WCK, a leading cyber security risk and compliance software vendor, announced today the launch of its new Super Risk Module, which allows organizations to easily analyze cyber and security risk using standard ERM (enterprise risk management) and operational risk methodology based on COSO.
Most organizations find it difficult to meaningfully connect IT and cyber risk management practices which focus on security vulnerability and risk assessments to the ERM and operational risk practices of their global risk department. The two domains use widely different languages and standards for measuring and analyzing risks and controls.
The new WCK Super Risk module enables easy mapping of IT risks and controls to families of risks as defined by the organization. WCK customers can continue their on-going security risk management that consider IT factors like confidentiality, integrity and availability that are based on technology standards ISO27000, NIST, PCI and CobiT, while in parallel, analyzing how their security risks and controls mitigate their risk levels as managed using operational risk methodologies and parameters such as inherent and residual risk.
Technical vulnerabilities from the security and IT domains are mapped to operational risk tiers. Dashboards and reports display how these low-level controls affect residual risk values.
“CIOs and CISOs need a common ground for communications about risks with the non-IT, enterprise risk departments of their companies” said Eyal Adar, WCK’s CEO. “We are pleased that the new WCK Super Risk module facilitates better risk management and improves risk communication across the entire organization”.
Several of WCK’s large banking customers have already implemented the Super Risk module in order to facilitate the presentation of their IT and security activities to enterprise risk departments.
WCK develops and markets bSRM, an innovative risk and compliance software for managing IT, cyber security and critical infrastructure protection. The solution helps organizations protect their critical business processes by providing crystal-clear visibility of their risk posture, decision support tools, and a prioritized remediation workflow based on business needs. For more information visit www.wck-grc.com