Full compliance with regulations that govern data involves a lot more than just ticking the POPIA or GDPR box. Today, businesses have to consider the implications of cyber governance and risk, a new dimension to compliance that is likely to be around for some time to come.
This is the core message that specialist systems integrator Nexio and its partner ICT services provider OpenText plan to relay to delegates attending the ITWeb GRC 2023 conference on 16 February at the Capital Empire in Sandton, Johannesburg.
Lead sponsor of the event OpenText is focused on application delivery, modernisation of applications, IT operations, AI, analytics, and specifically governance. It also has a cyber security practice that has strong links to Nexio’s own cyber security practice. As an OEM, Opentext supports Nexio with products and solutions to drive Nexio’s strategy around cyber GRC.
The industry partners leverage this synergy to support their assertion that companies ought to have a cyber GRC controlling entity in place, one that can handle all facets of GRC related to cyber and IT.
To add clarity, Brett Orwin, EHOD: network and collaboration, Nexio SA, said the plan is to answer key questions such as what a cyber GRC controller is, what it does, when, where, how and why.
Specifically the companies will showcase the value that this controller offers to a company’s board.
“Most importantly, how does this support the board in their ultimate accountability should there be a breach. For us it’s important that we talk about cyber GRC and not just GRC, and we believe these areas are far too fragmented in larger organisations and should be centralised reporting into the board,” said Orwin.
One of the main objectives for Nexio and Opentext is to explain why cyber GRC can help boards with the challenge of complexity at scale. “There is a need to address GRC holistically across the enterprise and not in specific divisions of the enterprise. That’s a problem that we see regularly,” said Christiaan Swanepoel, cyber security enterprise senior sales specialist at OpenText.
A key challenge for business leaders is the ability to address GRC holistically across the enterprise.
“You have a CFO that has a specific mandate to address his compliance and GRC requirements, you have a CTO that is looking at it from a different angle, you have an IT executive that’s looking at it from an operational perspective and the problem is as an organisation you struggle to be aligned in terms of addressing GRC,” Swanepoel added.
This is where Nexio comes in says Swanepoel, to use that seniority and knowledge across the enterprise to try and have an organisation become more compliant and reduce their risk by adhering to all the governance and compliance, be it statutory or internal.
OpenText drives the tools and technologies that assist organisations in becoming more compliant with GRC.
The tools and technologies available from OpenText and Micro Focus specifically address activities in support of enterprise visibility and asset management. Within the IT Operations Management (ITOM) capability stack, the universal configuration management database (UCMDB) seamlessly provides the ability to discover and manage IT assets visible, in a centrally accessible database that informs and manage IT assets throughput its life-cycles.
Also, with the addition of operations orchestrator (OO) and hybrid cloud management (HCM) increases the scale of efficiency by decreasing the factor of time in remediation requirements through the automation of vulnerability and patch management activities.
“GRC approaches and solving GRC problems has a massive impact. So business experts like Nexio would then take the tooling, apply it into the correct processes and advise the organisation as to how to executive successfully towards a GRC plan. This is where the symbiosis comes in between Nexio and OpenText, they utilise our knowledge on tooling and technologies, and we utilise their knowledge on the business process and compliance aspects as to how to actually address it correctly in our market. Remember our market is quite unique in the world and you need to have those experts in the field that understand our legalities and compliance requirements.”
Share