MILFORD, CT - October 24, 2006 A uniquely powerful self-assessment and security planning tool for financial services institutions was announced today by Perimeter, the only provider of complete e-security on demand. In a twenty-minute online session, the powerful RiskProfileTM system helps IT and technology executives align security plans and spending with the business risks of their institutions, and provides valuable data benchmarking the user's results against other institutions.
The no-obligation service is free through December 31 to help build the largest possible industry database. Initial system templates and processes are tailored to banks and credit unions, including preset, adjustable templates for five types of institutions from the smallest to billion-dollar, multi-branch firms.
A wide range of security and financial services industry experts have co-developed the new planning tool, including Federal and industry regulators from several agencies, outside security professionals, bank security officers and a dozen top security professionals at Perimeter. More than two years in development, the Risk Profile system is built atop industry best practices gleaned from Perimeter's own decade of experience providing e-security to nearly 2,000 financial institutions.
By yearend, RiskProfile is expected to aggregate and assess security processes at more than 1,000 institutions, providing the first industry-wide, statistically significant benchmark for comparison of industry security practices. In 2007, the system will deliver peer-to-peer benchmarking as well as detailed reporting, progress tracking of individual institutional improvements and comparisons to best practices. The program expands to other industries in 2007.
Aligns security needs with business risks
"With hundreds of different security technologies available today, businesses often don't know where to start. As a result they often spend money on the wrong technologies," says Perimeter CEO Brad Miller. "Perimeter has devoted thousands of man-hours to design a tool that looks first at the threats in order of importance and then prioritizes network security efforts to minimize those threats," Miller says. This objective, benchmark-oriented tool helps financial institutions spend their security budgets more wisely and appropriately, aligning dollars directly with optimum business risk reduction.
"Too many networks are secured 'backwards,' focused first on technologies and second on business risks those technologies are mitigating," says Miller. Risk Profile works in reverse of most risk assessments by ranking an institution's business processes according to their importance to the business and its vulnerability to financial, regulatory, and reputational impact. The system profiles appropriate risk mitigation solutions and scores business processes on their current level of mitigation. It shows the actual percentage of total organizational risk each business process accounts for, offers prioritized recommendations to mitigate risk, and indicates where procedure changes might help.
"RiskProfile provides an unprecedented snapshot of what technologies and risk mitigation strategies are in use across the industry," says Kevin Prince, Perimeter's Chief Security Officer. "We will look at this information in aggregate and share it from time to time with the industry. Confidentiality of all respondent data is of course guaranteed by Perimeter's privacy policies."
Basic profile offered for free
"Early enthusiastic response to the RiskProfile system has been exciting," says CEO Miller, with nearly 500 institutions conducting self-assessments and populating the system's database in less than sixty days of beta testing. To build the industry's first comprehensive database, Perimeter is waiving the cost of initial self-assessments. Included in the no-charge assessment is a free RiskProfile report and benchmarking information as it becomes available. Next year, an enhanced system will deliver ongoing monitoring, performance comparisons, and granular peer-to-peer benchmarking and analysis for a fee.