in a way which was unimaginable even few years back. The best part is that there seems to be no end of the innovation, which only influencing the purchase decision of the consumers. Nowadays the main focus of retailers is to create a safe, engaging, and unique shopping experience for its consumers, it’s very important for the retailers to understand the importance of Big Data and in-store analytics and adapting to the cloud. With the retail industry at the verge of massive transformation, we are listing out few key trends that everyone needs to know to be successful in the ecosystem that is transforming quickly. Multi-system Integration Multi-system integration with various applications gets the utmost priority from top retailers. Most of the retailers list out POS integration with other applications as a key priority alongside the implementation of dynamic marketing content through mobile devices. This is mostly due to the retailer’s interest to store all the customer information and purchase history in a database, which is completely centralized that could be easily integrated with multiple applications. However, in order to do that, a retailer needs to use an ERP database that can handle all these. Speed People always look for quick solutions for everything. A clock starts ticking the moment a customer enters, no matter how good the product is, if the process is slow and the attention to details are missing, then customers will leave disappointed. As a retailer, one cannot please everyone, but with a modern and efficient POS, the service can be improved. A modern POS simplifies the communication between various departments and can save a lot of time for both the retailer and the customer respectively. Managing Stocks Keeping and managing inventory is a nightmare for most of the retailers, and it’s quite natural. Managing inventory is a never-ending task and takes a lot of effort, time, and manpower. However, it is quite important to manage inventories when it comes to long-time survival. An efficient POS system always makes the process of managing the inventory much easier. The best part of a POS is, one can monitor the status of stocked items, shipped products, and new orders anytime. This is a huge time saver for a cumbersome and a tedious process, and eventually helps retailers to focus on other important aspects of running the business. Customized Experience With POS systems, retailers just need to provide personalization that scoops out every shopper. Every passing year, retailers are adapting to personalized technology solutions that allow an interactive user experience. Thanks to the emergence of all new mobile POS technology, now retailers can offer its customers more choices to accommodate their shopping habits by letting them to complete transactions anywhere in the store. Now with the invention of improved POS marketers and customer service teams can contact the buyer at each point of their purchase decision. With so much data retailers and consumers can have better customer service, quicker payment processes and access to better offers and real-time personalization. POS Trends Reshaping the Reatil Sector www.insightssuccess.com20 2019|October
  • 23. Promotions and Marketing at its Best Nowadays with the advent of digital technology, marketing involves maintaining a digital presence as well. A POS can integrate all the advertised offers with transactions, making it easier to keep track of all the campaigns. Additionally, it can integrate with CRM and track customer behavior. When an offer gets popular among the masses, then the retailer will see it in his transaction data. Usage of Big Data analytics In order to compete with e-commerce, retailers are now taking the help of Big-Data and in store analytics just to have a better idea about what’s happening inside the store. Big-Data analytics helps retailers to track how frequently a specific item moves from shelf to shopping cart allows retailers to know the trends that are dominant in the market. Analytics helps the retail industry in a big way to better understand consumer purchase pattern and behaviors. Keeping Track of Employees To run a business smoothly a retailer, need few people. A POS system enables to manage them with great accuracy. With a Point of Sale system in place, employees can sign on or off easily and the system will automatically log their work hours and break hours. Security Above all, a POS system offers great security protections that help keeping customer data safe. Retail stores and businesses are always prime targets for Cyber Criminals, and a data breach is not good for a business. So, by using standard encryption and firewall, businesses can be secured from cyber-attacks and customers can swipe their cards with a peace of mind. So, here we have listed out few of the POS trends that will shape the future of the retail industry. As we look ahead, these trends will be on focus for both retailers and customers. The main advantage of an advanced POS system is greater efficiency and optimization, it links all the departments together which eventually allows to have better control over the inventory, better profitability, and to manage processes in an efficient way. Industry Trends www.insightssuccess.com 2019| 21October
  • 24.
  • 25.
