CHELMSFORD, Mass. - April 21, 2008 - ClearPoint Metrics, a leader in performance management and metric solutions, today announced that Jim Acquaviva, President and CEO, will be presenting at the upcoming 2008 FS-ISAC member meeting and conference being held May 5 to 7 at the Don Cesar Resort in St. Pete, FL.  ClearPoint Metrics is an Affiliate Member of the Financial Services Information Sharing and Analysis CenterFS-ISAC). 

The FS-ISAC, in collaboration with the U.S. Department of Treasury and the Financial Services Sector Coordinating Council (FSSCC), serves to enhance the ability of the financial services sector to prepare for and respond to cyber and physical threats, vulnerabilities and incidents, and acts as the primary communications channel for the sector.  As a member-owned organization, FS-ISAC looks to include and accept only those companies that are leading the charge for secure data in the financial services sector. 

FS-ISAC’s member meeting and conference brings together leaders in the financial services sector to share information and exchange ideas on issues and trends related to protecting critical infrastructure and information assets.  This year’s theme, “Enabling Preparedness: Charting the Threat Landscape”, sets the stage for tracks on crisis management, information security, compliance and more.  Acquaviva will discuss how leading Global 2000 companies are using the ClearPoint Metrics’ Security Performance Manager solutions to develop and implement IT and Information Security performance management and metrics programs. 

ClearPoint Metrics’ Security Performance Manager and related subscription offerings equip global 2000 companies in the banking, insurance, brokerage and credit cards industries to reliably measure, monitor and communicate the state, business impact and effectiveness of their IT governance, risk and compliance initiatives.  Just as the FS-ISAC provides security alerts to its members for immediate information sharing to maximize each organization’s security posture, ClearPoint Metrics provides CIOs and CISOs with the hard facts and data from their disparate infrastructure systems to make better informed decisions on information security risk management. 

About FS-ISAC
Launched in 1999, FS-ISAC was established by the financial services sector in response to 1998's Presidential Directive 63. That directive - later updated by 2003's Homeland Security Presidential Directive 7 - mandated that the public and private sectors share information about physical and cyber security threats and vulnerabilities to help protect the U.S. critical infrastructure.  Constantly gathering reliable and timely information from financial services providers, commercial security firms, federal, state and local government agencies, law enforcement and other trusted resources, the FS-ISAC is now uniquely positioned to quickly disseminate physical and cyber threat alerts and other critical information to your organization. This information includes analysis and recommended solutions from leading industry experts.   www.fsisac.com. 

About ClearPoint Metrics
ClearPoint Metrics solutions enable IT and Security executives and their teams to consistently and reliably measure, monitor and communicate the state, business impact and effectiveness of their IT governance, risk and compliance initiatives.  As both regulatory and best practice frameworks mandate the use of metrics, ClearPoint delivers both the hard facts and data that evidence the existence and efficacy of internal controls and the executive views and scorecards that enable evaluation of performance and alignment with business objectives.  CIOs and CISOs of leading Global 2000 companies rely on ClearPoint Metrics software and best practice know-how to quickly and cost effectively implement a successful metrics initiative supporting their strategic imperatives and establishing a foundation for constant improvement in safeguarding their organization’s information assets.  www.clearpointmetrics.com.

CHELMSFORD, Mass. – April 16, 2008 - ClearPoint Metrics, a leader in performance management and metric solutions, today announced that Jenn McAuliffe has been appointed VP of Sales. In her new role, Ms. McAuliffe will be responsible for building and managing the sales team, defining and refining our customer acquisition strategies and ensuring successful delivery of our customer fulfillment and retention programs.

ClearPoint Metrics delivers a purpose built solution for CIO’s and CISO’s and their teams to implement an enterprise IT and information security metrics programs. ClearPoint’s Security Performance Manager is an integrated software and best practice content solution that fuses data from existing infrastructure tools and systems enabling organizations to consistently and reliably measure, monitor and communicate the state, business impact and effectiveness of information security initiatives.

“Jenn has demonstrated a remarkable intellect and capacity to grasp the essence of our value proposition, communicate it simply and succinctly to our prospects and orchestrate a process to bring opportunities to closure,” said Jim Acquaviva, President and CEO of ClearPoint Metrics. “Under her leadership, we have grown significant customer relationships with CIOs and CISOs in leading global 2000 companies. We are fortunate to have her in our organization.”

Ms. McAuliffe is widely recognized as an expert in technical solution sales in the security, network, data, and telephony markets. She has an extensive record of success in territory and partnership management with leading companies and global solution providers. She has designed, implemented and administered productive sales processes and directed programs that have resulted in market leadership and winning sales strategies. Prior to ClearPoint, Ms. McAuliffe worked at Mazu Networks, MCK Communications, Inc and Nortel Communications. She holds a BS in Telecommunications Management from Ithaca College.

