Taylor Hersom, Vice President of Business Development for CyberCompass® and head of virtual services for Third Rock, has been asked to serve on the very prestigious  CompTIA Cybersecurity Advisory Board (CCAB). CompTIA is the world’s leading tech association as well as a thought and action leader. CCAB addresses many of the most pressing cybersecurity concerns facing business and government. The board works to identify opportunities for CompTIA to develop cybersecurity initiatives that advance our nation’s cybersecurity readiness. In addition, the CCAB assesses current CompTIA activities relating to cybersecurity and recommends how to integrate those efforts with other thought leaders on the topic, while also identifying gaps in the cybersecurity ecosystem that CompTIA might consider filling. 

Hersom will be working with thought leaders from higher education, legal and cybersecurity fields. The CCAB’s main purpose is to provide a venue where these members can discuss the most critical issues the industry faces, leading to prioritized projects and actionable results. Recently, CompTIA has been actively involved in working with  Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) to maintain critical functions throughout the COVID-19 pandemic (see full article here) as well to providing thought leadership with emerging transformational technologies such as 5G. See all of their latest news and press releases.

Round Rock, TX, April 15, 2020 – Third Rock, a cybersecurity and compliance firm, and creator of CyberCompass® cyber risk management software, is excited to announce the addition of Taylor Hersom to its team to serve in a dual capacity. Mr. Hersom will be heading up CyberCompass® distribution channel development. His specific goal will be to help operationalize channel partners in translating cyber risks to better market their cybersecurity solutions, stated Robert Felps, CEO of Third Rock and CyberCompass® LLC.

Mr. Hersom’s previous experience was with Deloitte risk management practice. He recently served in helping lead business development for a cybersecurity firm that promoted CyberCompass®. His background provides a unique set of skills in translating how cyber risk management can drive the optimization of cybersecurity and compliance solutions. Mr. Hersom has been using CyberCompass® for over a year with his previous customers. “Most cyber risk management tools focus on technology, so that leaves companies with a false sense of security and lack of insights into their cyber risk. I have worked with several software applications, and I haven’t seen anything with the potential and power of CyberCompass® to deliver a complete 360-degree integration across people, processes, technology, and vendors,” said Hersom.

“We are excited to add Taylor to our team, especially during this time when businesses need our help in getting higher levels of cybersecurity and compliance quickly,” stated Felps. “Taylor brings a depth of knowledge and unique insight to rapidly improve our automation and usability in  assessing cyber risk, managing remediation, and ultimately improving their cyber protection.”

Hersom has also been tapped to lead Third Rock’s virtual services growing practice. Third Rock developed CyberCompass® software to provide faster, more complete cybersecurity and compliance at an affordable price. Given the impact on businesses with COVID-19, Third Rock clients are seeking to have virtual Chief Information Security Officer and virtual Chief Compliance Officer expertise as they quickly transition their businesses and improve cybersecurity with a dispersed workforce. “Having Taylor lead our virtual practice within Third Rock allows him to be involved with understanding client needs as they change and translating those needs to CyberCompass® enhancements,” stated Felps.

About Third Rock

Third Rock is a cyber risk and compliance management professional services firm. Based in Round Rock, Texas, Third Rock services include risk assessments, remediation, and rapid incident response in less 65% less time than other firms. Third Rock built a turnkey, simplified, best in class cyber risk management, cybersecurity and compliance software CyberCompass®.

About CyberCompass® LLC

CyberCompass® cloud-based software empowers and enables businesses to manage and monitor their cyber risk at a holistic level. It is the only cyber risk management and compliance software with one assessment to meet multi standards for both cybersecurity and government privacy regulation such as HIPAA, CCPA, and GDPR. The platform includes tools and guidance for hardening an organization’s IT systems, refining their operational processes, engaging employees with cyber training, and managing vendor compliance. Excess Line Association of New York (ELANY) offers a complimentary subscription to CyberCompass™ for active members to become compliant. CyberCompass®, LLC was recently established as it’s own legal entity.

We are pleased to announce six new enhancements that make using CyberCompass® even easier:

As a main distributor of CyberCompass®, we are excited for how these new enhancements can help our customers better manage their cyber risk.

Leading edge security

• Added encryption means whether you’re just working in your account, uploading documents or downloading them, all your data is secure.

Encrypted Attachment Vault:You asked, we delivered!

• Seamless ability to upload multiple attachments with ease
• More confidence while maintaining your required compliance documentation
• Each file is encrypted for greater security
• Electronically store and delete attachments at any time 

 Expedite User Login

• Token-based authentication for faster repeat logins

 New wider viewpoint with more pixels

• The user view area is now wider on the web page
• Increase the available real-estate on your screen
• See more at one time

 New Remediation Issues List Layout

• New redesigned issues layout provides more information at your fingertips. 
• Easier to interpret results with new graphs: provides you more information on true state of the issues at a glance
• Updated Issues List provides more details including:
  • Threat Rank
  • Last Activity
  • Assignment information
  • Notes Icon
• Simplified filtering to get to your information faster: format and filter to get to the issue that meets your business needs

 Issues View now has more flexibility to better manage

• Traverse through issues using the “Previous” and “Next” buttons
• Improved page layout for easier reading and updating.

