Click here to close now.




















Welcome!

News Feed Item

KuppingerCole Report Reviews IT GRC Market and Cites MetricStream as a Pioneer

MetricStream today announced that it has been named as a company with strong IT Governance, Risk, and Compliance (GRC) solutions in the KuppingerCole Vendor Report titled “MetricStream: Bridging the Gap Between Business GRC and IT GRC.” The report has been published by KuppingerCole, a leading Europe-based analyst company for information security both in classical and cloud environments.

Analyzing the IT GRC industry, the KuppingerCole report brings out the security and compliance challenges that organizations face due to the increased use of virtualization technologies and external IT services, as well as emerging and evolving compliance requirements. According to the report, “organizations are in a situation where they are confronted with exponential changes regarding outward-facing processes, users, and external IT services used.” What organizations require today is an IT GRC solution that is agile to business changes, integrates with enterprise GRC, manages evolving risks related to information security and compliance, and monitors business performance.

IT and cyber security risks are a growing concern for most European organizations. With the rise in media attention on privacy and data breaches, European companies are becoming aware of the risk of a data leak ending up in today’s more intense news environment and its impact on business.

Having evaluated the IT GRC market, KuppingerCole says that MetricStream’s strong and integrated portfolio of GRC solutions comes with well-defined controls, security features that address risks and threats arising from social, cloud and virtualization technologies, and capabilities that enable organizations to merge Information Security, IT Risks, and Enterprise GRC to drive business performance.

Says Vasant Balasubramanian, Vice President of Product Management at MetricStream, “KuppingerCole’s report is a testimony to our rich capabilities in IT GRC, and the innovations we have brought to the market to address complex security and compliance risks in an increasingly virtualized and mobile world. MetricStream’s IT GRC solutions enable organizations to harmonize GRC processes across the enterprise, align IT GRC with enterprise GRC processes, and integrate bottom-up IT control processes with top-down risk intelligence.”

With the acquisition of vPanorama cloud GRC technology, MetricStream is enabling its customers to seamlessly manage regulatory compliance, privacy requirements, security threats, vulnerability risks, and performance metrics across the entire spectrum of virtual assets in the cloud, as well as on-premise virtual infrastructure.

Martin Kuppinger, Founder and Principal Analyst at KuppingerCole, says, “From the IT perspective, GRC has moved from technical system-oriented approaches towards information and service governance. We found MetricStream’s IT GRC solutions to be well-thought and mature based on parameters such as security, functionality, usability, integration capability, and interoperability. The platform also supports business requirements and integrates with other IT security and GRC point solutions to provide a complete enterprise GRC approach.”

The report also recommends that organizations looking for GRC solutions carefully evaluate GRC solution vendors. As per the report, “There are different vendors with fundamentally different offerings. While some provide Enterprise GRC solutions focusing on specific aspects of business, ignoring IT GRC, there are others who provide Enterprise GRC that support IT controls and integrate with specific IT GRC solutions. Organizations therefore need to evaluate and analyze GRC vendors based on whether the vendor’s roadmap is aligned with the evolutions in the business landscape and if the current offerings are mature enough to support the changing business requirements of organizations.”

Mr. Balasubramanian also goes on to say, “MetricStream has a strong track record in providing IT GRC solutions in the European market, the most recent being the implementation of the solution by one of the world's largest international online sports betting services provider. This is attributed to MetricStream’s understanding of the global markets and the specific GRC needs of organizations in different locations.”

Please click here to download the report.

