Made with FlowPaper - Flipbook Maker
< PreviousWe help our customers get into new verticals and markets by dramatically accelerating their time to cloud and market, while reducing the complexity of making their own applications secure and compliant In a nutshell, Anitian automates cloud application security and compliance to accelerate the business growth of its clientele. By harnessing the power and the scale of a pre-engineered cloud infrastructure environment and platform, Anitian enables organizations to accelerate their move to the cloud, enter new markets, and unlock revenue in just weeks. “We help our customers get into new verticals and markets by dramatically accelerating their time to cloud and market, while reducing the complexity of making their own applications secure and compliant with standards like PCI, SOC 2, and FedRAMP, which is required for anyone who wants to do business with the government. Thereby we completely eliminate the complex, time-consuming, and costly compliance mess with our pre-engineered and pre- configured solution,” explains Rakesh Narasimhan, President and CEO of Anitian. The company’s SecureCloud for Enterprise Cloud Security and SecureCloud for Compliance Automation offerings are automated and pre-engineered and can easily be integrated into any cloud application. And by leveraging Anitian’s round-the-clock Security and Operations (SecOps) team of highly skilled security analysts and engineers, organizations can reduce risk, maintain compliance, and improve the overall agility of their business. This way, Anitian helps its clients stay secure and ahead of threats, while maintaining compliance in their own AWS or Azure environment. With its integrated solution, Anitian’s platform has been able to get their customers secure and compliance-ready within a record 60 days. And they continue to do that consistently. Eliminating Manual Compliance In addition to Anitian’s 24x7 SecOps andContinuous Monitoring service, their SecureCloud platforms deliver continuous security and compliance through automated insights and evidence collection, as well as unified cloud security posture management for application environments. Anitian’s DriftDefend technology integrates with environments to automate evidence collection and prevent drift – while providing automated security and compliance insights including gaps, misconfigurations, threats, risk severity, and compliance state with single pane-of-glass visibility.When it comes to cloud security and compliance, Anitian’s customers have traditionally tried to do it themselves or hire an expensive consulting firm. “It's a pretty time-consuming and complex process. Moreover, at the end of that project the consultants leave but the next time something needs to get done you’re back to spending time and resources to try and stay in compliance. We figured this out and created an automated, standardized platform to simplify the processes,” adds Narasimhan. Anitian engineered a complete zero trust cloud application environment made up of 15+ cloud-native tools, and powered by its infrastructure-as-code, security- as-code, and policy-as-code. The platform and environment deploy in one day, already pre-configured to complex compliance mandates like FedRAMP, NIST 800-53, PCI, SOC 2, and ISO 27001. As a result, the Anitian team takes care of the cloud security and compliance infrastructure and works with a customer to seamless achieve compliance and audit- readiness. “When I say pre-engineered, what I mean is, we have native software that can work with a variety of cloud applications and operations – from endpoint protection, SIEM, and encryption to licensing and deployment. Moreover, we’ve created a partner ecosystem in each of these for seamless operation for our customers,” explains Narasimhan. A Proven and Pre-Built Platform For customers who are struggling to speed up the FedRAMP audit readiness and timeline at enterprise scale, Anitian has it sorted. In general, the Federal Risk and Authorization Management Program (FedRAMP) is a complex and resource- consuming process. Anitian’s SecureCloud for Compliance Automation is the only proven and pre-built platform designed to dramatically accelerate FedRAMP audit readiness and compliance. “Because of the way we've architected our platform, it's fully dynamic to help customers achieve seamless compliance within a matter of days,” extols Narasimhan. “That’s the value proposition. It’s speed. Within a quarter we can help take their software and make it available in a new vertical so their salespeople can go sell it and begin to earn revenue.” According to the company, the infrastructure should behave in a way that’s flexible and easy for customers. As the team has done a fair amount of these implementations over time, Anitian’s experts are smarter in making their pre-built infrastructure and platform flexible to allow any application to be integrated with it. Moreover, as the requirements of the clients change, Anitian ensures to build the infrastructure to scale along with it. “We’ve been working with some of the tech giants for quite some time. Being in the AWS and Azure clouds has been helpful as we can sign up or remove instances quickly and dynamically,” adds Narasimhan. In every way, Anitian is committed to and motivated by its customers’ expectations for performance, reliability, technical expertise, and quality. The team is proud to maintain its comprehensive spectrum of certifications from leading organizations. An instance that highlights Anitian’s value proposition is when the team assisted SentinelOne with its compliance requirements. SentinelOne’s cloud-based technology was complex and cutting edge, featuring distributed AI and