Welcome to High-Consequence Cyber

Markerbench partners with CISOs, CIOs, and business stakeholders to deliver smart, realistic cyber strategies when they matter most. Our team has helped organizations:

Assess and rebuild cyber organizations
Identify M&A-related cyber risks and set aside capital to fix them
Split networks strategically to reduce geographic risks
Systematically measure and report on controls performance
Eliminate external weaknesses and exposures
Re-stack identity management systems

…and much more. Read more about what we do.

Featured Content

Andrew Jaquith

Writing for Impact: Executive Summaries

The Executive Summary is your first—and often last—chance to persuade decision-makers. Here’s how to stick the landing.

20 min read ∙ July 31, 2024

Andrew Jaquith

Talking to Executives About Cyber and Technology Risks

Senior managers talk about risks, and not about threats or controls. To have better conversations with senior leaders, focus where the risks are coming from, and why. This post offers a vocabulary for talking about cyber- and technology-related risks and their causes.

11 min read ∙ January 31, 2024

Andrew Jaquith

Who Killed the Perimeter? Some Clues.

Enterprise network perimeters have been disappearing: at first slowly, and then suddenly, all at once and at knifepoint. If this were a game of Clue, I’d accuse the Ransomware Actor, on the Edge Device, with the Zero-Day.

9 min read ∙ November 14, 2023

Andrew Jaquith

Microsoft to CIOs: Drop Dead

Microsoft’s new advice for securing Active Directory does customers a disservice by focusing on the wrong things. Tomorrow’s “Zero Trust” and Azure roadmaps won’t stop today’s ransomware epidemic. Enterprises need to protect the Active Directory they’ve already got.

7 min read ∙ December 22, 2020

Andrew Jaquith

Five Lessons from a Decade of Security Metrics

The data revolution sweeping over IT has come to cybersecurity. CISOs can learn from their success disasters, instrument their controls, and write key risk indicators (KRIs) that resonate with their audiences.

20 min read ∙ March 21, 2019

Andrew Jaquith

The Twenty-Year War on Cybercrime

Digital crime is on the rise. To defeat it, defenders need to scale up, gain the full picture of risk, and heed the lessons of John Boyd.

18 min read ∙ June 6, 2015

Andrew Jaquith

Escaping the Hamster Wheel of Pain

Security shouldn’t be an endless patch-and-pray exercise. Metrics offer a way out.

9 min read ∙ May 4, 2005

Cybersecurity is a high-stakes sport.

When nothing happens, you’ve had a great day.

Make the right choices…

…and your board, employees, and shareholders are happy. But what if you’ve got big plans, and big risks to match?

Fail to find the right balance…

…between risk and reward, and you’re out of a job. Threats keep escalating. The pressure never stops.

You need a partner…

…who can be a force multiplier. We can help.

Welcome to High-Consequence Cyber