Welcome to Cybernance!
Cybernance is a SaaS platform built to help organizations learn how their own business processes impact their cybersecurity maturity. As a result of this knowledge, organizations are provided with an understanding of exactly what needs to be fixed and in what prioritized order. We call the backbone model of Cybernance, CMOM, the Cybergovernance Maturity Oversight Model.
In recent years, we’ve seen broad recognition of the idea that cybersecurity is not just a technology problem. Rather, security depends on cooperation and collaboration across a wide range of functions and stakeholders. Of course, the technology is important – no business should have networks exposed to the Internet without protection. But that protection is best when it is layered and when it consists of not only firewalls and monitoring systems, but also when it consists of processes for handling events and has people who have been trained on what those processes should be.
The stakeholders in security are diverse. Traditional security teams and IT professionals are tasked with a delicate balance of technology provision and technology protection.
- Risk managers hold the tools for understanding how to define and quantify risks and should apply those tools to the information assets a company keeps.
- Procurement managers serve as the gateway through which new equipment, services, vendors and partners must pass – they should be equipped to understand those risks and communicate them to others.
- Human resources managers are responsible for seeking, vetting, screening, training, and maintaining a resilient workforce, which must increasingly meet demands of cybersecurity awareness.
- Audit managers need to understand how all this activity relates to cybersecurity so that they can communicate it to the executive and board level.
- Executives and directors are being held accountable for substandard security practices – they must have a better understanding how to address these standards.
With all these stakeholders in mind, we developed Cybernance. In order to obtain the most useful information as quickly as possible, we designed a lightweight survey that deploys rapidly. This information is translated into recommended actions, where each of which offers general guidance. We believe this particular solution will be specific to each organization and should not be served as a prescription.