How We Can Support You
Our Guiding Philosophy
Cybersecurity must be viewed as a cohesive whole in order to be effective over time. People, Process, and Technology, bounded and guided by Governance and supported by a comprehensive Security Architecture are all required for an organizational cybersecurity program to operate effectively.
People, Process, and Technology are the key components to organization Security Architecture and all components must be considered and tailored to the organizational needs and intelligently scoped based on risk.
All elements are equally important to any organizational Security Program and a weakness in one element introduces weakness to all.
People configure, operate, and maintain Technology through governing Processes and execute Processes outside of Technology components to support security functions. People receive information from Technology to support their decision making.
Process defines and controls appropriate human behavior and may be implemented by either Technology components or Humans to support security functions or maintain security posture.
Technology automates and implements cybersecurity functions and may execute automated processes steps. It is configured and maintained by qualified, competent People executing appropriate Process.
A complete Security Architecture defines and describes People, Process, and Technology within an organizational Security Program and most importantly, the interactions between then necessary to meet organizational cybersecurity program goals.
Governance in the form of strategy, roadmaps, guidance, and policy set the boundaries for any cybersecurity program that supports the business needs of an organization. Governance provides scope and boundaries for People, Process, Technology, and Architecture and itself must remain responsive to changes in People, Process, and Technology.
