1 min read

Cybersecurity Governance

To be sustainable, effective, and defensible, a cybersecurity program must begin with governance. Adversarial helps firms establish, operate, and review both internal and external cybersecurity governance programs with an emphasis on engaging non-cyber business leaders and leveraging their strengths.

Internal Governance

Often overlooked, establishing a cross-functional CyberGov committee is an essential step to involving business leaders in appreciating and setting the cybersecurity mission. Adversarial establishes committee charters, training material, and standing meeting agenda to engage leaders in a practical manner and translate cybersecurity threats, risks, incidents, controls, and compliance into actionable asks.

External Governance

Public and private companies are subject to increasing expectations around cybersecurity expertise and oversight. Adversarial assists public and private Boards and individual Directors with:

  • Setting reasonable expectations of cybersecurity program reports and metrics from management
  • Threat analysis exercises to ensure the most relevant threats are prioritized and finite resources are allocated to top concerns
  • Ensuring cyber testing and risk management activity is adequate to discover needs for improvement before adversaries do
  • Benchmarking program and resource commitment to peer groups with similar threat profiles
  • Providing Director education on cybersecurity broadly, relevant regulation and reporting requirements, and compliance with current and pending governance rules

You might also like...

Nov
22
Cyber Governance: What is Fair to Expect from Board Directors and Management? 2 of 4

Cyber Governance: What is Fair to Expect from Board Directors and Management? 2 of 4

Episode 2: Risks In Episode 1 of this series I talked about oversight of cybersecurity threats and how a Board
6 min read
Nov
11
Bad CISO Archetypes

Bad CISO Archetypes

As part of my advisory work, I often help companies find and/or interview security leaders. While I'm a huge
4 min read
Oct
17
Cyber Governance: What is Fair to Expect from Board Directors and Management? 1 of 4

Cyber Governance: What is Fair to Expect from Board Directors and Management? 1 of 4

With mounting pressure around cyber literacy in the Boardroom, Directors are looking for specifics around what will be expected of
8 min read
Mar
28
Episode 02 - The CISO Board Director

Episode 02 - The CISO Board Director

In this episode, host Jerry Perullo explores the opportunities and challenges for retiring tech executives and CISOs in the Board
1 min read
Mar
01
Cybersecurity Strategy

Cybersecurity Strategy

Even mature, highly-resourced cybersecurity programs can overlook articulating a strategy in the absence of specific regulatory requirements. All organizations are
1 min read