ATLANTA--(BUSINESS WIRE)--Modulo, a leading provider of IT governance, risk and compliance (GRC) solutions, announced today that John Ambra, the company’s Director of Technical Services, is presenting at the ISACA North America Computer Audit, Control and Security (CACS) conference being held this week in Dallas, Texas, USA, April 15-17. ISACA CACS is a worldwide leading conference for IT audit, security and risk professionals.
In his session titled “Vulnerability Assessment is not Risk Intelligence” Ambra will discuss why a rigorous program of vulnerability assessment is not enough to deter the increasing threats posed to your organization's IT infrastructure; and how organizations can gain tremendous insight and value from connecting vulnerability assessment information to their IT risk management program. Attendees will learn how to achieve clear visibility into the business impact, remediation, and progress of an information security program.
Tweet this: “@Moduloitgrc John Ambra presents on Vulnerability Assessment is not Risk Intelligence at #NACACS #ISACA”
Who: John Ambra, CISA, CISSP, PCI QSA, MCSO, 27001 L.A., is a senior certified security professional with extensive experience in global GRC implementations and international risk management frameworks such as ISO. At Modulo he is responsible for leading IT GRC projects for multinational clients by supervising and coordinating the development, research and quality assurance teams.
What: “Vulnerability Assessment is not Risk Intelligence”; after completing this session, attendees will be able to:
- Utilize risk management automation tools to assess, analyze and remedy identified vulnerabilities in the context of top-down approach to linking assets to processes that support business functional units
- Import, align, and score assets from multiple vulnerability scanning tools using a common, shared repository and fully rationalized scoring methodology in an IT-controls based approach
- Plan, assign and manage workflow, and perform remediation of identified and prioritized vulnerabilities
- Sort the status of thousands of assets to quickly and accurately focus on highest impact ones
- Link the importance of establishing a common language taxonomy between the disparate concepts of vulnerability management and internal policies that are both machine- and human-process focused
- Incorporate the PCI DSS standard as the prescriptive example of these concepts
When: Tuesday, April 16th, 2:15 PM – 3:15 PM
Where: #234, Hyatt Regency Dallas
Contact: To schedule a briefing please contact Leslie Kesselring, PR for Modulo, at leslie.kesselring@modulo.com.
Links:
To view the full conference program:
http://www.isaca.org/Education/Conferences/Pages/North-America-CACS-2013.aspx
To download the Modulo presentation:
http://www.isaca.org/Education/Conferences/Documents/NACACS-Presentations/234.pdf
About Modulo
Modulo is a leading global enterprise provider of comprehensive Governance, Risk and Compliance (GRC) management solutions. Modulo’s award-winning Risk Manager™ provides hundreds of organizations worldwide with the tools they need to automate the entire GRC management process to monitor, manage and sustain adherence to policy and regulations while reducing enterprise risk and complexity. Customers span the financial, health care, retail, telecom, power & gas and government sectors and include BASF, BC Hydro, Commercial Bank of Dubai, Microsoft, New York University Medical Center, Synovus Financial, and Schlumberger. Modulo has earned industry recognition as a 2012 Innovator of the Year from SC Magazine; “Best Buy” and “5-Star” in SC Magazine’s risk management group product reviews for two consecutive years (2012 and 2011); finalist in SC Magazine Excellence Awards for two consecutive years (2012 and 2011); and winner of the Info Security Products Guide Global Excellence Awards and Network Products Guide Product Innovation Award.
Visit www.modulo.com and follow Modulo on Twitter @moduloitgrc.
Key search terms: Vulnerability Assessment, Vulnerability Management, Risk Management, Compliance Management, PCI, Cybersecurity, IT GRC, Enterprise GRC, ISACA, Modulo