  • 26. Gisle M. Eckhoff CEO, DigiPlex www.insightssuccess.com24 2019|October
  • 27. The Physical Security Gisle M. Eckhoff joined DigiPlex in August 2014 as Chief Execu ve Officer. He brings nearly thirty years’ experience in senior posi ons in the IT industry in the US, Sweden, UK and Denmark as well as at home in Norway. Gisle is the former Senior Vice President and Managing Director of CGI’s opera on in Norway, and has also held a number of senior management roles at both country and regional levels in CSC Computer Sciences Corpora on. The experience and knowledge gained from heading up the Financial Services ver cal in the Nordic region, before becoming Vice President and Managing Director of CSC in both Norway and Sweden, is of great value when implemen ng DigiPlex’ growth strategy in the Nordic markets. he EU’s GDPR legislature will have consequences for every company doing business in TEurope, including American companies. The new directive promises sizeable fines to anyone that does not take personal data seriously. Meanwhile, the data centre company DigiPlex urges companies to focus on another important aspect: physical security. The General Data Protection Regulation’s (GDPR) purpose is to harmonize legislation related to personal information across the EU’s member states. It does however also create radical challenges for American businesses holding information on EU customers. Come May 2018, when the legislation enters into force, companies will have publicly disclosed how the data is used, in addition to offering transparency for individuals seeking access to their data. The GDPR includes a sanction mechanism, and the fines for non-compliance can reach 4 percent of a company’s annual revenue. • Business will obviously change for everyone not taking personal information seriously. This will clearly raise awareness regarding how the data is secured, but it’s also vital not to forget where the information is located, says DigiPlex CEO, Gisle M. Eckhoff. About the Author www.insightssuccess.com 2019| 25October Expert’s Thoughts
  • 28. Moving data to safety American computer security company, McAfee, published a study of over 800 company leaders from different sectors. The report reveals that 50 percent of the respondents state that they would like to move their data to a more secure location. A motivating factor is the new EU legislation. The report also reveals that 74 percent of the business leaders specified that they thought protecting the data correctly would attract new customers. • Data security is not just about protecting yourself against hacking and other digital threats. The overall security critically depends on where your data is stored. Companies who actively select a secure data centre to host their data will gain a competitive advantage in the market as the management of personal information is in the spotlight, says Eckhoff. Physical security is forgotten While EU-based companies are in the process of adapting to the GDPR, Gartner predicted only 50 percent of American firms will be ready for the strict regulation by the end of 2018. It’s primarily the largest companies and public enterprises that are furthest along in the process of adaptation. According to Eckhoff, they are usually the ones that are the most concerned with data security and where it is stored. Fire and operational safety are two obvious challenges, but physical security also includes securing yourself against theft. • Several smaller businesses and organizations keep their data servers at their offices, and the physical security in many of the smaller data centers is almost absent. If your data is stored in such a data center, where someone easily could break in and physically remove the hardware containing your information, then you are very vulnerable – both operationally and in relation to GDPR, says Eckhoff. At DigiPlex’s data centers, several layers of security ensure the safety of the data and the personal information that is stored there. Physical security is one of the most complicated and expensive features when building or updating a data center. That is why newly established data centers have to reach critical mass, allowing them to store enough data to compensate for the large security investment. Adapting to GDPR One consideration to take, as we are getting closer to the implementation date of GDPR, is where your data center should be located. Several US based companies are already relocating their centers to the EU in order to comply. Multiple database providers are helping non-EU companies organize and segregate EU data from other personal information. The data center industry is well established in Europe, and some of the most cost and climate efficient centers are located in the Nordic countries. In the Nordics, the cool climate helps chill down vast amounts of hardware that otherwise would have been cooled down solely by electricity. Additionally, the electricity that is required by data centers to run their operations is supplied through easy access to affordable renewable energy. • In recent years, we have seen political turbulence in larger parts of the world, Europe included. The stabile political environment in the Nordic countries is also a climate to consider, as the establishment of data centers is a long-term investment, says Eckhoff. www.insightssuccess.com26 2019|October
  • 29.