Are you looking for a solution to provide holistic coverage across your people, processes, technology and vendors? Contact us today to start your journey toward cyber resilience.

Third Rock, powered by CyberCompass®, now includes the NYDFS security risk assessment required by all New York financial entities.  The NYDFS Cybersecurity Regulation (23 NYCRR 500) is “designed to promote the protection of customer information as well as the information technology systems of regulated entities”. This regulation requires each company to conduct a risk assessment and then implement a program with security controls for detecting and responding to cyber events.

The NYDFS has supervisory power over banks, insurance companies, and other financial service companies. More specifically, they supervise the following covered entities:

• Credit Unions
• Health Insurers
• Investment Companies
• Licensed Lenders
• Life Insurance Companies
• Mortgage Brokers
• Savings and Loans Associations
• Private Bankers
• Offices of Foreign Banks
• Commercial Banks

There are some exceptions to entities that have to meet the regulations.

NYDFS requires entities to complete the following:

• Risk Assessments
• Audit Trail including updated policy and procedures
• Incident Response Plan

CyberCompass® automates the numerous steps to completing a risk assessment with its on-demand, cloud-base software so a security risk assessment can be completed in 70% less time.  It offers the unique feature to go beyond technology for information security and add the people, process and vendor compliance for information security.  

“We expect what is happening in New York to happen across the country,” stated Robert Felps, CEO.  “We have engineered CyberCompass to help companies meet regulations faster and require less work hours through built-in expertise and automated workflow.”

With Third Rock expertise and guidance, we work with you to use CyberCompass® to increase your compliance and manage your cyber risk.

Steps necessary to complete Security Risk Assessments	How CyberCompass® automates workflow to complete a security risk assessment with its built-in expertise.
1.  Identify threats and vulnerabilities	By answering our online, on demand risk assessment survey.  The questions have been specifically tailored and written in simple language to meet the NYDFS regulations and combined our cyber security risk expertise to assess your employees, processes, technologies and vendors.
2.  Qualify the extent of the risk	By answering our online, on demand risk assessment survey.  The questions have been specifically tailored and written in simple language to meet the NYDFS regulations and combined our cyber security risk expertise to assess your employees, processes, technologies and vendors.
3.  Mitigate the risks to reduce them to an agreed and acceptable level	CyberCompass® automatically provides the corrective actions with a step by step guide that helps you  ‘terminate’ the risk by eliminating it entirely, ‘treat’ the risk by applying security controls, ‘transfer’ the risk to a third party, or ‘tolerate’ the risk.
4.  Update policies and procedures	CyberCompass® has a built-in template to provide you a complete set of policies and procedures.
5.  Create incident response plan	A unique feature, only CyberCompass® can create the required incident response plan
6.  Review, monitor and audit.	Utilizing CyberCompass® software subscription and built in notifications, CyberCompass® empowers you to manage cyber risk in one place across the entire organization.

Round Rock, TX, July 9, 2018 – Third Rock, cyber risk management firm, announces the addition of Mike Moran, CISSP to its Board of Advisors as Senior Security Advisor. Moran is a veteran of the software industry and is focused primarily on applications and development tools, with a secondary focus on high availability, high traffic web sites.   His past projects include architecting and supporting real-time online access to three Olympics and maintaining a healthcare billing system with over 100 million bills per month.

“I’ve known Mike for over 20 years and consider him one of the best database and security experts in the world.” says Robert Felps, Third Rock CEO. “He also has proven experience as a site reliability engineer on high traffic websites with high availability demands, which makes him a great system expert of a broad range of UNIX and Linux systems.”

Moran stated that “Third Rock is advancing cyber risk to deliver a simple, complete set of tools for cyber risk not matched by competitors that clients can easily manage against cyber threats.  I am excited to be part of this innovative team.” He will focus on improving application robustness, tightening security implementations and providing cyber security expertise for Third Rock’s unique software, CyberCompass™.’ He recently completed network and vulnerability scans for a company and discovered several vulnerabilities that had not been uncovered by their IT functions.

Moran is a Certified Information Systems Security Professional, earning his undergraduate degree in Computer Science from Purdue University and his graduate degree in Technology Commercialization from the University of Texas at Austin.

