GRC Sphere Cyber Benchmarking Consortium Strengthened By Technology

 FOR IMMEDIATE RELEASE:


CONTACT:
Phil Wilson; Founder & Executive Director
GRC Sphere

Telephone: (978)456-8253
Email Address: [email protected]
Website address: www.GRCsphere.org

 GRC Sphere Cyber Benchmarking Consortium Strengthened By Technology

Harvard, MA; August 23rd, 2018 — The GRC Sphere (http://grcsphere.org/) a member-based Industry Benchmarking Consortium based in Harvard, Massachusetts announced today, along with three other industry leaders, their strategic cybersecurity Industry Benchmarking program. The BreakPoint Program Initiative helps companies to become more efficient in transforming processes and practices to achieve a new level of cybersecurity excellence, enterprise-wide. Today’s press release spans four dimensions as follows: 1.) methodologies being used, 2.) technologies being employed 3.) education being offered and 4.) an emerging data management and industry benchmarking titled, The BreakPoint Risk Loss Threat (RLT) Industry Benchmarking and Reporting Standard. Today’s BreakPoint program overview concerns these industry leaders in alphabetical order along with their specific program role:

·        

GRC Sphere (www.GRCsphere.org) – Industry Consortium Management

·        

Hypercube Ltd. (http://www.hypercube.co.uk/) – BreakPoint Standard Development & Collaboration Management 

·        

NISTCSF.COM (www.NISTcsf.com) – Education Certification Management

·        

Strategic Risk Associates (www.SRAbank.com) – System-of-Record Technology Management

Today’s BreakPoint Program Initiative leverages technology for driving the vision of “Shared Industry Intelligence” in order to offer companies a better way to work together, collaboratively, to fight cybercrime and cyber warfare. The following three tools significantly strengthen a company’s cybersecurity and Risk Loss Threat (RLT) data management capabilities as follows:

1.   

The NIST Control Self-Assessment (CSA) Workbench

2.   

The Cognitive Benchmarking Engine (CBE)

3.   

ERM Watchtower

The NIST Control Self-Assessment (CSA) Workbench - The NIST CSA Workbench is a cloud-based enterprise-class application software platform which is used to deploy Control Self-Assessments (CSA’s) and surveys across an enterprise. GRC Sphere provides CSA templates for the NIST Cybersecurity Framework (CSF) and the NIST Baldrige Cybersecurity Excellence Builder (BCEB) Framework

These templates serve to quickly enable a cross-functional program team to plan, design, implement, manage and sustain the requirements that come directly out of the NIST CSF and BCEB frameworks. The low-cost Workbench platform and integrated templates can support extremely large numbers of users. The system can also be used to build any type of CSA or survey. A broad array of features and functions are supported such as crowdsourcing question widgets, advanced analysis, logic / rule programming, R programming, API etc. This cloud-based platform is available to partners for resale and member firms for their application end-use.

The Cognitive Benchmarking Engine (CBE) The Cognitive Benchmarking Engine is a cloud-based enterprise-class application software platform which can be branded / white-labeled by GRC Sphere partners to build, deploy and run their own industry benchmarking client constituencies. CBE serves two primary purposes for a global corporation. The first function is to provide a “System-of-Record” for managing all classes of Risk Loss Threat (RLT) data. For instance, users can create and manage Key Risk Indicators (KRI’s), Key Performance Indicators (KPI’s), Key Compliance Indicator’s (KCI’s) and Key Internal Control Indicators (KICI’s).  The second function is to provide a back-end cognitive computing and analysis platform. Add-on integrations for ERM Watchtower, IBM Watson and IBM Watson Analyticsoffer the CBE partner firm to enhance the system architecture with cognitive computing applications such as deep learning and cohort analysis. Crowdsourcing data which is collected on The NIST CSA Workbench can be sent to CBE for analysis and then reported back to users using an integrated real-time dashboard running on the Workbench. This cloud-based platform is available to partners for resale and member firms for their application end-use.

ERM Watchtower - ERM Watchtower is a cloud-based enterprise-class application software platform which is used to aggregate a wide range of risk information for Board-level and C-suite executive reporting. The flexible system architecture currently supports a wide range of risk roles who need to manage enterprise functions such as reputational risk, operational risk, cybersecurity risk, market risk, credit risk, model risk, product risk, workforce risk, portfolio risk, etc. This cloud-based platform is available to member firms for their application end-use.

The BreakPoint Program Initiative is based on the National Institute of Standards and Technology (NIST) good practice frameworks which are devoted to cybersecurity performance excellence. The first practice set of requirements is the NIST Cybersecurity Framework (NIST CSF). The second is the NIST Baldrige Cybersecurity Excellence Builder (NIST BCEB). The first good practice framework addresses the set of discrete internal controls which need to be planned, designed, implemented, managed and sustained across an enterprise. The second framework, NIST BCEB, concerns the requirements which enable the building of a cybersecurity business plan to guide a global enterprise in a journey to achieve the hallmark of cybersecurity performance excellence, “Cybersecurity Convergence”. This state of enterprise-wide achievement equates to Level 5 on a five level process-oriented maturity model.

A key aspect of the BreakPoint Program is the development of an “open standard” known as the BreakPoint Risk Loss Threat (RLT) Industry Benchmarking and Reporting Standard. It represents the first (emerging) open standard which enables “shared industry intelligence” through a closed-loop control architecture which allows member firms to benefit from the exchange of anonymized RLT data provided by the members in such a way as to be totally secure and to not jeopardize corporate security, intellectual property, privacy concerns, or risks to any other corporate asset. This standard is based on a common semantic model and supports the federated exchange of data.

# # #

For additional information or a software demonstration, please contact:


Phil Wilson; Executive Director;
The GRC Sphere

Telephone Number - (978) 456-8253
Email Address: [email protected]
Website address:
http://grcsphere.org/

 

About The GRC Sphere

The GRC Sphere is a newly emerging member-based Industry Benchmarking Consortium spanning the domains of Governance, Risk and Compliance (GRC) and Work Excellence (WE). The mission of the organization is to reinvent the strategic vision and value of GRC to foster progressive "Ways-of-Thinking" and "Ways-of-Working". Our consortium, GRCsphere.org, serves executives, finance, accounting and GRC professionals around the world. We’re based in the United States, but our perspective is truly global in nature. We invite you to join us by contacting us at [email protected]

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.