Read more

Read more

Demonstrates New Solutions for IT GRC and BCM and Speaks on "Critical Infrastructure Protection" Panel Session

ATLANTA--(BUSINESS WIRE)--February 26, 2013

Modulo, a leading provider of IT governance, risk and compliance (GRC) solutions, announced today that the company will showcase its solutions and expertise in Integrated Risk Management during RSA Conference 2013. Held in San Francisco's Moscone Center from February 25 -- March 1, 2013, the conference brings together foremost thought leaders from around the world to discuss pressing information security challenges. In its booth Modulo will demonstrate a new version of its award-winning IT GRC platform, Risk Manager, including new solutions for Vulnerability & Threat Management, Vendor Risk Management and Business Continuity Management.

Read more

By Kelly Jackson Higgins 

Dark Reading 

SAN FRANCISCO -- RSA CONFERENCE 2013 – The oil and gas industry now has at its disposal a SCADA security test laboratory for testing just how their environments would hold up -- or not -- to today's attacks. The so-called Industrial Control System (ICS) Sandbox, based in Montreal, aims to simulate real-world effects of attacks on critical infrastructure to help power plants and other operators better lock down their environments.

Modulo, a leading provider of IT governance, risk and compliance (GRC) solutions, announced today a Vendor Risk Management solution for enterprises to identify and classify high risk vendors and cloud providers as well as streamline the risk and compliance evaluation process. The product comes fully integrated with the Shared Assessments Standard Information Gathering (“SIG”) questionnaire – a robust and easy-to-use industry standard template for gathering and assessing IT, operating and security risks and controls in an information technology environment. Modulo is demonstrating its solution and sharing best practices this week at the 6th Annual Shared Assessments Summit, March 19-20, 2013 in Boston.

Read more

Atlanta — March 20, 2013 — Modulo, a leading provider of IT governance, risk and compliance (GRC) solutions, announced today a Vendor Risk Management solution for enterprises to identify and classify high risk vendors and cloud providers as well as streamline the risk and compliance evaluation process. The product comes fully integrated with the Shared Assessments Standard Information Gathering (“SIG”) questionnaire – a robust and easy-to-use industry standard template for gathering and assessing IT, operating and security risks and controls in an information technology environment. Modulo is demonstrating its solution and sharing best practices this week at the 6th Annual Shared Assessments Summit, March 19-20, 2013 in Boston.  

Enterprises are required to manage hundreds to hundreds of thousands of third-party vendors that provide essential services. These parties have access to sensitive data, exposing organizations to IT and cyber risks and noncompliance to regulatory as well as internal requirements. SOX, FFIEC, NYSE, GLBA, PCI DSS, HIPAA and other regulatory bodies require organizations to extend assessments to vendors, contractors and consultants and regulatory scrutiny is increasing. 

Many of these third-party vendors now provide cloud-based solutions, making it even more difficult to assess reliability, continuity, and compliance and creating a ripple effect in the event of a disruption. Industry experts suggest that organizations first conduct a security assessment of these vendors before they buy and then monitor vendors on an ongoing basis. 

“The cost of failing to manage vendor risk is high: from quality of service to financial, audit, and reputation risk. Many organizations don’t know whom their high-risk vendors are which makes it nearly impossible to target assessments, prioritize risks and create mitigation plans. Vendor Risk Management has emerged as a leading use case for our powerful and flexible IT GRC platform, which harmonizes risk scoring across all IT risk management projects for a holistic enterprise risk profile,” said John Ambra, director of technical services for Modulo. 

Vendor Risk Management with Modulo Risk Manager™ 8.1 helps organizations automate third-party regulatory compliance and adherence to internal policy requirements, saving time and money and continuously improving the maturity of vendor risk programs. Modulo Risk Manager provides several tiers of reporting based on the level of detail required by the report recipient. Modulo Risk Manager ties into business value by helping define Key Risk Indicators (KRIs) to understand the impact of vendor IT risks on overall enterprise risk.  