More than half of companies impacted by GDPR are not ready for May 25^th deadline

Round Rock, TX – April 26, 2018 – Third Rock, a supplier of cyber risk management software, announced today the launch of its General Data Protection Regulation (GDPR) Risk Assessment, the newest enhancement to its cyber risk management software to help companies become GDPR compliant before the May 25, 2018 deadline set by the European Union (EU).

GDPR applies to every company that collects, processes or stores an EU citizen’s data, regardless of sector, size and geographical location. The consulting firm Gartner estimates that more than half of the companies that are subject to the GDPR will not be in compliance this year and will be at risk for fines by the EU. A risk assessment is a required action to meet GDPR compliance regulations for protecting EU citizens’ data.

The full integration of the GDPR assessment into Third Rock’s current web based cyber risk management software platform, CyberCompass™, allows companies to quickly complete the assessment and then automatically generate a prioritized corrective action plan.  Robert Felps, CEO of Third Rock, explained, “This software provides rapid benchmarking of an organization’s compliance status, prioritizes needed corrective actions, and maintains the Body of Evidence in the event of an audit by regulatory authorities.  Companies can then choose to implement the corrective actions themselves, collaborate with Third Rock, or engage their current compliance consulting firm. Most companies can achieve GDPR compliance in approximately two to twelve weeks.”

Third Rock’s CyberCompass™ GDPR Risk Assessment provides a comprehensive, user-friendly experience. Most companies use a mix of forms and spreadsheets to manage cyber risk. Natan Bradbury, CEO of VITECH Pros who partnered with Third Rock to test the new assessment stated, “You don’t know how long I’ve been looking for an application like this!  I’ve been cobbling together Excel and Word documents and some other tools to complete assessments.”  CyberCompass™ has been documented to achieve 65% time savings compared to other assessment approaches.

 About Third Rock

Third Rock specializes in simplifying cyber risk management to enable organizations to holistically assess and manage their cyber risk by engaging employees, refining processes, and hardening technical systems, creating a culture of Cyber Confidence℠. Third Rock’s CyberCompass™ software includes: HIPAA, GDPR, NIST SP 800-171, and SECURETexas assessments, along with comprehensive workstation and network vulnerability scans. Third Rock is proud to partner with Texas Medical Liability Trust and Texas Health Services Authority. Learn more at ThirdRock.com.

Third Rock Enhances SECURETexas Capabilities

Customized to over 20 types of healthcare specialties for better

protection of patient information against cyber threats 

  Austin, TX – March 21, 2018 – Third Rock, a preferred vendor for Texas Health Services Authority (THSA), has further simplified the SECURETexas certification process by offering a unique customized security risk assessment approach based on an organization’s practice area. Third Rock has customized its web-based security risk assessment tool for more than 20 different healthcare practice types, including urology, pediatrics, orthopedics, urgent care, primary care, optometry, dentistry, and home health, saving users’ time by assessing only those issues pertinent to that practice type.  No other vendor offers this level of automated customization for the SECURETexas certification program. The SECURETexas certification program is included in Third Rock’s CompassDB™ cyber risk management platform. Third Rock has shown that organizations can realize a 66% reduction in work hours by utilizing Third Rock’s Compass DB™ software compared to other labor-intensive security risk assessment approaches.  Third Rock’s CompassDB™ reduces the complexity of assessing and managing cyber security and compliance, especially for smaller and medium size health organizations that are most vulnerable to cyber attacks. “Healthcare organizations are highly-targeted by cyber threats yet have the lowest utilization of risk management software to help manage their risks.  With cyber security now an urgent issue for all healthcare entities, our goal is to make protecting patient information easy and intuitive with a one-stop solution,“ stated Ed Jones, Third Rock’s Chief Compliance Officer. Additional focused and customizable surveys have been programmed into Compass DB™ to meet the comprehensive SECURETexas requirements.  These surveys are fully integrated into the Compass DB™ platform and provide direct references and links to Texas regulations. Completion of the SECURETexas assessment in Compass DB™ automatically generates a prioritized risk management plan, including the corrective actions required, along with policies and procedures, user training, vendor management, a reference library and extensive collaboration tools. Completing an annual security risk assessment is a requirement for meeting federal HIPAA compliance regulations, while SECURETexas ensures Texas’ privacy and information protection requirements are met. SECURETexas certification can be a mitigating factor when a court or state licensure agency imposes a penalty for violation of the Texas Medical Records Privacy Act. About Third Rock Based in Round Rock, Texas, Third Rock is a cyber risk and compliance management firm.  Third Rock has built a turnkey, simplified software platform, CompassDB™ to give organizations the ability to manage and monitor their cyber risk at a holistic level. The platform includes tools and guidance for hardening an organization’s IT systems, refining their processes, and engaging employees to create a culture of Cyber Confidence. Third Rock is the only firm to include a comprehensive compliance and vulnerability scan of an organization’s computers with their SECURETexas assessments. Learn more at ThirdRock.com.  About THSA The Texas Health Services Authority (THSA) was established by the Texas Legislature for the purpose of promoting, implementing, and facilitating the secure electronic exchange of health information. The THSA accomplishes this purpose through its health information exchange (HIE) and privacy and security certification and supporting programs. Learn more about the THSA at www.thsa.org.