  • 30. Corlytics Empowering Clients to Make Informed Choices ack in 2008, when the Lehman Brothers filed for Bbankruptcy, it was done with fear and confusion, following one of the worst economic meltdown since 1920’s great depression. Up until then Lehman Brothers survived the great depression, two world wars, cash shortage, the Russian debt default of 1998 and the long term capital management collapse. However, despite surviving all these, the collapse of the housing market in the US brought Lehman brothers to its knees. Back in 2008, compliance was a nuisance function that banks used to keep in the back office. Its importance wasn’t fully appreciated, and there had been a complete lack of investment in it. Fifteen years ago, banks may have paid attention to the regulators, but they didn’t worry about them the way they do today. So, with the target of delivering world class regulatory risk data and analytics, Corlytics empowers its partners to make transformational, informed, and positive choices. It uses a combination of artificial and human intelligence to categorize and organize regulatory notices and when required, internal firm data, into highly structured relevant information. This allows regulated firms to protect themselves from unexpected exposures and fines. The Inception Story Thanks to the global economic meltdown of 2008, banks and other financial institutions have been confronted by an intimidating stack of new regulations. However, the founders of Corlytics found a business opportunity in the landslide of 54,000 regulatory documents which was published by 130 different agencies of the G20 countries. The most shocking part of this financial meltdown was Lehman Brother’s bankruptcy filing, since the great depression of 1920s no major bank had failed. And suddenly one of the top 10 investment banks was gone! Just like that! This created a problem that was unseen before. In fact, the biggest risk for the world’s top 20 banks today is regulatory risk. Last year there were about $100 billion in fines levied on banks for not complying with regulations. In 2008, before the big financial crisis, that was less than $1 billion. When the Aim is to Solve Regulatory Risks Corytics analyses the enforcement outcomes of each regulator and regulatory categories, allowing banks and financial institutions to understand the business impact. Data is presented in a digestible, easy to action dashboard, with heat-maps and financial impact predictions. Corlytics’ technology includes: Taxonomy Mapping: Corlytics’ regulatory taxonomy John Byrne CEO & Founder Corlytics www.insightssuccess.com28 2019|October
  • 31. solution enables categorization, mapping and routing of regulatory content to a firm’s view of compliance risk, business lines, and controls. Corlytics makes sense of regulatory notices for departments, teams and individuals so that only relevant information is highlighted for action. The solution has also been used to create the world’s first ‘searchable’ intelligent handbook, through taxonomy mapping. Monitoring global regulators: Corlytics’ bots scan all notices from regulators for all types of regulatory content. It collates this information to a single cloud-based repository, which can be used for analysis and risk weighting. ® Risk insights: RiskFusion highlights regulatory concerns for risk, audit and compliance teams to assist in the planning and allocation of regulatory compliance investments. Corlytics collects and categorizes regulatory data. Relevant data sets are then analyzed and summarized ® by Corlytics regulatory and legal analysts. RiskFusion risk models are applied to the curated data to illustrate the highest risk jurisdictions, regulations, regulatory topics and provisions. Corlytics RED app: This app scans regulators in near real- time for all types of regulatory developments. These include regulatory notices, speeches, press releases, consultations, enforcements and penalties. Users can choose five global regulators to appear in their feed and RED (regulatory enforcement data) alerts on content relevant to them. The Trendsetter John Byrne is the CEO and founder of Corlytics. When it comes to setting the company’s vision and strategy, John is the go to guy. He is a serial entrepreneur in the financial technology sector, and has built and sold multiple global technology based enterprises. He also founded one of the first campus companies in Ireland back in 1985 in the energy sector. That’s not all; he also built Information Mosaic in 1997, a global player in the securities software industry which was later sold to Markit in 2015. Since the introduction of global regulations for the financial markets in 2009, John realized that there was complete lack of intelligence and predictive analytics in order to help the banks, regulators and their advisers to make informed decisions. Picking up Invisible Trends Corlytics has developed a global taxonomy that structures all regulatory notices, enabling businesses to look across jurisdictions for common trends and patterns. This global intelligence means the company can pick out emerging trends that are otherwise invisible. In 2017, Corlytics helped develop the world’s first intelligent regulatory handbook for the UK’s regulator the Financial Conduct Authority (FCA). The FCA handbook is used by thousands of regulated financial institutions and their advisors daily. It contains binding regulatory obligations and guidance for firms. Corlytics has worked with the team at the FCA to apply a central, common taxonomy to all regulations. Having put this in place, the existing material in the handbook can be tagged and machine read. This allows for a much more user-friendly search and navigation experience. When Expansion is on the Cards Corlytics continues to generate promising unsolicited inward leads and referrals which reflect the strength of its value proposition and suite of compliance risk applications. The company’s sales and successes to date with early adopters including global regulators, large global banks and financial institutions illustrate substantial validation of its product. According to the company, it will continue to pursue its sales channels in core markets such as Europe and the US. A strategic partnership with a global bank, advisory practice or consultancy firm may be considered to accelerate growth and market approval in new territories. This year, Corlytics is planning on expanding its core product offer in terms of strategic geographical and regulatory coverage to include other jurisdictions. In terms of market segmentation, it sees significant potential for sustained growth across asset management, brokerage and insurance. We are now at the very fore of regulatory intelligence revolution. Our forensic analysis and forecasting of regulatory risk and sentencing globally by four different professions sees Corlytics deliver 360- degree intelligence. www.insightssuccess.com 2019|October The Trusted
  • 32.
  • 33.
