The principals of Markerbench have successfully completed strategic projects in the following areas:


  • Executive and Board briefings and education
  • Situation reports
  • Client briefings, security statements, and outreach
  • Key Risk Indicator (KRI) and Key Performance Indicator (KPI) development
  • Cyber risk quantification


  • Strategic plan development—90-day, 360-degree review and plan
  • Capability maturity assessments and benchmarking
  • Cyber org sizing, structure, stakeholders, job descriptions, responsibilities and reporting lines
  • Policy rebuilds and framework realignments
  • Governance and committee structure and processes


  • Network enclave strategy and design—micro-, regional-, and geography-based
  • Active Directory segmentation and risk-reduction
  • Metadirectory/universal directory architecture and integration
  • Identity strategy, design, and implementation
  • Physical and logical identity integration

Risk and Advisory

  • External weakness and exposure elimination
  • Vulnerability identification and management
  • Penetration testing planning and design
  • Risk triage, follow-up, and management
  • Client and third-party assurance—outside counsel guidelines, ISO 27001, third-party testing
  • Asset management—sources, processes, completeness, accuracy, and mappings
  • Strategic vendor review and rationalization
  • Continuous controls monitoring
  • Cloud migration strategy, planning, and oversight
  • Business resilience—process identification, weak-point assessment, recovery planning
  • High-risk geographies—travel policies and procedures

Security monitoring

  • Incident response planning, testing, and procedures
  • Analytics assessment and design
  • Log visibility and completeness
  • Privileged engagements
  • High-value target (HVT) monitoring
  • Third-party risk analysis and management