“My tenure at ClearPoint has shown me that we have a significant opportunity to provide performance management and metric solutions to CIOs and CISOs,” stated Ms. McAuliffe. “Our best practice content and purpose-built software solutions have been very well received and I look forward to leading the ClearPoint Metrics sales organization as we continue to grow our business and serve our customers.”

About ClearPoint Metrics

ClearPoint Metrics solutions enable IT and Security executives and their teams to consistently and reliably measure, monitor and communicate the state, business impact and effectiveness of their IT governance, risk and compliance initiatives. As both regulatory and best practice frameworks mandate the use of metrics, ClearPoint delivers both the hard facts and data that evidence the existence and efficacy of internal controls and the executive views and scorecards that enable evaluation of performance and alignment with business objectives. CIOs and CISOs of leading Global 2000 companies rely on ClearPoint Metrics software and best practice know-how to quickly and cost effectively implement a successful metrics initiative supporting their strategic imperatives and establishing a foundation for constant improvement in safeguarding their organization’s information assets.  www.clearpointmetrics.com.

The conference, which takes place the day before the RSA Conference 2008, will feature presentations from executives of leading public and private information security companies, including Cisco, IBM, McAfee, Symantec, Acme Packet and more.  The day-long program of keynote topics, panel discussions and presentations serves to address the significance of information security in the IT landscape.  During his presentation, Mr. Acquaviva will provide an overview of the company and will address best practices to understand and communicate the security posture of an organization through the use of metrics and scorecards. 

“The security industry is constantly evolving the innovations and developments of leading information technology and solutions providers, such as those in participating in the America’s Growth Capital Conference,” said Acquaviva.  “ClearPoint Metrics is participating in this industry innovation.  Our solutions are doing for CIO’s and CISO’s what integrated financial reporting and management systems do for the CFO -- providing concrete facts and trusted information that allow organizations to measure, monitor and communication the state, quality and effectiveness of an organizations security initiatives.” 

About ClearPoint Metrics

ClearPoint Metrics solutions enable IT and Security executives and their teams to consistently and reliably measure, monitor and communicate the state, business impact and effectiveness of their IT governance, risk and compliance initiatives.  As both regulatory and best practice frameworks mandate the use of metrics, ClearPoint delivers both the hard facts and data that evidence the existence and efficacy of internal controls and the executive views and scorecards that enable evaluation of performance and alignment with business objectives.  CIOs and CISOs of leading Global 2000 companies rely on ClearPoint Metrics software and best practice know-how to quickly and cost effectively implement a successful metrics initiative supporting their strategic imperatives and establishing a foundation for constant improvement in safeguarding their organization’s information assets.  www.clearpointmetrics.com.

CHELMSFORD, Mass. - March 25, 2008 - ClearPoint Metrics, a leader in performance management and metric solutions, today announced that Yvonne Cekel has joined its management team as Senior Vice President of Marketing and Business Development.  In her new role, Ms. Cekel will be responsible for directing and developing product strategy, building and managing worldwide marketing initiatives and expanding business partner programs.

ClearPoint Metrics delivers a purpose built solution for CIO’s and CISO’s and their teams to implement an enterprise IT and information security metrics programs.  ClearPoint’s Security Performance Manager is an integrated software and best practice content solution that fuses data from existing infrastructure tools and systems enabling organizations to consistently and reliably measure, monitor and communicate the state, business impact and effectiveness of information security initiatives.  

“With more than 20 years of marketing, product planning and general management experience, Yvonne brings the skills and knowledge we need at ClearPoint Metrics to achieve outstanding results,” said Jim Acquaviva, President and CEO of ClearPoint Metrics.  “We’re at an inflection point that requires the kind of proven leadership and operating experience that Yvonne brings to our organization.  We’re delighted to have her join our team.”   

Prior to joining ClearPoint Metrics, Ms. Cekel held executive positions at SoundBite, InfoUSA’s OneSource business unit, Transparent Language and Channel Computing.  Earlier in her career, she worked for Cadre Technologies, Deloitte and as a strategy and business development consultant for several other technology companies.  Ms. Cekel, received a Master of Business Administration from Harvard Business School and a Bachelor of Arts and Science from Babson College.  Ms. Cekel is a Certified Public Accountant.