  • 34. W hat are the latest trends in business world? An impressive raise in regulatory, compliance and risk management requirements together with an exponential growth of data that corporations struggle to manage. The idea behind Governance.com is a spot-on observation and vision of our founders, Bert (CEO) and Rob Boerman (CTO) to allow regulated entities to connect and structure their data. As a Regtech, our purpose is to allow our clients to structure and simplify their data and control their business by building their workflows, checklists and activities around it. Governance.com is a totally flexible and customizable central system which can be interfaced with legacy and external systems of our clients. All their data and operational flows are centrally linked and easily accessible via our platform. This explains our continuous growth and recognition among the industry (winning Fintech of the year Award in 2016 in LU, included on Fintech 50 2018 and Global 100 Regtech in 2017). We all know that a revolutionary vision and performant system do not guarantee commercial success. Regtech is a relatively young concept which has to show all its potential and concrete value to traditional companies. I truly believe that the key for a successful collaboration lies on an open and transparent communication. The biggest concern and pain point of Regtech companies is the lengthy decision and procurement process of the companies. There is no point to get frustrated on this as we have no control on this process. I believe the optimal way to build long-lasting relationships is to focus on the challenges, needs and culture of our clients. An intensive risk assessment, a multi-layer decision taking and procurement process is part of the DNA of the regulated companies we are talking to. So, either deal with it or stay aside for Regtech CCOs. This is one of the first strategic decisions I have taken as Commercial Director: rather than beginning to talk how marvelous and innovative our solution is (and I truly believe Governance.com is an awesome platform) we always begin discussions by asking our contacts: Ÿ How do you manage your business? Ÿ What would you like to achieve with it? Ÿ What are you biggest pains? st Ÿ Who are the users? What is the 1 thing they will do on Governance.com? Based on their feedback, second step is to show the features and functionalities of our platform adapted to their needs. During the advanced negotiations phase, we aim to underline our concrete support and value: Allowing Regulated Entities to Connect and Structure their Data Industry Intel www.insightssuccess.com32 2019|October
  • 35. About the Author Olus Kayacan, CCO of Governance.com, has over 20 years of experience in Financial Markets including prime brokerage and asset management with a substantial network of Institutional Investors, Retail and Private Banks, Brokers, Asset managers, Family Offices and Corporates. His career has allowed him to meet extremely exciting, interesting and professional individuals every single day. He has successfully participated to the launch & development of several businesses and overachieved commercial targets on each of them. Ÿ Define together the Return on Investment of the project: our aim is to achieve 600% ROI within 3 years Ÿ Focus on Simplicity of our platform: our motto is that a system is useful and will be used massively if it is simple to use Ÿ Propose Agile and timely Implementation: tech means a quick, easy and efficient deployment Ÿ Close follow-up of their activity: our Business Support experts are easily accessible during the entire process and afterwards to assist our clients in case of need This approach is the key for the strong and long-term relationships. It is also vital to integrate the decision-making and procurement variables very early in the process. Regtech is a new concept and Senior Management and Decision- Makers are sometimes informed of the procurement process once they have decided to use our platform. A pro-active and continuous support is the key to be able to work with them quicker and help them throughout the process. This, I believe, is the reason of our success and our shortened relationships activation compared to our industry standards. We are all so proud to be part of this exciting adventure, which allowed us to grow from 2 to 17 FTE with offices in Luxembourg and the Netherlands. We have many exciting challenges for the upcoming year: Ÿ Continue our international expansion by partnering with high-quality organizations and direct presence via local offices. We plan to be present in the UK during 2018 and extend to US and Asia during 2019 to get closer to our clients worldwide. Ÿ Ensure continuous enhancement of our functionalities by listening to our clients Ÿ Implement Machine Learning and AI functionalities we are working on our platform Financial Regulation and Compliance costs around 780 BN $/year: 1% of Worldwide GDP! This is why it is so exciting for me to work within tech and being able to participate to a sustainable economy by providing a cost-efficient, safer and user-friendly solution! Olus Kayacan CCO Governance.com www.insightssuccess.com 2019| 33October
  • 36. Great Bay Software Closing the IoT Security Gap hile “Internet of Things” security is the focus of WGreat Bay Software today, its beginning predates IoT. The company got its start in 2005, working with clients to help shore up their networks with network authentication, and they identified a significant gap in the market: Endpoint Visibility. They created a product called Beacon, and this became the flagship product of their new company, Great Bay Software. With that launch, Beacon was suddenly on the map – it was quickly OEMed by household names in Network Access Control. But by 2014, Beacon had outgrown this OEM status – by then, the product included features like authentication and enforcement, and it also had the ability to discover and profile the new world of IoT devices. With the advent of the “Internet of Things” starting in the mid to late 2000s, Great Bay knew that Network Security would need to change. In these early days with Beacon, the organization envisioned the next generation of IoT Network Security – and that gave birth to its Network Intelligence Platform. The company took the core of Beacon and its agentless architecture and, after years of successfully ingesting data from enterprise sources, it build out a robust Open Platform designed for bidirectional integration. The highly migratory and rapidly evolving nature of IoT necessitates an elastic and responsive security framework, in addition to the wisdom and context from the enterprise environment. Importance of Security Security concerns around the “Internet of Things” have been percolating for decades, but today’s enterprises are on the cusp of the crisis. For years, an endless barrage of under-secured gadgets was acquired by consumers at a dizzying pace, and the tipping point of enterprises hit just a few years ago– business investment in IoT was $215B in 2015 and is expected to grow as much as $832B by 2020. Attacks on unsecured IoT are on the rise, driving up risk in every industry sector around the globe. Gartner forecasts that, by 2020, there will be more than 20 billion internet- connected devices in use, with IoT connecting everything form jet engines and commercial vehicles to manufacturing equipment and office equipment to personal cars and consumer electronics. This staggering number, along with the range of device manufacturers, creates a vastly larger and more complex environment for enterprises – and a larger attack surface. Great Bay Software was the first IoT Security solution on the market to eliminate the cost and complexity of network visibility and control with an agentless architecture that automated the device discovery, threat detection and defense – well before any other solutions on the market. Today, the company is a leading provider of IoT Visibility and Control, and its Network Intelligence Platform provides organizations of all industries and sizes with unparalleled visibility, scale, and control to address one of the most prolific and challenging cybersecurity risks of today’s time: IoT devices. The company’s vision is to arm every company with the visibility, and control needed to harness Ty Powers Vice President Technical Solutions www.insightssuccess.com34 2019|October
