Back to SYMC
Symantec Provides Business Perspective on IT Risk With New Risk and Compliance Solution

MOUNTAIN VIEW, CA -- (Marketwire) -- 02/14/12 -- Symantec Corp. (NASDAQ: SYMC) today announced the upcoming release of Symantec Control Compliance Suite 11, the latest version of its enterprise-class IT governance, risk and compliance (GRC) solution. It will feature the new Control Compliance Suite Risk Manager module which enables security leaders to better understand and communicate risks to the business environment from their IT infrastructure. Risk Manager translates technical issues into risks relevant to business processes, delivers customized views of IT risk for different stakeholders, and helps prioritize remediation efforts based on business criticality rather than technical severity.

Click to Tweet: Symantec helps CISOs speak language of business: http://bit.ly/wyg5eV

Security threats and risk management are becoming part of boardroom-level discussions. A January 2012 study conducted by Forrester Consulting on behalf of Symantec found:

  • 70 percent of security decision makers reported increased executive awareness of IT security as a direct result of recent high profile attacks and data breaches
  • When asked what changes to their IT risk program would have the most positive impact on their business counterpart relationships, 47percent indicated the improved ability to communicate the value of security and risk management in business terms
  • More than 40 percent called out the need for more timely and accurate data or more frequent reporting of risk and compliance

Symantec Control Compliance Suite Risk Manager module will allow security leaders to create a targeted view of IT risk as it relates to a specific business process, group or function. Instead of sending business unit owners detailed reports on outstanding configuration or vulnerability issues, they will be able to illustrate how these issues are causing unacceptably high risk to the company's online e-commerce site, transaction processing system or other key business process. Translating technical IT issues into business risk terms that can be more easily understood helps drive greater awareness, accountability and action.

The solution will facilitate more effective communication around IT risk by allowing security leaders to customize dashboards with audience-specific risk metrics.

  • Executive-level dashboards can illustrate high-level metrics, such as risk by business unit, or risk scores for mission-critical business processes.
  • Security operations dashboards can drill down to examine technical details behind these risk scores.
  • Dashboards for IT operations can outline detailed remediation plans and monitor risk reduction over time as scheduled remediation activities take place.

These different dashboard views provide business stakeholders with the information they need to make better decisions around IT risk, while ensuring that security and IT operations teams are more closely aligned on what needs to be done to reduce the most critical risks to the business.

Symantec Control Compliance Suite will feature a flexible, scalable data framework which is critical to providing a rich data-driven view to multiple audiences. This framework greatly simplifies the process of bringing together and "normalizing" information from multiple different sources, so that it can be viewed in a common format. The suite brings together automated, technical assessment information with manual data inputs and procedural assessment information. It combines all of this with additional data from other Symantec and non-Symantec solutions, providing a rich set of information available for better analysis and decision making. The result is a truly multi-dimensional view of the IT risks associated with any given business process, group or function.

Quotes
"The ability to move beyond the traditional role of technical expert and become a business risk advisor is critical to the success of today's IT security leaders,"said Art Gilliland, senior vice president, Information Security Group, Symantec. "Symantec's next generation IT GRC solution will empower information security leaders to drive real change and accountability with their business counterparts at a time when security threats are becoming boardroom level discussions."

"When you are called before senior executives of the business to talk about IT risks, you better have sound metrics behind you. Gathering this information and effectively communicating it to business stakeholders is one of the biggest challenges we face today. With Control Compliance Suite Risk Manager, Symantec is providing a powerful tool to help address this challenge," said Tim Stanley, director of information and infrastructure security, Waste Management, Inc.

"We are seeing a growing number of CISOs being asked to provide a business-centric perspective of IT risk that executives and line-of-business managers can understand and act upon. Meeting this need requires a strong focus on the intersection of risk management and IT-based business processes," said Jon Oltsik, senior principal analyst, Enterprise Strategy Group.

Availability
Symantec Control Compliance Suite 11 is expected to be available by early summer 2012.

Resources

Connect with Symantec

About Symantec
Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com.

NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at http://www.symantec.com/news. All prices noted are in U.S. dollars and are valid only in the United States.

Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

FORWARD-LOOKING STATEMENTS: Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and are subject to change. Any future release of the product or planned modifications to product capability, functionality, or feature are subject to ongoing evaluation by Symantec, and may or may not be implemented and should not be considered firm commitments by Symantec and should not be relied upon in making purchasing decisions.

Technorati Tags
Symantec, compliance, governance, risk management, security, IT GRC

Add to Digg Bookmark with del.icio.us Add to Newsvine

Back to SYMC
Wikinvest © 2006, 2007, 2008, 2009, 2010, 2011, 2012. Use of this site is subject to express Terms of Service, Privacy Policy, and Disclaimer. By continuing past this page, you agree to abide by these terms. Any information provided by Wikinvest, including but not limited to company data, competitors, business analysis, market share, sales revenues and other operating metrics, earnings call analysis, conference call transcripts, industry information, or price targets should not be construed as research, trading tips or recommendations, or investment advice and is provided with no warrants as to its accuracy. Stock market data, including US and International equity symbols, stock quotes, share prices, earnings ratios, and other fundamental data is provided by data partners. Stock market quotes delayed at least 15 minutes for NASDAQ, 20 mins for NYSE and AMEX. Market data by Xignite. See data providers for more details. Company names, products, services and branding cited herein may be trademarks or registered trademarks of their respective owners. The use of trademarks or service marks of another is not a representation that the other is affiliated with, sponsors, is sponsored by, endorses, or is endorsed by Wikinvest.
Powered by MediaWiki