enterprise-scale data analytics. SentinelOne was anxious to achieve FedRAMP moderate certification and have its solutions hosted in Amazon AWS GovCloud regions so it could grow its footprint in the U.S. federal government and defense marketplace. Anitian SecureCloud for Compliance Automation dramatically shortened SentinelOne’s journey to achieve FedRAMP certification and began generating revenue from U.S. federal government and defense agencies. With Anitian, SentinelOne’s application was audit ready for FedRAMP moderate certification just 10 weeks after beginning the project and obtained their Authority to Operate (ATO) in only 8 months. A Mission to Transform Compliance Today, Anitian is driven by a team of highly skilled and experienced leaders. Its executive team brings together years of experience in cloud security and compliance with many members having built products and companies from the ground up. Together, they are committed to building a product that people love and a culture where people and teams can do great work. Recently, the company raised a $55 Million Series B with a mission to further transform cloud security and compliance. The company also has a clear expansion plan into the enterprise cloud security space while making its compliance offerings broader, even more automated, and simpler. THE ANATOMY OF THE NEW FRAUDSTER AN ESSENTIAL GUIDE FOR FINANCIAL INSTITUTIONS SCAN TO DOWNLOAD bpcbt.com13 I n many ways, COVID-19 has served as a prime example of punctuated equilibrium. Most businesses were caught off-guard when the pandemic forced the workforce to suddenly start working from home, opening the doors to new risks – and challenges. As corporate compliance was already a complex area to maintain, integrating risk management and compliance at home was almost impossible until the recent days. However, automated and interactive solutions that could track employees and streamline compliance operations were introduced into the industry. AI and ML-based chatbots and personal assistants are steadily adopted into workplaces to augment human performance and eliminate time-consuming manual compliance processes. The adoption of advanced AI-driven solutions is an ascending trend within the digital transformation of compliance. Meanwhile, some of the modern and advanced chatbots offer compliance assistance that can enhance compliance managers’ productivity by providing real-time insights, generating reports, and automating a broad spectrum of other compliance-related activities. As the industry is noisy today, filled with numerous compliance solutions, businesses are finding it difficult to find the right solution provider to deal with the changing compliance requirements. This is why GRC Outlook is introducing this special edition on the ‘Top 10 Compliance Solution Providers 2022.’ This special edition features some of the most innovative and cutting-edge compliance solution providers who are creating a difference in the industry. SOLUTION PROVIDERS 2022 TOP COMPLIANCE Allgress enables enterprise risk, security, and compliance professionals the ability to efficiently manage their risk posture. By utilizing advanced visualization, automation, streamlined workflows, and the integration of existing data feeds, Allgress reduces the complexity and cost of risk management. Unlike other risk management solutions, Allgress customers derive value in days rather than months. Anitian is the leading cloud application security and compliance automation provider, delivering the fastest path to security and compliance in the cloud. Anitian automates cloud security and compliance to accelerate business growth. Jeff Bennett Founder, President & COO Management Location Website allgress.com Livermore, CA Rakesh Narasimhan President & CEO Management Location Website anitian.com Beaverton, ORSOLUTION PROVIDERS 2022 TOP COMPLIANCE Assent Compliance is the global leader in supply chain data management. They provide cloud-based software-as-a- service (SaaS) solutions that identify and assess third-party risks, educate stakeholders on regulatory and data program requirements, and increase transparency between businesses. The Assent Compliance Platform is a centralized supply chain data management platform that leverages automated supplier engagement and logic-driven data validation to provide actionable analytics on information. Avatier develops software and delivers services that automate IT operations. Their identity management and access governance solutions make organizations more secure and productive in the shortest time at the lowest costs. Avatier is the only company providing solutions that adapt to the needs of the business user delivering a unified framework for business processes across operations. Andrew Waitman CEO Management Location Website assentcompliance.com Ottawa, Ontario Nelson Cicchitto CEO Management Location Website avatier.com Pleasanton, CA CSS helps financial firms move from a tactical to a strategic approach to compliance to meet regulatory requirements while optimizing compliance data, operations and technology. The company solves global regulatory compliance with an end- to-end, integrated approach to technology and services to offer Compliance-as-a-Service, leveraging a holistic RegTech platform, regulatory expertise and supported by managed services. Doug Morgan CEO Management Location Website cssregtech.com New York, NY Compliance & Risks helps companies unlock market access by simplifying the world of product compliance. They are the trusted market access technology provider for the world’s leading brands. Their software, regulatory content and team of subject matter experts provide the most comprehensive market access solutions