  • 37. the power of IoT – along with the means to protect their organization, customers, partners and stakeholders at scale. Risk Management Challenges Educating enterprises about IoT risks and security is one of the biggest challenges. Most companies see the productivity gains that can come from IoT and jump – but they don’t always understand the risks. Or, even if they do, they don’t understand the urgency. There are numerous examples where IoT enterprise threats are here now – and Great Bay Software is in a place where CISOs and their teams cannot de-prioritize this any longer. Often, the challenge is based on budget or IT skills shortages - but the company can very quickly show how its platform can save organizations’ valuable time. The ROI is there. In addition, even when risks are understood, many companies and industry leaders are focused on device manufacturers – there is a deep desire to drive security standards from the manufacturing side. While there have been some improvements, that approach has a critical flaw: the way IoT devices are manufactured is core to the problem of security. When looking at broad manufacturing processes for IoT devices, there are several players. It starts with the chip manufacturers, who compete based on price and have slim profits margins, so there may be limited engineering focus placed on security. Next, there are the system manufacturers – they choose off-the-shelf silicon and OEM software, manufacture the device, and maybe build in some tech elements, but don’t often put their brand name on it. Finally, the brand-name company packages and makes sure everything works and ships the product. At that point, maintaining the platform, firmware, and patching the OS may not be a priority (or possible), and the software is often times outdated even if the product is new to market. Who is responsible for keeping everything up to date? It’s not clear, so it doesn’t happen. The waters are even murkier if one of the entities goes out of business or is acquired. When evaluating regulated industries like healthcare, Medical Device manufacturers face another conundrum: device review and approvals can take as much as 5-7 years, so the software is often times dated just as soon as the device is approved for launch. And the device may have a life span of as much as 15-20 years. This is a far cry from the 3-5 years expected from most PCs, tablets and mobile phones. As such, while manufacturing; security is important, it is only one control. So, Great Bay Software believes outside governance is of utmost importance for security to be delivered – it’s all about checks and balances. Prompt and Thorough Leader Ty Powers has been with Great Bay since the beginning – but, back in 2005, this predated the advent of IoT. That said, the company’s DNA is in endpoint visibility, security, and networks. Great Bay Software has worked with CISOs and CIOs from companies of all sizes and all industries – and Ty had a front role seat to much of it. As a security analyst, solution architect, systems engineer, technical product manager... and now, Vice President Technical Solutions. His role working alongside customers as they engage with the company’s platform has been among the most rewarding. We ensure that enterprises know their real-time IoT risk and can easily detect, locate and mitigate device threats as they emerge. www.insightssuccess.com 2019| 35October The Trusted
  • 38. Ty brings more than 20 years of network infrastructure and security experience to Great Bay Software. He has specialized in all phases of network security, from the design, planning, and scaling of architectures to the implementation, integration, and deployment of critical network security solutions. Ty has held technical positions at Aruba Networks, Blue Spruce Technologies, Enterasys Networks, and Cabletron Systems. Solutions Offered by Great Bay The company’s Network Intelligence Platform is designed to discover, profile, and monitor all network-attached endpoints – in real-time without an agent. It is the first and the only real-time visibility and enforcement solution proved to deliver device discovery, robust profiling, continuous behavior monitoring, and flexible remediation at an enterprise scale. The company has secured more than 1.5 million devices in a single instance for an enterprise – this is the largest known deployment in the industry. Great Bay’s platform includes: Ÿ Unmatched Visibility: Great Bay Software’s agentless architecture ensures that it sees 100% of network- attached devices – arming IT, security, compliance, clinical and operations teams with a complete view of all IoT devices. Presented in an intuitive interface, the company enables professionals to obtain complete and up-to-the-minute asset inventory, and enable them to quickly detect, understand, and mitigate device risks within 2-3 clicks. Ÿ Real-time Behavior Monitoring & Risk Intelligence Scoring: The Great Bay Network Intelligence Platform analyzes the identity and behavioral attributes of endpoints, identifying real-time events and, when needed, automating a change to mitigate risk. Leveraging and correlating multiple risk indicators, the platform also calculates an enterprise risk score based on each organizations’ unique environment and priorities. Ÿ Dynamic Network Segmentation and VLAN Strategy: Network Segmentation is a best practice for security and compliance that is increasingly impractical to implement and maintain in large corporate environments. Great Bay Software Network Intelligence Platform is designed to help identify, devise & enforce an optimal segmentation strategy – streamlining operations, and strengthening security by dynamically taking action to alert administrations when network security policies are compromised. Ÿ Bidirectional Integration and Workflow Automation: The company’s Open Platform is designed to increase the efficacy of the security architecture and asset management systems through the sharing of endpoints attribute data and context. Delivered through our rich API or Great Bay Data Connector, the bidirectional data-flows enables powerful feature delivery, such as dynamic ticket generation, and also improved infrastructure security and a higher return on investment. Innovative Future Great Bay’s platform is among the first to address and solve the enormous challenges around IoT device visibility and control. Understanding of the threats in this market is still emerging – and the company is poised to help organizations of all walks and sizes tackle these issues head-on. The company’s platform continues to evolve as IoT continues to mature, and Ty is looking forward to announcing several innovations in the not-too-distant future. www.insightssuccess.com36 2019|October
  • 39.