Round Rock, TX – December 19, 2017 – Third Rock, who was awarded preferred vendor status with Texas Health Services Authority (THSA) in August this year, has streamlined the SECURETexas certification process to help healthcare organizations reduce liability by better securing patients’ Protected Health Information (PHI). Third Rock has incorporated the question set for the SECURETexas certification program into CompassDB, Third Rock’s compliance management system.  Third Rock has shown that by utilizing CompassDB, organizations can reduce man-hours for performing and reporting a security risk assessment by up to 66%, compared to other security risk assessment tools and methods. “We understand that most healthcare practices want to improve their cybersecurity, but don’t have the expertise or time to perform a comprehensive risk assessment.  Our goal is to make protecting patient information easy and affordable as cyber threats in healthcare continue to increase,“ stated Ed Jones, Third Rock’s Chief Compliance Officer. The SECURETexas certification is available for covered entities and business associates operating in Texas that are subject to privacy and security regulations. Certification involves engaging a SECURETexas Preferred Vendor, such as Third Rock, to assess the covered entity’s compliance against the SECURETexas privacy and security standards, then remediating any identified deficiencies.  SECURETexas certification can be a mitigating factor when a court or state licensure agency imposes a penalty for violation of the Texas Medical Records Privacy Act. Third Rock’s CompassDB software is a comprehensive cloud-based Compliance Management Platform that makes managing cybersecurity and compliance easier and less costly, especially for smaller and medium size healthcare organizations that are most vulnerable to cyber attacks. This tool will help healthcare entities attain SECURETexas Certification, as well as meet HIPAA compliance requirements, with capabilities that include an automated risk management process, vulnerability and compliance scanning tool, workforce compliance training, and continually updated policies and procedures.   About Third Rock Third Rock is a cybersecurity and compliance firm based in Round Rock, Texas whose purpose is to help businesses protect their customers’ information. Third Rock offers a unique turnkey, simplified approach to cybersecurity and compliance that engages employees, refines processes, and updates technology to move organizations to a culture of compliance and protection. Learn more at ThirdRock.com. About THSA The Texas Health Services Authority (THSA) was established by the Texas Legislature for the purpose of promoting, implementing, and facilitating the secure electronic exchange of health information. The THSA accomplishes this purpose through its health information exchange (HIE) and privacy and security certification and supporting programs. Learn more about the THSA at www.thsa.org.

FOR IMMEDIATE RELEASE        

THIRD ROCK BECOMES A CIS SECURESUITE MEMBER 

Round Rock, TX,  September 21, 2017 – Third Rock, a compliance management software and consulting firm, announces the addition of Timothy Sullivan to its Board of Advisors. As a technology innovator and entrepreneur spanning four decades, Mr. Sullivan has created constructive disruptive technologies, products and services. He has grown more than a half-dozen companies in several industry sectors including software, medical devices, and biotech. Three of these companies were acquired by major corporations. Mr. Sullivan holds undergraduate and graduate degrees in Business, Physics, and Strategic Foresight from the University of Wisconsin-Oshkosh and the University of Houston. He joins Third Rock as the Senior Strategic Advisor with responsibility for strategic planning, development, and execution. “I’ve known Timothy for over 20 years and consider him one of the best business advisors in the country.” says Robert Felps, Third Rock CEO. “His experience and success in growing numerous companies in several industries and his board level involvement with the UT/Dell Medical School, BioAustin, and Austin Technology Council make him a great choice to guide our strategic development and execution at Third Rock. Plus, his passion to protect the quality of life makes him a perfect fit. We’re excited to have him join our team.” Mr. Sullivan asserted, “The CompassDB technology is a wonderful example of what happens when an experienced and motivated product development team applies creativity and innovation to solve real world problems. Third Rock’s cybersecurity and compliance products set a new benchmark that will enable both small and large medical service providers to defend their business operations against cyber threats and maintain compliance with government standards.” He continued, “I am honored to join the Third Rock executive team to help craft and execute the commercialization strategy for the many cybersecurity and compliance products that will flow from the CompassDB technology platform.” About Third Rock Services Third Rock is a thought leader on HIPAA compliance and cybersecurity.  Powered by CompassDB^™, a compliance management platform, Third Rock makes HIPAA compliance simple, easy, and affordable for healthcare organizations and their business associates. Their complete HIPAA solution includes everything an organization needs to become HIPAA compliant as well as easy-to-follow guidance for improving its cybersecurity. For more information, please visit thirdrock.com.