“ClearPoint Metrics has defined a new category within the IT GRC market – performance management and metrics solutions.  Given ClearPoint’s trajectory and world class customer base, this is a perfect time to accelerate market development initiatives and partnerships,” said Ms. Cekel.  “I look forward to delivering innovative products to market, solving challenging problems for our customers and maximizing the opportunities we have ahead of us at ClearPoint Metrics.”

About ClearPoint Metrics

ClearPoint Metrics solutions enable IT and Security executives and their teams to consistently and reliably measure, monitor and communicate the state, business impact and effectiveness of their IT governance, risk and compliance initiatives.  As both regulatory and best practice frameworks mandate the use of metrics, ClearPoint delivers both the hard facts and data that evidence the existence and efficacy of internal controls and the executive views and scorecards that enable evaluation of performance and alignment with business objectives.  CIOs and CISOs of leading Global 2000 companies rely on ClearPoint Metrics software and best practice know-how to quickly and cost effectively implement a successful metrics initiative supporting their strategic imperatives and establishing a foundation for constant improvement in safeguarding their organization’s information assets.  www.clearpointmetrics.com.

CHELMSFORD, Mass. - March 17, 2008 - ClearPoint Metrics, a leader in performance management and metrics solutions, today announced Security Performance Manager™ V2.0, an integrated software and content solution, designed to enable IT and security executives to consistently and reliably measure, monitor and communicate the state, business impact and effectiveness of their overall IT governance, risk and compliance (GRC) initiatives.  

Unlike approaches which rely on manual processes or cumbersome data warehouses that come with their own information security concerns as well as high costs, ClearPoint’s Security Performance Manager provides a complete, automated and cost-effective view of an organization’s security performance through the use of metrics and scorecards.  ClearPoint’s pre-built data adapters, metrics and scorecards allow CISOs and their teams to quickly and effectively launch and sustain an information security metrics initiative.  Now, security executives are able to monitor and communicate the progress of their information security initiatives with a reliable, consistent and auditable solution.

“ClearPoint is doing for the CISO what integrated financial reporting and management systems do for the CFO,” said James Acquaviva, CEO of ClearPoint Metrics.  “Based on the best practices of our customers and industry experts, our solution allows customers to move beyond self assessments and surveys and deliver the hard facts and data that validate the state of their information security initiatives and enables better decision making.  For the first time, organizations can confidently evaluate their security investments within the context of the enterprise and proactively align their initiatives that safeguard information assets with their business priorities.”

Recent best practice frameworks, including ISO 27000 and CobiT, are now prescribing or mandating metrics as a required component of certification, increasing the demand for solutions that help IT organizations create a centralized approach to managing risk and compliance, while simultaneously meeting governance objectives.  Security Performance Manager delivers on compliance requirements by automating IT and information security performance assessment, measurement and metrics that express the business impact of security investments, provide hard facts and data to verify the existence and efficacy of controls and demonstrate the alignment of IT and information security with an organization’s business objectives.

According to the Forrester report, “Defining IT GRC” issued December 2007 and written by Khalid Kark, Marc Othersen and Chris McClean, “IT GRC initiatives have traditionally been scattered across the organization without any coordination or synchronization.  It is not uncommon for different business areas to develop their own solutions for the same requirement or for IT to deploy multiple technologies to address a common issue.  Not only do these separate initiatives create inefficiency, but these silos also make it very hard to assess and manage risks holistically.  As a result, there is a growing demand for solutions to help IT organizations effectively breakdown these silos and create a centralized approach to managing risk and compliance while simultaneously ensuring good governance.”

ClearPoint’s Security Performance Manager includes best-practice content for specific security initiatives.  ClearPoint’s pre-built packages offer companies a fast, flexible and cost-effective way to deliver automated, consistent and authoritative information security metrics and scorecards.  Packages are easily customized and provide the data needed to support risk analysis and resource allocation decisions.  ClearPoint’s packages include:

• Threat and Virus Management:  Provides managers with scorecards and metrics that give visibility of the management and performance of systems providing protection against internal and external threats and viruses.  The package metrics leverage data from enterprise AV, IDS and incident management systems and communicate results on scorecards around: the type and source of threats and virus; quantity and quality of remediation efforts; coverage and activity on intrusion detection systems; and quantity and outcomes of security incident responses.
  
  
• Identity and Access Management:  Identity and access metrics provide visibility into the user base of an organization directly from directory systems and account management tools.  Then, scorecards show: trends in the number and types of accounts; when and how users access systems; aggregate provisioning/de-provisioning status; and key risks areas such as user rights to high value and sensitive assets.
  