  • 40. Data Center Security The rise in cyber-crimes is one of the main causes of Data center outages. As per the recent survey conducted by industry insiders, cyber-crime caused 22 percent data center outages in 2015 opposed to 2 percent outages in 2010. Adding to all these, now most of the data centers are re-evaluating their security policies after the recent WannaCry ransomware attack. Data center outages cause companies to loss revenue in many ways. However, the costliest loss is service interruption and loss of IT productivity. So, the organizations are now realizing that traditional security is no longer secure enough to secure any data center. A recent study has found that 83 percent of traffic travels east/west within the data center, which stays undetected by the perimeter security. In this environment, when an attacker infiltrates the perimeter firewall, then can jump across the system with ease, extract information and compromise valuable data. Additionally, data centers can fail due to trespassers or a terrorist attack or by natural calamities. So, how can one secure a data center in the best way possible from any kind of cyber threat? Don’t worry we’ve got you covered, with the points below. As the first step, one should Map the Data Center and flag the hackers within the virtual and physical infrastructure. The CSOs and CIOs with a system map of their systems can react to any suspicious activity and take steps to stop data breaches. Being able to visualize different traffic patterns within a network helps to understand threats, that eventually elevates the level of security. Understanding and measurement of traffic flow within the data center boundary are very important. In the case of any interruption in traffic across east/west vs north/south, protected vs unprotected one can get to know about a threat. Additionally, vulnerable zones and unprotected traffic need to be monitored for a better result. Firewall rules need to be defined and implemented as per requirements. Additionally, one should allow traffic only after thorough verification and selectively allow communication to ensure maximum protection. The key is to identify, what is legal and secured and what can be blocked to enhance security. One needs to Build a Team with executives who understand how traffic flows within the premises and can access & secure information, take necessary measures to secure important assets along with the implementation of roadblocks for the attackers. Security must move as fast as a data center’s technology adoption and integration. Security Strategy Should Change Alongside the Technology and it should not be treated as an add-on option. Additionally, businesses also should ensure that their virus protection, signatures other protection features are up to date for better protection. Businesses should Identify and Place Controls over high- value assets, which will help to reduce risk. However, older security solutions are completely blind to new threats, new security companies have produced latest solutions that protect data in the virtual world. Access Restriction also needs to be imposed. Every business should thoroughly check a person’s background before giving the access to a prized possession. Access to the main site and the loading bay must be limited, Controlling Possible Threats www.insightssuccess.com38 2019|October
  • 41. additionally, two-factor authentications and fortified interiors with security guards and roving patrols would help to safeguard the employees and the data center. Installing Surveillance Cameras around the data center, alongside removing signs which may provide clues to its function helps to locate an intruder. A buffer zone between the data center and all the entry points will limit unlawful trespassing to a great extent. Additionally, the data center needs to be far away from the main road and it should not have any windows other than administrative purposes for better security. A data center should Check Test Back-Up Systems regularly as prescribed by the manufacturer. It should also ensure to make a list and of Do’s and Don’ts in the event of an attack. Recovery plans and security plans also need to be checked thoroughly. Data centers are always a Soft Target for The Terrorists, as an attack on them can disrupt and damage major business and communication infrastructure. So, security needs to be taken seriously and to do that proactive steps should be taken to limit the impact of a terrorist attack. Trained Security Guards needs to be posted inside a data center and they should be well trained. Security officers must undergo strict site-specific training to monitor surveillance footage. Depending on the size of data center and the number of security cameras multiple security officers may be required on duty. Security officers dedicated to inspecting surveillance footage helps when it comes to securing a data center. Disaster Recovery is very much important, that must be in place. If the data center stops functioning after an attack or natural calamity, it must have a way to restore operations as soon as possible. To be ready for a disaster and to evaluate the disaster recovery plan, it’s necessary to train staffs well and experience simulated disasters. To avoid these obstacles, one needs a fair bit of knowledge of new security systems, solid plans, and comprehensive visibility. The more work a data center can do up front in the above-mentioned areas the better the chances of success with lesser outages. www.insightssuccess.com 2019| 39October Editor’s Pick