in the world. Joe Skulski CEO Management Location Website complianceandrisks.com IrelandSOLUTION PROVIDERS 2022 TOP COMPLIANCE Data Sentinel is a data trust and compliance platform that helps businesses continuously manage their data privacy compliance, governance, and quality in real time. Data Sentinel’s proprietary deep learning discovery technology illuminates the true nature of an organization’s data across all sources and systems, monitoring, measuring, and remediating the data to ensure compliance with company policies and evolving data management privacy regulations. MediSpend is a global technology company that provides best- in-class solutions for the life sciences industry. The company’s compliance system of record works for some of the world’s largest pharmaceutical, medical device, dental and emerging biotech companies around the world. SAI360 helps organizations across the globe manage risk, create trust, and achieve business resilience with a unified approach to risk management. The company's technology empowers customers to focus on developing the right risk culture through a meaningful and effective combination of cloud-based technology and ethics and compliance learning solutions, including SAI360 Integrated Risk Management Platform. Deel is a global payroll solution that helps businesses hire anyone, anywhere. Deel helped thousands of companies to create locally compliant contracts, pay their global teams in their preferred currency and payment method, and stay compliant in more than 150 countries. All in a few clicks, using one powerful dashboard. Mark Rowan Co-Founder & CEO Management Location Website data-sentinel.com Concord, Ontario Alex Bouaziz Co-Founder & CEO Management Location Website letsdeel.com San Francisco, CA Craig Hauben CEO Management Location Website medispend.com Portsmouth, NH Peter Granat CEO Management Location Website sai360.com Chicago, ILDRIVING BLACKLINE’S GLOBAL MARKETING STRATEGY Andres Botero, Chief Marketing Officer, BlackLine 2022 C ompanies come to BlackLine because their traditional manual accounting processes are not sustainable. BlackLine’s cloud-based financial operations management platform and market-leading customer service help companies move to modern accounting by unifying their data and processes, automating repetitive work, and driving accountability through visibility. BlackLine provides solutions to manage and automate financial close, accounts receivable and intercompany accounting processes, helping large enterprises and midsize companies across all industries do accounting work better, faster and with more control. A B2B cloud software industry veteran, Andres is responsible for driving BlackLine’s global marketing strategy as the company seeks to capitalize on the growing worldwide demand for solutions that drive greater efficiency, financial governance and risk management across the spectrum of accounting and financial operations. Andres is a global B2B marketing leader skilled at driving results across all functions of Marketing, as well as disparate geographies, cultures and time zones. He has demonstrated tremendous success working in alignment with Sales organizations to help grow several leading enterprise SaaS/cloud companies and build their brands globally. Andres is also a big proponent of the importance of the Marketing and Finance relationship. Prior to the advent of advanced data analytics, it was difficult for Marketing to accurately demonstrate the return on investment (ROI) for a prospective campaign. Finance had to exercise a degree of trust in Marketing that affected their relationship. This is no longer the case. All the data that is available today, when added to the predictive power of advanced analytics tools, gives Marketing an extraordinary level of accuracy in positing ROI. In turn, this gives Finance the assurance it has always wanted that the investment in Marketing will drive strategic value. For instance, Finance can assess if Marketing achieved its demand generation targets, owned its goals and stuck to them, and spent what it said it was going to spend—not more and not less. Especially for a public company, the ability to hit spending and productivity targets on the Marketing side is essential. Measurable results make the relationship much closer. Finance can trust that Marketing is ROI- oriented, cost-benefit conscious and spending money on the right things. Finance is more assured than ever that Marketing funds and headcount are what they need to be. Consequently, Finance can rely on Marketing to spur demand and help grow the Sales pipeline, as well as the company itself, meeting the goals set out in the strategic plan. Andres’ crystal ball on Marketing in the 2020s: Putting aside the tremendous uncertainty caused by the coronavirus' impact on business generally, Andres believes Marketing will become even more pivotal to the bottom line. We'll see more effort providing unique and differentiating customer experiences, while capturing and analyzing more data to learn more about our customers' needs and pain points. In turn, this will help cultivate a continuing relationship that strengthens their loyalty. As a result, the CMO will become a combination of a CTO, a CFO and a creative boundary-breaker, enlivening the customer experience and using technology to assess and quantify outcomes. Andres came to BlackLine with more than 20 years of experience at B2B cloud enterprise software leaders, most recently serving as Senior Vice President, Alliances, Channels and Chief Marketing Officer at CallidusCloud, a Nasdaq-listed company acquired by SAP. Prior to that, Andres was CMO Andres seeks to accelerate BlackLine’s market momentum and bring the benefits