The law firm Harris Beach PLLC has launched Caetra.io, a software company focused on helping organizations comply with domestic and international regulations and measure their success in meeting those obligations.
Caetra.io has developed, as its first offering, a compliance-as-a-service application that helps organizations simplify compliance with the growing number of contractual and cyber regulations governing data security and privacy.
The software application, known as CyMetric, translates many different regulations into a single, legally compliant policy, and defines the discrete industry standard data security and privacy controls needed to satisfy that policy. Developed in close association with Harris Beach attorneys, CyMetric automatically integrates requirements of the law into an organization’s controls and policies to ensure compliance.
CyMetric also provides a mechanism for customers to assess and measure the progress they are making to implement their compliance program and to see in real time how the organization is performing against requirements.
Caetra.io and CyMetric originate from the vision of Harris Beach partner Alan Winchester, who serves as Caetra’s chief development officer. Alan leads the Harris Beach Cybersecurity Protection and Response Practice Group. He has focused on the intersection of law and computers since becoming an attorney in 1989.
“The mission of Caetra and CyMetric can be described in two words: Reduced risk. Our cloud-based application puts IT, compliance and management all on the same page in terms of meeting obligations of various laws such as HIPAA, GDPR and other regulations,” says Alan Winchester, who serves as Caetra’s chief development officer. “The regulatory climate globally is getting more complex every day. Historically, understanding these regulations and translating them into practice requires an enormous and sometimes redundant commitment of time and expense. CyMetric streamlines that process and integrates critical measurement capabilities so your teams can focus on what they do best.”
The financial and reputational cost of a failed data privacy and security compliance program is increasing. Regulatory fines and contractual litigation between private parties often spell the end for many small businesses and materially affect the bottom line of large organizations. In many recent breaches, the point of failure boiled down to substandard implementation of controls designed to mitigate a known risk or to implement a required policy. CyMetric helps organizations beef up control and lets them see where they have gaps in implementation.