Accolite: Redefining Corporate Governance to Enhance Business Resilience in the Age of Cyber Risks

CIOReview Team | Monday, 30 January 2017, 05:43 IST

Economies all around the globe are rapidly growing and with this massive growth the reliance on healthy electronic transactions and stable IT platforms increased many folds and now it is at point where it has become a vital component for the continued growth and success. With the rapid growth in-came the new classes of business risks, transaction frauds, data loss and much more. And these risks increase even further as we start looking at the new trends which businesses are moving into:
• Migration of business process to cloud & SAAS
• Aligning with external partners, vendors, employees working from different locations
• New set of devices BYOD (Mobile, tablets) connecting to organizations secure network 
• Social Networking becoming a way of life

The challenge is to find a right balance between the controls to handle the increased risks and the flexibility which businesses wants. It is a question of risk and trust.  “Our expertise at identifying application level risks, combined with the ability to simultaneously analyze internal and external security intelligence, along with asset criticality at scale, provides unparalleled visibility into cyber risks, hence driving actions quickly and efficiently.” Says Leela, CEO Accolite

Accolite is headquartered in Dallas, USA, with development centers in Hyderabad, Bangalore and Delhi in India. Accolite combines industry experience of 70+ person years in Cyber Security leadership across multitude of industries segments. Incepted in 2007, under the leadership of Leela Kaza, President and CEO, Accolite caters to services for Application Development, Application Maintenance, Cyber Risk & Governance, IT & Management Consulting, Product Engineering, Staff Augmentation, Testing and Technology Due Diligence. Accolite Cyber Security experts help its customers with industry specific best practices “Our services are targeted at information protection and access, operational resiliency, risk identification, mitigation and compliance, to guide Information Risk and Security Organizations across the world to ensure protection from cyber attacks, DDoS and Malware.” affirms Leela.

Data breaches and cyber-attacks on various organizations keep coming in the news every now and then. These breaches end up exposing sensitive records, health/pharma information, financial information (debit/credit card details), email addresses and in some cases even the personal information like social security numbers/home address to cyber criminals. According to the PWC Global Security Survey, the average number of information security incidents detected Y-o-Y by respondents increased by 117 per cent. They went up from 2,895 in 2014 to 6,284 in 2015.Traditional corporate firewalls are no more effective in protecting against the threats and this has made security and risk management as one off the top agenda of boards of directors. Cyber Security leaders are looking forward to enhance the way they communicate value, importance and status of program activities by linking to business goals and objectives, not by presenting technology metrics and project status.

Bottom Up’ GRC Policy to Protect Data Integrity

Backup and recovery is the most well-established and common data management practice, yet, it is arguably the most complex and difficult to administer. Accolite understands the urgency of data protection and thus deploys a ‘Bottom Up’ GRC Policy to take counter measures for security threats. The process starts with identifying Venerability’s and their effective remediation. To prevent Data Leaks caused as a result of Hack Attacks and Malwares, Accolite offers Governance Services for data classification, detection, prevention and encryption of data. This is further strengthened through Periodic access review and Privileged access management. Accolite brings to the table IT Governance and Advisory Services; along with solutions for Audit and Advisory; and IT GRC Platform Support & Maintenance.

Accolite believes that with the breaches becoming the new norm, having an effective cyber security policy is critical for organization of any size. Following this approach, Accolite outlines several security policies, procedures and advises its customer based on their needs and their IT complexities. Accolite renders compliance services to its customer for compliance with PCI-DSS and ISO 27001,HIPAA, BASEL II, GLBA and NIST. Besides, Accolite also considers that a proper training should be a mandatory requirement for an organization to become compliant with several industry norms. Accolite therefore, hosts Process Owner Workshops and endows Interactive Learning Solution on Corporate Governance and Risk and its impact. The firm also conducts security awareness testing through safe and controlled replication of social engineering threats; and organizes End User Trainings on Professional Ethics and Adherence to Corporate Governance Policies.

Accolite- CRGS Suite for End-To-End IT Security 

The integrity of information technology (IT) systems is vital for business success. However, perfect cyber security can rarely be achieved without unacceptable commercial constraints, and companies that underestimate their risks or misjudge the effectiveness of their controls may endure significant operational disruption, financial loss, strategy compromise and reputational damage. This is what the risk and reward spiral and companies have to strike a right balance. Accolite focus on Consulting, Advisory/Strategy, Architecture, Deployment, Maintenance services, IAM, Access Governance, SIEM (Security Information and Event Management), GRC, Network Security and Application Security. CRGS practice enables evaluation of various security products, along with the experience of their vendors, to develop a roadmap/strategy for new clients.

Accolite takes into consideration current day digital business challenges. Accolite assists clients to develop a compelling strategy for Risk and Security Management based on establishing Trust and Resilience in Digital infrastructure. The firm develops a strategy to embrace the defined principles of resilience to move from check box compliance to risk-based thinking; and supporting organizational outcomes rather than protecting the infrastructure. Accolite implements and manages a Formal, Process-Based Risk and Security Management Program that enables organizations to shift from being the righteous defenders of the organization to acting as the facilitators of balance; and thus become a ‘people focused’ organization than being a ‘technology focused’ one. 

Further, in its attempt to ameliorate risk identification, Accolite offers services for actionable risk intelligence. The approach revolves around four key focus areas of monitoring, analysis, information exchange and reporting; with monitoring being the key to empower risk identification. Initiating with asset identification and analyzing of risks associated with them; the robust risk identification process sets up organization for a robust security posture. Once risks are identified and documented the next step is analysis that involves the risk mitigation options. Exchange and reporting follow the process of analysis and are key in ensuring that all concerned parties are fully aware about the risks and their potential impacts. “If employees are educated on the risk and its potential impacts, then the chances of their active participation in implementing all mitigation steps are much higher.” claims Leela.

Accolite also acknowledges the fact that identity centric threat protection improves risk, threat and compliance postures by correlating the identity of users with source data from any database, application, server, appliance or mobile device. The firm thus equips clients with Risk Based Access Management Approach that includes Access Management, Federated Identity Management, Entitlement Management Access Certification and Governance Directory Services. Using multiple attributes, the algorithms of the approach continuously refine and report on threat patterns, hence enabling organization to predetermine the roadmap to cope with identity breaches that might happen in the future. 

Anticipating Tomorrow’s Threats

With analytics becoming a major tool in protecting organizations; there is a lot of work going on to make systems more intelligent and to predict the outcomes based on the current conditions. Accolite also plans to sum up the industry experience gained till date with the market observations and build a security roadmap to add more analytical features to its solution suite. The company has built a solution for C-level team to provide organization’s security infrastructure health score at any given point of time; and plans at building more industry specific solutions in near future. Moreover; currently serving clients in India and USA; Accolite targets to onboard clients from other nations in the upcoming years, to spread its wings geographically and technologically in cyber security space. 

Don't Miss ( 1-5 of 25 )