BlackLine’s customers enjoy today to the finance and accounting masses around the world Andres Botero, Chief Marketing Officer, BlackLine at Aria Systems, a cloud-based monetization platform for subscriptions and usage-based businesses, and at Steelwedge, the leader in cloud- based Sales & Operations Planning, acquired by E2Open. Previously, Andres spent over eight years with SAP, where he led global marketing for one of its major lines of business. Prior to SAP, he served in sales operations at Siebel Systems (acquired by Oracle). Andres holds a Bachelor of Science degree in Industrial Engineering from Universidad de Los Andes (Bogota, Colombia) and an MBA from the Stanford Graduate School of Business. He has spoken on many B2B Marketing topics including how to build an advocacy program at scale, the impact of the new generation of MarTech solutions, how to build a modern B2B Marketing program and the benefits of a strong alliance between Sales and Marketing. Going forward, Andres seeks to accelerate BlackLine’s market momentum and bring the benefits BlackLine’s customers enjoy today to the finance and accounting masses around the world. 18 Insights THE ROAD TO CONTINUOUS COMPLIANCE O rganizations are struggling to keep up with the ever- changing regulatory landscape. Coupling these new regulatory requirements with the changes occurring in our technology and application landscape make the compliance burden untenable. When you think about compliance, the innovations that exist in this space are 20th century tools such as Word and Excel to address today’s 21st century compliance challenges. These compliance artifacts are stored in file servers and Governance, Risk and Compliance (GRC) tools and furthermore, this problem is amplified by the fact that compliance needs to be managed across a multitude of standards and frameworks such as NIST, ISO 27001, PCI, SOX, HIPAA, etc. The question that needs to be asked is how can we move compliance from a static, point in time activity to an activity that is real time, continuous and complete? To answer this question, we should look at what other disciplines have done to navigate this road. In the early days of Digital Transformation, Application Developers would write software and hand it off to System Administrators who would test their code, ask questions of the developers who would then make changes and hand the software back to the System Administrators to put said application By Anil Karmel, Co-Founder and CEO, RegScale19 in the appropriate environment. Afterwards, Security staff would be brought in to evaluate the application, document their findings and provide guidance to both Developers and Operators on what changes needed to be made to run these applications in a production environment. All of this back and forth resulted in giant inefficiencies that stymied Digital Transformation. Enter Dev(Sec)Ops. The DevOps Model as defined by Amazon Web Services is “the combination of cultural philosophies, practices, and tools that increases an organization’s ability to deliver applications and services at high velocity: evolving and improving products at a faster pace than organizations using traditional software development and infrastructure management processes.” By employing DevOps, organizations can automate manual and slow processes and leverage technology stacks and tooling to help their staff operate and evolve applications, as well as enable engineers to independently accomplish tasks that would normally require help from other teams. How can we bring the fundamental principles of DevOps to Compliance? I believe the time has come for RegOps (Regulatory Operations). Given my personal affinity for standards and definitions, I’d like to posit the following definition: RegOps is the combination of cultural philosophies, practices, and tools that increases an organization’s ability to ensure compliance of applications and services against regulatory standards at high velocity: evolving and improving compliance and trust at a faster pace than organizations using traditional compliance artifact development and compliance management processes. My fellow co-founder and CTO, Travis Howerton, posited a Compliance Manifesto mirroring the Agile Manifesto with the following 10 principles: 1. Regulations exist to maintain our privacy while keeping us safe and secure – we should honor them 2. Maintaining compliance as a business should be affordable, transparent, and easy 3. Compliance processes that are boring and repetitive should be automated – it is good for the business, good for the regulator, and good for the employee 4. Audits should be simpler and less risky for the business 5. Evidence should always be readily accessible and as near real-time as possible 6. Producing high quality compliance artifacts should be more profitable for the producer while consuming these same artifacts should be cheaper for the consumer – driving mutually beneficial incentives 7. Technology will change over time so any solutions must be extensible to take advantage of future innovations and minimize technical debt for the future 8. Getting started with compliance should be free with the goal of pulling out costs and accelerating business 9. We should build on industry compliance standards while accelerating their adoption 10. Do no harm – if the solution doesn’t improve privacy, safety and/or security, we should not do it Just like with DevOps, it’ll take a cultural transformation coupled with tooling to move from compliance as imagined to compliance as implemented. The time has come to make compliance real-time, continuous, and complete. The road to Continuous Compliance leads to RegOps. Anil Karmel, Co-Founder and CEONext >