Added Ambra, “One North American Fortune 50 consumer products company with over 20,000 vendors worldwide uses Modulo Risk Manager for its Vendor Classification survey to identify which categories vendors fit into and who has access to the system. Once these high-risk parties were identified they implemented they were able to implement a targeted risk assessment and risk mitigation program, focused on a subset of vendors with access to PII data (Personally Identifiable Information).”

Organizations around the world use Modulo Risk Manager's Vendor Risk Management solution to: 

• Accurately classify vendors by risk and relevance levels

• Track and monitor classification efforts and assessments in one single console 

• Harmonize risk scoring across vendor assessments and risk management projects

• Prioritize risks and remediate exposures based on the risk a vendor presents 

• Report vendor risk & compliance evaluation results using reports targeted for vendors, internal lines of business, and customers

• Benchmark vendors against organization and industry standards

Unique new features now available include: Mobile Apps to capture vendor risk information on the iPhone, iPad, and Android; Visual Google Geo-location Maps that aid in trend analysis; and “What-if” Simulations to create surveys that generate optimal responses.

The Modulo Risk Manager Vendor Risk Solution is available immediately in three deployment models: on-premise, subscription, or SaaS. For more information please visit: http://www.modulo.com/vendor-risk-management.

About Modulo

Modulo is a leading global enterprise provider of comprehensive Governance, Risk and Compliance (GRC) management solutions. Modulo’s award-winning Risk Manager™ provides hundreds of organizations worldwide with the tools they need to automate the entire GRC management process to monitor, manage and sustain adherence to policy and regulations while reducing enterprise risk and complexity. Customers span the financial, health care, retail, telecom, power & gas and government sectors and include BASF, BC Hydro, Commercial Bank of Dubai, Microsoft, New York University Medical Center, Synovus Financial, and Schlumberger. Modulo has earned industry recognition as a 2012 Innovator of the Year from SC Magazine; “Best Buy” and “5-Star” in SC Magazine’s risk management group product reviews for two consecutive years (2012 and 2011); finalist in SC Magazine Excellence Awards for two consecutive years (2012 and 2011); and winner of the Info Security Products Guide Global Excellence Awards and Network Products Guide Product Innovation Award.

Modulo, a leading provider of IT governance, risk and compliance (GRC) solutions, announced today a Vendor Risk Management solution for enterprises to identify and classify high risk vendors and cloud providers as well as streamline the risk and compliance evaluation process. The product comes fully integrated with the Shared Assessments Standard Information Gathering (“SIG”) questionnaire – a robust and easy-to-use industry standard template for gathering and assessing IT, operating and security risks and controls in an information technology environment. Modulo is demonstrating its solution and sharing best practices this week at the 6th Annual Shared Assessments Summit, March 19-20, 2013 in Boston.

Read more

Interview with Modulo CEO Sergio Thompson

Automating governance, risk and compliance reduces vulnerabilities that can have an adverse impact on the bottom line, says Sergio Thompson-Flores, chief executive of Modulo, a provider of GRC offerings.

In an interview, Thompson:

- Provides background on the 28-year-old company;

- Explains the benefits of GRC automation;

- Discusses how customers automate GRC to take risk and compliance evaluations and collate them with physical and operational compliance and risk.

Before leading Modulo, Thompson was a principal and founding partner of Brazil's Worldinvest, a financial advisory and business development firm. Prior to Worldinvest, he was the managing director of a Brazilian development bank. He also served in Brazil's Foreign Service as a diplomat and held a senior position in the Brazilian Finance Ministry.

LIsten to the interview

Atlanta — February 26, 2013 — Modulo, a leading provider of IT governance, risk and compliance (GRC) solutions, announced today that the company will showcase its solutions and expertise in Integrated Risk Management during RSA Conference 2013. Held in San Francisco's Moscone Center from February 25 – March 1, 2013, the conference brings together foremost thought leaders from around the world to discuss pressing information security challenges. In its booth Modulo will demonstrate a new version of its award-winning IT GRC platform, Risk Manager, including new solutions for Vulnerability & Threat Management, Vendor Risk Management and Business Continuity Management. 

