Unified Compliance developer of the only industry-vetted compliance database – the Unified Compliance Framework ® (UCF), and MetricStream, a market leader in Governance, Risk, and Compliance (GRC) apps, today announced their new joint initiative – a cybersecurity hub to be launched via MetricStream's portal ComplianceOnline.com.
The cybersecurity hub will be the first to consolidate and connect all major cybersecurity requirements in a single database, enabling companies to instantaneously analyze gaps or overlaps between requirements issued by national and international standards groups, organizations, and governments.
Any organization will be able to easily determine the exact set of common controls needed for compliance by simply clicking a few checkboxes. The site will also enable organizations to combine any number of cybersecurity requirements into a single list, and then export that list into spreadsheets to help the entire organization meet its compliance requirements.
The new cybersecurity hub will be available on ComplianceOnline.com by the end of March 2015. MetricStream's ComplianceOnline.com portal is one of the largest GRC advisory networks and online communities, featuring more than 700 GRC experts who provide online and in-person GRC trainings, and serving more than three million Governance, Risk, and Compliance (GRC) practitioners worldwide.
"In the wake of increasingly sophisticated online threats such as the Heartbleed bug, as well as significant cyber-attacks against some of our most respected organizations, we're seeing governments and regulatory authorities come forward with various new cybersecurity laws and proposals," said Craig Isaacs, CEO of Unified Compliance. "One of the biggest challenges for businesses today is keeping track of these evolving cybersecurity requirements, and then using the appropriate controls to implement those requirements. Our aim, in partnership with ComplianceOnline.com, is to simplify this process – to empower organizations, make it easier to comply with various requirements, and improve their cybersecurity initiatives."
In 2013, President Obama issued an Executive Order to protect critical infrastructure by establishing baseline security standards. A year later, the government announced the cybersecurity framework, a voluntary how-to guide to strengthen cybersecurity. Meanwhile, the Senate Intelligence Committee voted to approve the Cybersecurity Information Sharing Act (CISA), moving it one step closer to a floor debate.
Most recently, President Obama unveiled his new Cybersecurity Legislative Proposal, which aims to promote better cybersecurity information-sharing between government and the private sector. The White House will also host a Summit on cybersecurity and consumer protection at Stanford University in Palo Alto on February 13, 2015, convening key stakeholders from government, industry and academia to advance the discussion on how to protect consumers and companies from mounting network threats.
"As we move into 2015, the regulations and standards that address cybersecurity are only likely to increase, and become more prescriptive," said Mark Mitchell, Senior Vice President of Corporate Development at MetricStream. "Through our partnership with Unified Compliance, we're looking to simplify the compliance burden by providing organizations with a comprehensive database of all major cybersecurity requirements, and helping them create a concise, harmonized list of compliance controls. This approach will save organizations considerable time, effort, and resources when it comes to cybersecurity compliance, and more importantly, will improve the efficiency and effectiveness of their overall Governance, Risk Management, and Compliance programs."