About MetricStream

MetricStream is a market leader in Enterprise-wide Governance, Risk, Compliance (GRC) and Quality Management Solutions for global corporations. MetricStream solutions are used by leading corporations such as UBS, P&G, Constellation Energy, Pfizer, Philips, BAE Systems, Twitter, SanDisk, Cummins and Sonic Automotive in diverse industries such as Financial Services, Healthcare, Life Sciences, Energy and Utilities, Food, Retail, CPG, Government, Hi-tech and Manufacturing to manage their risk management programs, quality processes, regulatory and industry-mandated compliance and corporate governance initiatives, as well as several million compliance professionals worldwide via the www.ComplianceOnline.com portal. MetricStream is headquartered in Palo Alto, California with European offices in London, Paris, Milan and Basel and can be reached at www.metricstream.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Learn how to solve the problem of keeping files in sync between multiple Docker containers. In his session at 16th Cloud Expo, Aaron Brongersma, Senior Infrastructure Engineer at Modulus, discussed using rsync, GlusterFS, EBS and Bit Torrent Sync. He broke down the tools that are needed to help create a seamless user experience. In the end, can we have an environment where we can easily move Docker containers, servers, and volumes without impacting our applications? He shared his results so yo...
Palerra, the cloud security automation company, announced enhanced support for Amazon AWS, allowing IT security and DevOps teams to automate activity and configuration monitoring, anomaly detection, and orchestrated remediation, thereby meeting compliance mandates within complex infrastructure deployments. "Monitoring and threat detection for AWS is a non-trivial task. While Amazon's flexible environment facilitates successful DevOps implementations, it adds another layer, which can become a ...
With SaaS use rampant across organizations, how can IT departments track company data and maintain security? More and more departments are commissioning their own solutions and bypassing IT. A cloud environment is amorphous and powerful, allowing you to set up solutions for all of your user needs: document sharing and collaboration, mobile access, e-mail, even industry-specific applications. In his session at 16th Cloud Expo, Shawn Mills, President and a founder of Green House Data, discussed h...
The Software Defined Data Center (SDDC), which enables organizations to seamlessly run in a hybrid cloud model (public + private cloud), is here to stay. IDC estimates that the software-defined networking market will be valued at $3.7 billion by 2016. Security is a key component and benefit of the SDDC, and offers an opportunity to build security 'from the ground up' and weave it into the environment from day one. In his session at 16th Cloud Expo, Reuven Harrison, CTO and Co-Founder of Tufin,...
There are many considerations when moving applications from on-premise to cloud. It is critical to understand the benefits and also challenges of this migration. A successful migration will result in lower Total Cost of Ownership, yet offer the same or higher level of robustness. In his session at 15th Cloud Expo, Michael Meiner, an Engineering Director at Oracle, Corporation, analyzed a range of cloud offerings (IaaS, PaaS, SaaS) and discussed the benefits/challenges of migrating to each offe...
SYS-CON Events announced today that MobiDev, a software development company, will exhibit at the 17th International Cloud Expo®, which will take place November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software development company with representative offices in Atlanta (US), Sheffield (UK) and Würzburg (Germany); and development centers in Ukraine. Since 2009 it has grown from a small group of passionate engineers and business managers to a full-scale mobi...
Chuck Piluso presented a study of cloud adoption trends and the power and flexibility of IBM Power and Pureflex cloud solutions. Prior to Secure Infrastructure and Services, Mr. Piluso founded North American Telecommunication Corporation, a facilities-based Competitive Local Exchange Carrier licensed by the Public Service Commission in 10 states, serving as the company's chairman and president from 1997 to 2000. Between 1990 and 1997, Mr. Piluso served as chairman & founder of International Te...
Mobile, social, Big Data, and cloud have fundamentally changed the way we live. “Anytime, anywhere” access to data and information is no longer a luxury; it’s a requirement, in both our personal and professional lives. For IT organizations, this means pressure has never been greater to deliver meaningful services to the business and customers.
In their session at 17th Cloud Expo, Hal Schwartz, CEO of Secure Infrastructure & Services (SIAS), and Chuck Paolillo, CTO of Secure Infrastructure & Services (SIAS), provide a study of cloud adoption trends and the power and flexibility of IBM Power and Pureflex cloud solutions. In his role as CEO of Secure Infrastructure & Services (SIAS), Hal Schwartz provides leadership and direction for the company.
In a recent research, analyst firm IDC found that the average cost of a critical application failure is $500,000 to $1 million per hour and the average total cost of unplanned application downtime is $1.25 billion to $2.5 billion per year for Fortune 1000 companies. In addition to the findings on the cost of the downtime, the research also highlighted best practices for development, testing, application support, infrastructure, and operations teams.
Puppet Labs has announced the next major update to its flagship product: Puppet Enterprise 2015.2. This release includes new features providing DevOps teams with clarity, simplicity and additional management capabilities, including an all-new user interface, an interactive graph for visualizing infrastructure code, a new unified agent and broader infrastructure support.
For IoT to grow as quickly as analyst firms’ project, a lot is going to fall on developers to quickly bring applications to market. But the lack of a standard development platform threatens to slow growth and make application development more time consuming and costly, much like we’ve seen in the mobile space. In his session at @ThingsExpo, Mike Weiner, Product Manager of the Omega DevCloud with KORE Telematics Inc., discussed the evolving requirements for developers as IoT matures and conducte...
Container technology is sending shock waves through the world of cloud computing. Heralded as the 'next big thing,' containers provide software owners a consistent way to package their software and dependencies while infrastructure operators benefit from a standard way to deploy and run them. Containers present new challenges for tracking usage due to their dynamic nature. They can also be deployed to bare metal, virtual machines and various cloud platforms. How do software owners track the usag...
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at @ThingsExpo, James Kirkland, Red Hat's Chief Arch...
Providing the needed data for application development and testing is a huge headache for most organizations. The problems are often the same across companies - speed, quality, cost, and control. Provisioning data can take days or weeks, every time a refresh is required. Using dummy data leads to quality problems. Creating physical copies of large data sets and sending them to distributed teams of developers eats up expensive storage and bandwidth resources. And, all of these copies proliferating...