While the cybersecurity threat environment is well known as a key challenge for Federal Departments and Agencies (D&As), there are other, equally important issues that need to be addressed when they seek to improve their cybersecurity and privacy (CS&P) programs. These are:
To be effective in this operational environment, Federal D&As must employ CS&P programs that focus on operating in cyberspace instead of just reacting to it.
Federal customers need innovative cybersecurity and privacy (CS&P) approaches, methodologies, and best practices that address interoperability, usability, and privacy adapted to their unique mission and business environments.
Criterion’s Cybersecurity Operations Maturity Model (COMM) provides a structured manner to manage and enhance the efficiency and effectiveness of organizational and enterprise Cybersecurity and Privacy (CS&P) programs and operations.
Cybersecurity Operations Reviews (CORs) are designed to help customers build, adapt, and implement a flexible roadmap to continuously improve their cybersecurity program and operations. Our CORs are powered by CyberScale®, our patented integrated approach, methodology, workflow, and supporting tool that provides a structured manner to survey, analyze, document, manage, and enhance an organization’s CS&P program, operations, IT systems, and/or projects. The COR:
CORs save organizations significant time and resources, while helping them to truly understand the as-is state of their CS&P programs. It delivers greater in-depth analysis than any other tool or methodology available.
Here are a series of blog posts on how to increase federal CS&P maturity.
Compliance-based measures, while better than nothing, do not give a true picture of an organization’s cybersecurity maturity.
Based upon the Program and Technical Baselining review results, Federal organizational management will be able to make well-informed, risk-based decisions regarding CS&P-related activities.
How to conduct a Federal organizational CS&P program and operations review.