  • 42. Matrix-IFS The Modern Day Crime Fighters. Protecting Financial Institutions from Hackers, Fraudsters & Money Launderers. ith millions of accounts containing people’s Wlife savings, security has always been one of the largest concerns for financial institutions and their customers. As cybercriminals become more sophisticated in their hacking techniques, so should a company’s cybersecurity and fraud prevention systems. Although new technologies provide more advanced security options, knowing which ones to use and how to implementitis achallengemanyinstitutionsfacetoday. Aa a global leader in financial crime and compliance consulting and services, Matrix International Financial Services (Matrix-IFS) places the safety, privacy, and security of financial institutions and their customers above all. Led by Chief Executive Officer, Renan Levy, the company provides bespoke solutions to the financial sector thataddress emergingthreats. About Matrix-IFS Matrix-IFS was founded in 2006, due to the growing need for tailor-made, cost-effective services in financial crime domains - risk management, Anti-money Laundering (AML) andfraudprevention. “For the past thirteen years, the IT financial crime space has been exploding as regulations become more demanding, and technologies such as artificial intelligence (AI) and Machine Learning continue to improve. The risk of being a target of illegal activities is only increasing, requiring the banks and other financial institutions to adopt various solutions to protect themselves from different types of attacks. Matrix-IFS was founded for this particular reason: to help our clients address these issues by providing domain and IT expertise of highly qualified and experienced financial crime specialists.”,Renan commented on the landscape of financialcrime. Havingthe Customers’Best Interests at Heart Renan adds, “As a leading advisory firm, we strive to deliver only the best-suited solutions for our clients. We develop customized solutions jointly after a careful examination of the companies’ requirements, existing technologies,and processes. One shoe does notfitall.” Since Matrix-IFS is vendor agnostic, it can offer its customers “best of breed” solutions, meaning that the Renan Levy CEO www.insightssuccess.com40 2019|October
  • 43. 2019| 41Octoberwww.insightssuccess.com company’s experts combine different technologies to offer the most efficient financial crime ecosystem. For example, whereas some vendors have strong AML systems, they maylackagood dataqualityor fraudpreventionsolution. When asked about implementing cutting-edge technologies, Levy responded, “A robust AML or fraud prevention program requires a deep understanding of the data, relevant analytics, and the effective application of innovative technologies and processes, to name a few: Machine Learning, AI, and Robotic Process Automation (RPA). Renan also states that one of the main challenges faced by the market today is addressing high volumes of false- positive alerts generated by transaction monitoring systems. This inherently wastes a great deal of time and money due to inaccurate results that can lead to missing bonafide alerts and causing high rates of customer frustration. Matrix-IFS’ experts have developed methodologies to optimizeAML/fraud prevention systems and models to reduce the false-positive ratio, freeing up investigators’ time to handle real threats. One method of making the process more efficient and cost-effective is through RPA, which automates manual and repetitive tasks, reducingoverheadandincreasingaccuracy. Addressing ClientVulnerabilities Many vendors in the market try to address the issues of fraud and cybersecurity. Most address 80% to 85% of the client’s security issues. Matrix-IFS uses penetration testing to assess the institution’s vulnerability. This methodology takes a bird’s-eye view, looking at the whole pictureratherthanonlythemainstream. Stepping into the Shoes of the Leader Boasting a proven track record of building and running several successful companies in the fields of technology, banking, business, and consumer services, six years ago Renan took on the role of Matrix-IFS’CEO. Since then, he has grown the company’s footprint from a single office in NJ to include a global network of offices. Under his leadership, the company’s offerings have expanded while notcompromisingonqualityandinnovation. AStepAhead of the Competition According to Renan, “What sets Matrix-IFS apart from other consulting firms is our domain and technology expertise, which derive from years of experience providing risk management and financial crime prevention solutions solely to the financial sector and, by doing so, honing our craft. No one is as focused or has as many successful advisory and implementations projects in the fraud preventionandAMLspaceunder theirbeltsas wedo.” He continued to say, “Our number-one value is the client’s success; it drives the company forward to deliver tangible, measurable results. This kind of customer-centric culture across the entire company is what drives us. There is nothing more rewarding than seeing our clients return to us timeand timeagainoverthespaceoftwodecades.” AGlimpseatMatrix-IFS’s Future Renan aspires to bring even more value to his clients by developing impenetrable new services, including cybersecurity offerings, top-of-the-line cloud services, and trustworthy data quality solutions. He envisions for the company’s future expansion into new territories -growing Matrix-IFS’offeringswithinthefinancialsector andbeyond. Our number-one value is the client’s success; it drives the company forward to deliver tangible, measurable results. There is nothing more rewarding than seeing our clients return to us time and time again over the space of two decades. The Trusted