  
• Vulnerability and Patch Management:  Enables uses to detect, trend and manage existing concentrations of risk with metrics that access the results of vulnerability scanning, patch management and support ticket systems across the enterprise.  Scorecards assess the coverage and outcomes of the vulnerability scanning process; visualize the state and trends of the remediation of known vulnerabilities; and state the condition of patch application processes and the residual risks across the organization.
  
  
• Compliance:  Provides scorecards that show: the current state, trends and effectiveness of key performance indicators for ISO 27002 controls and control areas; the profile of PCI DSS systems in an organization; the state and effectiveness of controls around the 12 PCI DSS requirements; and the state of SOX internal controls and material events around critical systems.  This package is a supplement to the three core packages.
  

First available in 2006 and now updated, ClearPoint’s Security Performance Manager is built upon ClearPoint’s Metrics Management Platform, including the Metrics Design Studio, Metrics Production Server and Metrics Communication Server.  Together, they provide the tools to create and manage metrics and scorecards, automate the data collection across disparate data sources, and deliver a web-based portal for communicating scorecards to users.  Significant enhancements to the Metrics Management Platform include:

• Improved Ability to Present Scorecards to Users:  Enhanced presentation views and design capabilities allow advanced control and flexibility for the end-user.
  
  
• Significantly expanded set of data adapters:  New data adapters offer broad coverage and easy access to element tools, asset management systems and user directories.  With nine new adapters, ClearPoint supports over 35 vendor specific products and general purpose connectors for CSV files, ASCII logs, Excel, JDBC/ODBC, LDAP, JCA and web services.
  
  
• Improved Metrics Production System:  In addition, the Metrics Management Platform offers improved processing scale with the ability to run multiple production servers.
  

ClearPoint’s Security Performance Manager equips CIOs and CISOs at global 2000 companies across many vertical markets, including financial services and manufacturing, with the data needed to make intelligent decisions on information security management.  The upgraded packages and enhancements in 2.0 will help current and future customers quickly and effectively launch an information security metrics initiative, complying with the standards and mandates set by industry groups and regulators.

Pricing & Availability
ClearPoint Metrics’ Security Performance Manager packages are available immediately and pricing begins at $50,000 per package per year.  Enterprise licensing is also available.  Each package includes the Metrics Management Platform.  

For more information on the Security Performance Manager, visit www.clearpointmetrics.com.
 
About ClearPoint Metrics
ClearPoint Metrics solutions enable IT and Security executives and their teams to consistently and reliably measure, monitor and communicate the state, business impact and effectiveness of their IT governance, risk and compliance initiatives.  As both regulatory and best practice frameworks mandate the use of metrics, ClearPoint delivers the hard facts and data that evidence the existence and efficacy of internal controls and the executive views and scorecards that enable evaluation of performance and alignment with business objectives.  CIOs and CISOs of leading Global 2000 companies rely on ClearPoint Metrics software and best practice know-how to quickly and cost effectively implement a successful metrics initiative supporting their strategic imperatives and establishing a foundation for constant improvement in safeguarding their organization’s information assets.  www.clearpointmetrics.com.

CHELMSFORD, Mass. - March 3, 2008 - ClearPoint Metrics, a leader in performance management and metric solutions, today announced it has been awarded an Affiliate Membership to the Financial Services Information Sharing and Analysis Center (FS-ISAC).  

The FS-ISAC, in collaboration with the U.S. Department of Treasury and the Financial Services Sector Coordinating Council (FSSCC), serves to enhance the ability of the financial services sector to prepare for and respond to cyber and physical threats, vulnerabilities and incidents, and acts as the primary communications channel for the sector.  As a member-owned organization, FS-ISAC looks to include and accept only those companies that are leading the charge for secure data in the financial services sector.  

FS-ISAC’s new Silver Strategic Sponsorship from ClearPoint Metrics, along with its existing Strategic Sponsorships from, Ernst & Young, VeriSign and Voltage Security, all support and enhance the organization’s work to make the financial services sector stronger and safer.

“We recognize and deeply appreciate the commitment ClearPoint Metrics has made today by becoming a Strategic Sponsor and Affiliate Member of the FS-ISAC.  Given our information sharing mandate, our members look to FS-ISAC to bring them not only threat and incident updates but also innovations in information security such as those offered by ClearPoint,” said Bill Nelson, FS-ISAC CEO and President.  “ClearPoint’s solutions lay the foundation for driving positive change and fostering constant improvement in processes that mitigate risk, improve security and reduce unnecessary costs which are critical outcomes for our general members.”

