GRC Sphere Cyber Consortium Announces BreakPoint Program


Phil Wilson; Founder & Executive Director
GRC Sphere

Telephone: (978)456-8253
Email Address: [email protected]
Website address:

Harvard, MA; August 23rd, 2018 — The GRC Sphere ( a member-based Industry Benchmarking Consortium based in Harvard, Massachusetts announced today, along with three other industry leaders, their strategic cybersecurity Industry Benchmarking program. The BreakPoint Program Initiative helps companies to become more efficient in transforming processes and practices to achieve a new level of cybersecurity excellence, enterprise-wide. Today’s press release spans four dimensions as follows: 1.) methodologies being used, 2.) technologies being employed 3.) education being offered and 4.) an emerging data management amd industry benchmarking titled, The BreakPoint Risk Loss Threat (RLT) Industry Benchmarking and Reporting Standard. Today’s BreakPoint program overview concerns these industry leaders in alphabetical order along with their specific program role:


GRC Sphere ( – Industry Consortium Management


Hypercube Ltd. ( – BreakPoint Standard Development & Collaboration Management 


NISTCSF.COM ( – Education Certification Management


Strategic Risk Associates ( – System-of-Record Technology Management

The BreakPoint program addresses the exchange of anonymized Risk Loss Threat (RLT) data to achieve 3 business objectives:


Shared Industry Intelligence - The first objective is to power an industry benchmarking information intelligence service which GRC members and partners can tap into to glean a new level of “shared industry intelligence” for fighting cybercrime and cyber warfare.


Industry Benchmarking - The second objective is to power a global network of industry peers who want to work collaboratively to accurately measure “Peer Averages” and “Best-In-Class” performance across a range of Key Performance Questions (KPQ’s), Key Performance Indicators (KPI’s), Key Risk Indicators (KRI’s) and Key Internal Control Indicators (KICI’s). This objective also pertains to the development and exchange of methods, tools and training which are needed to develop new cyber processes and practices.


Emerging Open Standard - The third objective is to develop an “open” data information sharing and reporting standard which all members and partners will use in their collaborative work. The BreakPoint Risk Loss Threat (RLT) Industry Benchmarking and Reporting Program Standard leverages in-line XBRL under the Securities and Exchange Commission’s mandate for the reporting of cyber breaches and significant cyber incidents to shareholders of public companies which are listed on US stock exchanges.

“The BreakPoint Program Initiative has been built, “from the ground up” around the vision of Shared Industry Intelligence, said Phil Wilson, Executive Director of GRC Sphere. “Our Member firms are blazing a trail to offer industry peers a better way to work together, collaboratively, in order to provide a number of advantages in the fight against cybercrime and cyber warfare. The BreakPoint program roadmap guides companies in their journey to ultimately achieve “Cybersecurity Convergence”; the highest level of cybersecurity performance excellence.

Michael Glotz, President and Founding Partner of Strategic Risk Associates ( said, “The BreakPoint moniker is an important concept in today’s cyber environment. BreakPoint is the name for the defining event (in business transformation theory) which signals a rapid business change that generates a disproportionate economic gain. Our program’s methods, tools and training help global organizations to achieve this. We address this transformation requirement as our common goal. That’s where our BreakPoint program shatters the status quo. It spurs the needed workforce transformation by changing “Ways-of-Thinking” along with “Ways-of-Working”, said Glotz.

Phil Wilson went on to say that, “Our BreakPoint program supersedes other cyber programs because our cybersecurity industry benchmarking methods address the second part of the BreakPoint definition, i.e. the point at which the market responds disproportionately to a change in a KPI value parameter. Our members need to manage Risk Loss Threat (RLT) data  within our System-of-Record such as Key Performance Questions (KPQ’s), Key Performance Indicators (KPI’s), Key Compliance Indicators (KCI’s) and Key Internal Control Indicators (KICI’s) in a way that has not been possible in the past.”

Global Program Manager, Mike Bennett of Hypercube Ltd. Based in London added, “We define how we manage Risk Loss Threat (RLT) data and how we share it in anonymized forms and formats. Our open standard underpins our program initiative. The BreakPoint Risk Loss Threat (RLT) Industry Benchmarking and Reporting Standard is the first (emerging) standard which enables “shared industry intelligence” through a closed-loop control architecture. This allows member firms to benefit from the exchange of anonymized RLT data in such a way as to be totally secure and to not jeopardize corporate security, intellectual property, privacy concerns, or risks to any corporate asset. Our standard is based on a common federated and semantic data model which allows our partners to run their own industry benchmarking communities in concert with us, yet autonomously.”

Bennett went on to say, “The BreakPoint standard leverages ground-breaking work by organizations such as the Object Management Group’s Finance Domain Task Force (, the Enterprise Data Management (EDM) Council’s work deliverable of the Financial Industries Business Ontology (FIBO)  ( and XBRL US ( with their eXtensible Business Reporting Language (XBRL) and in-line XBRL standards.   We believe that the on-going work to flesh out our open standard is an effort that progressive companies will want to be involved with. Member firms of all sizes can participate and member fees are structured according to company size.”

Rick Lemieux, Founder and Managing Partner of commented on the core methodologies saying that “The BreakPoint Program Initiative is based on the leading two (2) National Institute of Standards and Technology (NIST) good practice frameworks which are devoted to cybersecurity performance excellence. The first is the NIST Cybersecurity Framework (NIST CSF) and the second is the NIST Baldrige Cybersecurity Excellence Builder (NIST BCEB). NIST CSF addresses the set of discrete internal controls which need to be planned, designed, implemented, managed and sustained across an enterprise. The second framework, NIST BCEB, concerns the requirements which enable the building of a cybersecurity business plan to guide a global enterprise in their journey to achieve “Cybersecurity Convergence” which equates to Level 5 performance excellence on a five level process-oriented maturity model.”

# # #

For additional information or a software demonstration, please contact:

Phil Wilson; Executive Director;
The GRC Sphere

Telephone Number - (978) 456-8253
Email Address: [email protected]
Web site address:

About The GRC Sphere

The GRC Sphere is a newly emerging member-based Industry Benchmarking Consortium spanning the domains of Governance, Risk and Compliance (GRC) and Work Excellence (WE). The mission of the organization is to reinvent the strategic vision and value of GRC to foster progressive "Ways-of-Thinking" and "Ways-of-Working". Our consortium,, serves executives, finance, accounting and GRC professionals around the world. We’re based in the United States, but our perspective is truly global in nature. We invite you to join us by contacting us at [email protected]


Post new comment

The content of this field is kept private and will not be shown publicly.