  • 44. Has the number of security issues you deal with on a routine basis ever made you feel a bit like Atlas carrying the world on your shoulders? I can’t tell you the number of conversations I’ve had with discontented security practitioners who lament to me the woes of trying to speak with management about the latest Heartbleed or Spectre/Meltdown vulnerabilities and ‘management just doesn’t understand’. Even worse, when management inevitably turns a blind eye to the issue, the security practitioner worries that they’ll be searching for a new job if the vulnerability is ever exploited. As the Information Security Program Owner at National Instruments for over eight years, I frequently find myself offering up the following bit of advice to my compatriots who are struggling with what to do in this situation. When I first started the security program at National Instruments, I had these same feelings of anxiety. The tools that I was using to scan our networks, systems, and applications were coming up with vulnerabilities left and right, but there were few things that I had the ability to fix. I had to go to another team, explain what had been found, and then I had to somehow try and convince them that they needed to fix it. In some cases they humored me, but in many cases the result was that my vulnerabilities were just another bug that they’d get Minimizing the Adverse Effects of Risks Josh Sokol Creator & CEO SimpleRisk www.insightssuccess.com42 2019|October
  • 45. to when they had time. The weight of all of these unmitigated issues was crushing me. I knew that if I didn’t find a better way to do things, then I wouldn’t last long in that role. I quickly came to realize that my role as a security practitioner never was to fix the vulnerabilities that I found. That was the function of the application administrators. Nor could I control the resources and roadmaps which determine the prioritizations of the various mitigations. That role belongs to members of the business. My primary function as a security practitioner was to assist in identifying the issues, advise on how to mitigate them, and ensure that the right stakeholders are aware and educated so that they could make the most informed decision possible for the business. In short, my role was that of a risk manager and my job was to drive visibility and accountability of the risks the organization is accepting to the stakeholders who are accepting them. To formalize the processes around my newly found risk management role, I did quite a bit of research around what others were doing. Eventually, I stumbled across the NIST SP 800-30, a Risk Management Guide for Information Technology Systems. I’ll admit that it wasn’t the most titillating document I’ve ever read, but the content really helped to solidify what our risk management process needed to look like. To start with, I needed a way to track all of the risks that we were collecting through various assessment processes in our environment. This system, typically referred to as a risk registry, would become the aggregation of risks found in our organization through vulnerability assessment, auditing, interviews, vendor notifications and many other sources. In order to be successful, I needed a system that everyone could access quickly and come across a risk in their environment and a system that allowed them to enter a minimal amount of data about the risk so that they could get right back into what they were doing when they identified the risk. I would then use that information to later populate the details myself or to schedule time on their calendar to fill me in. My system also needed a way for me to understand the prioritization, or risk level, of the risks I was capturing. Once the risk had been recorded, I needed a way to track how we were going to handle the risk. Possible options ranged from accepting the risk because the likelihood and impact were within what we considered to be a tolerable range to planning some sort of mitigation for the risk. I needed a way to understand the level of effort involved so we could balance those costs against the risk level. If my ultimate goal was to drive visibility and accountability up the chain of management, my last step was to have a process for who would perform a review of the risks. I decided to use a combination of the team a risk is assigned to and the risk score. Since risk management is designed to be a cyclical process with risks re-evaluated on a routine basis, I also used the score to determine how often the risk would be reviewed. Most of the organizations I speak with these days about risk management start out using complicated formulas on excel spreadsheets, but there are tools called ‘Governance Risk and Compliance’ (GRC) that can help you with this endeavor. There range options from open source tools like ‘SimpleRisk’ to more expensive options like ‘Archer’. It depends on how complicated you need your workflows to be and how many resources you can afford to spend to run the program. I started this discussion with the person telling me that ‘management just doesn’t understand’. The fact of the matter is that management doesn’t understand because they weren’t speaking the same language. Your business understands risk because they use it every day to make calculated decisions about the investments it is making. Risk is the language of business and shifting the focus of your conversations to risk will ensure that everyone is on the same page and that you are not only viewed by management as an excellent communicator, but also a stellar security professional helping to guide the organization in proper risk management. Not only that, but you will sleep better at night after shedding that weight off your shoulders and placing it back on the solid risk management foundation on which it belongs. www.insightssuccess.com 2019| 43October Interpreting Risks