“Our involvement with FS- ISAC is a natural extension of our commitment to our growing user base in the financial services industry. Our Affiliate Membership enables us to have a consistent dialogue with the thought leaders in this sector leading to us better understand  the requirements for performance metrics that support their IT and information security governance, compliance and risk initiatives,” said Jim Acquaviva, CEO of ClearPoint Metrics.  “We plan to participate actively in the FS-ISAC events and contribute to the continual education and exchange of information that leads to greater preparedness by the community. In particular, the upcoming roundtable series co-sponsored by FS-ISAC and ClearPoint provides an ideal forum for exchange of ideas on how to assess an organizations preparedness and resiliency.”

ClearPoint Metrics’ Security Performance Manager and related subscription offerings equip global 2000 companies in the banking, insurance, brokerage and credit cards industries to reliably measure, monitor and communicate the state, business impact and effectiveness of their IT governance, risk and compliance initiatives.  Just as the FS-ISAC provides security alerts to its members for immediate information sharing to maximize each organization’s security posture, ClearPoint Metrics provides CIOs and CISOs with the hard facts and data from their disparate infrastructure systems to make better informed decisions on information security risk management.  Affiliate Membership provides ClearPoint Metrics access to much of the same information as financial institution members, expanding ClearPoint Metrics’ ability to understand and incorporate both internal and external risk mitigation information for its customers.

About FS-ISAC
Launched in 1999, FS-ISAC was established by the financial services sector in response to 1998's Presidential Directive 63. That directive - later updated by 2003's Homeland Security Presidential Directive 7 - mandated that the public and private sectors share information about physical and cyber security threats and vulnerabilities to help protect the U.S. critical infrastructure.  Constantly gathering reliable and timely information from financial services providers, commercial security firms, federal, state and local government agencies, law enforcement and other trusted resources, the FS-ISAC is now uniquely positioned to quickly disseminate physical and cyber threat alerts and other critical information to your organization. This information includes analysis and recommended solutions from leading industry experts.   www.fsisac.com.  

About ClearPoint Metrics
ClearPoint Metrics solutions enable IT and Security executives and their teams to consistently and reliably measure, monitor and communicate the state, business impact and effectiveness of their IT governance, risk and compliance initiatives.  As both regulatory and best practice frameworks mandate the use of metrics, ClearPoint delivers both the hard facts and data that evidence the existence and efficacy of internal controls and the executive views and scorecards that enable evaluation of performance and alignment with business objectives.  CIOs and CISOs of leading Global 2000 companies rely on ClearPoint Metrics software and best practice know-how to quickly and cost effectively implement a successful metrics initiative supporting their strategic imperatives and establishing a foundation for constant improvement in safeguarding their organization’s information assets.  www.clearpointmetrics.com.

CAMBRIDGE, Mass., May 1, 2007— ClearPoint Metrics, a leading provider of software that manages security performance through metrics, today announced it will host an executive roundtable on metrics as the foundation of an organization’s successful information technology (IT) security governance and performance management initiatives.  Moderated by Steve Katz, former security executive for multiple Fortune 500 corporations and a key security industry thought leader, two roundtables will be held on May 14, 2007. The first will be from 11:30 AM to 2 PM. at the Network Appliance headquarters in Sunnyvale, CA. The second will be  at Le Meridian Hotel from 4 to 7 on 333 Battery Street in San Francisco.  Only 12 attendees can be accommodated:  RSVP as soon as possible to Pam Brodt at 650-400-6864 or pam.brodt@theroundtablenetwork.com.  There is no cost to attend and appropriate refreshments will be served at each event.
“Metrics are essential for driving positive change in behavior, processes and investments that mitigate risk, improve security and reduce unnecessary costs,” explained James Acquaviva, CEO of ClearPoint Metrics.  “This roundtable will explore best practices on how information security governance drives the need for fact-based security performance measurement through metrics, as well as new technologies that are automating the metrics effort.” 

Steve Katz has been a leading proponent of IT security since 1985, as the Senior Security Executive for JP Morgan, Citibank/Citigroup and most recently, Merrill Lynch.  As moderator, he will discuss industry and government-level efforts to raise the visibility, and shape the direction, of IT security.  Topics to be addressed include:

•        How do you develop and then implement a fact-based security performance initiative?

•        What key performance indicators can you use to assess your success?

•        How do you communicate the value and impact of security investments?

•        Can you reduce the costs of reporting compliance and governance efforts through automation?

•        How do you align security initiatives with business objectives?

Security executives are challenged by how to integrate security into their existing IT management and governance structures.  This roundtable will provide guidance on gathering more accurate information about a firm’s security state, the value of different security investments and ways to improve, as well as build, internal security practices.
For more information or to RSVP, contact Pam Brodt at 650-400-6864 or pam.brodt@theroundtablenetwork.com.