In addition Modulo will moderate a panel session titled “SCADA Protection for Critical Infrastructure - A Collaborative Approach.” CEO Sergio Thompson-Flores will lead a timely debate to explore the threat landscape, research, and the role of GRC and collaboration surrounding Critical Infrastructure protection featuring a panel of global experts:

• Doug Powell, Manager, SMI Security, Privacy & Safety, BC Hydro
• Prof José M. Fernandez, Eng., Ph.D., Department of Computer & Software Engineering, Ecole Polytechnique de Montreal 
• Tiago Alves de Jesus, Carlton University/Infrastructure Resilience Research Group (IRRG)
• Marcelo Branquinho, Executive Director, TI Safe

With these solutions and expertise, Modulo is driving the movement toward an integrated approach to managing IT and Enterprise Risk, harmonized with Operation Risk including Physical and Cyber Command and Control, for improved business visibility and decision making. CISOs, CIOs, CSOs and CROs of hundreds of the world’s largest organizations across a broad range of industry sectors and government agencies use Modulo to meet the demands of today’s increasing cyber threats, compliance mandates and operational efficiency requirements.

Live Demonstrations and Theater Presentations for Integrated Risk Management @ Booth 523

Modulo will spotlight the latest technology and approaches to Integrated Risk Management through theater presentations, demonstrations and onsite experts. Named 2012 Innovator of the Year and Best Buy by SC Magazine, Modulo Risk Manager version 8.0 features enhanced workflow and reporting capabilities and new solutions for:

• Vulnerability & Threat Management: harmonize large volumes of data from multiple scanning and security tools including Qualys, Nessus and Rapid7 and map against business assets to prioritize risks, remediate exposures and report patches and progress across lines of business and applications – aligning IT risk with business objectives
• Vendor Risk Management: streamline risk and compliance assessments, prioritize risks, monitor progress and report evaluations – for a true risk picture across thousands of vendors
• Business Continuity Manager: reduce risks associated with crises and disasters that impact personnel, technologies and facilities, leveraging ISO-22301 and BS-25999 industry standards – to maintain normal operations with minimal disruptions and monitor recovery  
• Cyber Defense and Critical Infrastructure: build a command and control center that manages and continuously monitors cyber threats with physical and operational risks in one integrated platform - for real-time situational awareness, predictive analysis and incident remediation
• Compliance Management, Policy Management, Audit Management and Incident & Remediation Management demonstrations also available

“SCADA Protection for Critical Infrastructure - A Collaborative Approach,” Tuesday February 26 @ 3:50pm, Moscone, Room 304

This panel, moderated by Modulo, will provide important insight that impacts all industry sectors featuring a CISO for a large North American smart grid utility; SCADA research lab professor; government-led SCADA program director; and Critical Infrastructure protection implementation expert. Debate will cover the cyber threat landscape for Critical Infrastructure; GRC challenges for managing risk across IT, physical and operational infrastructure; new research and labs insights; opinions on policy and regulations including the recent White House Executive Order on Cybersecurity; the role of technology tools and standards; and how industry, government and academia can collaborate to overcome the Critical Infrastructure culture clash.

For interviews with Modulo executives contact Leslie Kesselring, leslie.kesselring@modulo.com.

For product appointments contact Doug Payton, doug.payton@modulo.com.

About Modulo

Modulo is a leading global enterprise provider of comprehensive Governance, Risk and Compliance (GRC) management solutions. Modulo’s award-winning Risk Manager™ provides hundreds of organizations worldwide with the tools they need to automate the entire GRC management process to monitor, manage and sustain adherence to policy and regulations while reducing enterprise risk and complexity. Customers span the financial, health care, retail, telecom, power & gas and government sectors and include BASF, BC Hydro, Commercial Bank of Dubai, Microsoft, New York University Medical Center, Synovus Financial, and Schlumberger. Modulo has earned industry recognition as a 2012 Innovator of the Year from SC Magazine; “Best Buy” and “5-Star” in SC Magazine’s risk management group product reviews for two consecutive years (2012 and 2011); finalist in SC Magazine Excellence Awards for two consecutive years (2012 and 2011); and winner of the Info Security Products Guide Global Excellence Awards and Network Products Guide Product Innovation Award.

Visit www.modulo.com and follow Modulo on Twitter @moduloitgrc.