Advisory
The principals of Markerbench have successfully completed strategic projects in the following areas:
Management
- Executive and Board briefings and education
- Situation reports
- Client briefings, security statements, and outreach
- Key Risk Indicator (KRI) and Key Performance Indicator (KPI) development
- Cyber risk quantification
Organizational
- Strategic plan development—90-day, 360-degree review and plan
- Capability maturity assessments and benchmarking
- Cyber org sizing, structure, stakeholders, job descriptions, responsibilities and reporting lines
- Policy rebuilds and framework realignments
- Governance and committee structure and processes
Architecture
- Network enclave strategy and design—micro-, regional-, and geography-based
- Active Directory segmentation and risk-reduction
- Metadirectory/universal directory architecture and integration
- Identity strategy, design, and implementation
- Physical and logical identity integration
Risk and Advisory
- External weakness and exposure elimination
- Vulnerability identification and management
- Penetration testing planning and design
- Risk triage, follow-up, and management
- Client and third-party assurance—outside counsel guidelines, ISO 27001, third-party testing
- Asset management—sources, processes, completeness, accuracy, and mappings
- Strategic vendor review and rationalization
- Continuous controls monitoring
- Cloud migration strategy, planning, and oversight
- Business resilience—process identification, weak-point assessment, recovery planning
- High-risk geographies—travel policies and procedures
Security monitoring
- Incident response planning, testing, and procedures
- Analytics assessment and design
- Log visibility and completeness
- Privileged engagements
- High-value target (HVT) monitoring
- Third-party risk analysis and management