Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Our Story
The Cyber Governance Network was born out of an observation that in today’s ever changing risk landscape, our adversaries are continually upgrading their tools, tactics, and procedures to create opportunities to compromise businesses globally. In response to these pressures:
Industry has given us the tools (technology) – however there are few GRC technologies created that fulfill Governance outcomes efficiently, scale properly, and not to mention those that exist are awfully light on Governance.
Well intentioned framework visionaries crafted tactics (oversight) – an additive and episodic approach to provide Governance to cybersecurity programs.
Procedures providing specific guidance to cybersecurity professionals on the concept of Governance regularly lack focus on the primary outcomes that organizations must achieve.
The result – Cyber Governance remains a discipline where few achieve success – and the lack of success in this area is evident by the number of organizations that are breached every year.
Our mission and purpose
Our mission is to provide alternative viewpoints on the subject of Cyber Governance in order to fully develop line of sight into the tactical day-to-day activities necessary to counter current threats and provide strategic insights for guide Cyber programs and manage threats on the horizon. Through sharing insights and improving dialogue on the topic of Cyber Governance, we seek to increase the efficacy and efficiency of security programs in our community.
Defining Cyber Governance
Cyber Governance is a group of technologies, activities, and choices that achieve the following outcomes:
– Provide real-time telemetry regarding cyber security control coverage/effectiveness and the usage of organizational assets (data/applications/resources).
– Align security controls and asset usage to specific business risks and enable the organization to identify existing/evolving risk exposure and wargame what-if scenarios.
– Make informed decisions both at the tactical day-to-day operational level, during emergent scenarios, and at enterprise strategic planning events.
Our Core Principles
Authenticity and Focus
We will stick with the concept of Cyber Governance and try not to get off-topic, even if other topics are more newsy or high-profile.
Real Takeaways
We will strive to give you battle-tested ideas that you can use to promote, establish, and improve your Cyber Governance program.
Unique Perspectives
We will at times review existing frameworks, documents, and blogs but we will provide you with alternative perspectives on how you can leverage these frameworks to achieve your Cyber Governance goals.