Security Experts:

Connect with us

Hi, what are you looking for?



TraceSecurity Launches Affordable Cloud-based Risk Management Platform

New Cloud Solution Helps Deliver “Holistic, Risk-based Information Security Programs” To Improve Security and Compliance

New Cloud Solution Helps Deliver “Holistic, Risk-based Information Security Programs” To Improve Security and Compliance

TraceSecurity, a Los Gatos, California-based firm offering cloud-based IT governance, risk and compliance (GRC) solutions, today launched “TraceCSO”, a new cloud-based solution designed to give businesses of any size the ability to evaluate, create, implement and manage a risk-based information security program.

“Today, organizations struggle with growing risk, complexities, costs and resource demands of deploying and maintaining a complete information security program around risk and vulnerability management, governance and compliance,” the company explained.

A problem for many smaller organizations when it comes to GRC solutions is often the cost. Most GRC solutions are designed for larger enterprises and highly regulated industries, and can be costly both on software licensing fees and implementation costs.

With subscription pricing starting at about $5,000 per year, TraceCSO gives organizations an affordable solution that the company says can be deployed quickly to centralize and tightly integrate key functional areas. These areas include risk management, auditing, governance and compliance reporting; as well as specific areas of policy, process, training, vendor, and vulnerability management, the company said.

“A hosted approach backed with long experience in the field enables a much wider range of organizations to have access to tools for more consistent management of security and regulatory priorities,” said Scott Crawford, Enterprise Management Associates managing research director.

“Many organizations simply do not have access to this capability, or need a more consistent source of insight on objectives and best practices,” Crawford added. “TraceSecurity is helping extend these values to a much broader swath of organizations than many on-premises technologies, and can also go far to help reduce management costs.”

The company says that TraceCSO guides users through the process of implementing and managing a “holistic risk-based information security program” that can identify and reduce many redundant security controls and security gaps caused by disparate systems.

In order to help organizations stay current with the latest regulatory mandates specific to their industry, TraceCSO leverages a global database of hundreds of authorities and more than 25,000 regulations and citations.

“The TraceCSO system is slick and the setup wizard is very intuitive,” said Richard Reinders, Lake Trust Credit Union Information Security analyst. “The assessment structure has so many options, you can take multiple approaches and the system still works. Also, its process management functionality can help us align controls with institution policies that are documented to meet industry regulations.”

TraceCSO’s wizards guide the system set up of adding users and departments, defining permissions and roles, coordinating network scanning, and selecting authority documents.

TraceCSO Report Screenshot

“TraceCSO enables organizations to implement enterprise-level security without enterprise-level overhead or costs,” said Peter Stewart, TraceSecurity President and CEO. “This new product eliminates current barriers of managing an on-going and complete risk-based information security program, including the lack of security expertise, resources and tools.”

TraceCSO will be available later this month directly from TraceSecurity.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Risk Management

A threat-based approach to security often focuses on a checklist to meet industry requirements but overlooked the key component of security: reducing risk.

Risk Management

CISA has published a report detailing the cybersecurity risks to the K-12 education system and recommendations on how to secure it.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...


More than 4,000 internet-accessible Pulse Connect Secure hosts are impacted by at least one known vulnerability, attack surface management firm Censys warns.