Dave Burg
Global Head of Cyber Risk
Washington DC
Cyber Governance and Strategy
Manage cyber risk and information security governance issues with Kroll’s defensible cyber security strategy framework.
Contact UsEffective information security governance starts with well-informed decisions and the framework to meet new challenges. Kroll’s well-rounded leaders can help your organization with unique insights on cyber risks and practical support.
Cyber governance involves making multiple decisions that will guide your organization through current and future challenges. Understanding cyber threats from a technology standpoint is certainly key, but security leaders and senior management must also consider a host of financial and operational aspects, including regulatory and reputational concerns. Knowing what to prioritize and where to bolster resources is often not a clear-cut choice.
Kroll’s expertise managing thousands of cyber security engagements worldwide, backed by the diverse backgrounds of our experts from law enforcement, government agencies and large enterprises helped build the framework for a defensible cyber security strategy in five pillars:
Our Cyber Governance Framework
We help you look at cyber security from many perspectives—from learning best practices for all types of situations to developing a process for risk-ranking the vulnerabilities and threats most harmful for your organization’s maturity, size and sector. Our goal is to bring confidence in your decision-making and strengthen the framework that will support and implement your strategies.
Kroll’s governance and risk advisory solutions are also included as part of an array of proactive services, available through our client-friendly cyber risk retainers for maximum tangible value.
Kroll Cyber Governance and Risk Advisory Services
Here are a few selected services available to help your organization with cyber governance issues:
-
Virtual CISO Advisory
Augment the strength of your team with a Kroll leader who can develop your existing staff; work at-the-elbow with current security leaders; set strategic objectives to support business-critical technology demands; balance IT administration; and establish clear communication with the boards of directors, investors and government agencies. -
Data Protection Officer (DPO) Services
In partnership with leading data privacy law firms, Kroll offers DPO consultancy services that support you in becoming and staying compliant with GDPR as well as other data privacy laws and regulations, including HIPAA. -
Board Advisory for Cyber
Kroll can help board members become actively involved in cyber security and give meaningful direction to the organization in ways that meet wide-ranging regulatory and stakeholder expectations. -
Application Security Services
Kroll’s product security experts upscale your AppSec program with strategic application security services catered to your team’s culture and needs, merging engineering and security into a nimble unit.
-
Incident Response Threat Simulations
Kroll follows a seven-step process refined by our experience in leading hundreds of cyber tabletop exercises (TTX) for client organizations of varied sizes, complexity and industry sectors. Participating in a Kroll TTX helps your team clarify and rehearse their roles and develop more confidence to perform effectively in the event of an incident. -
Cyber Security Due Diligence for M&A
Make better-informed M&A decisions by identifying actual cyber security lapses or potential at-risk areas in your targets; quantify remediation costs and help restructure investments; and demonstrate data security commitment to stakeholders and regulators. -
Security Culture as a Service
Foster a culture that helps employees internalize a cyber security and data privacy mindset and “own” their role in keeping data safe
Many more solutions are available, use the links on this page to explore them further or speak to a Kroll expert today via our 24x7 cyber incident hotlines or our contact page.
Connect With Us
Application Security Services
Kroll’s product security experts upscale your AppSec program with strategic application security services catered to your team’s culture and needs, merging engineering and security into a nimble unit.
Optimized Third-Party Cyber Risk Management Programs
Manage risk, not spreadsheets. Identify and remediate cybersecurity risks inherent in third-party relationships, helping achieve compliance with regulations such as NYDFS, FARS, GDPR, etc.
Third Party Cyber Audits and Reviews
Ensure that your third parties are handling sensitive data according to regulatory guidelines and industry standards with our cyber audits and reviews.
CFIUS Compliance and Review
Helping organizations manage CFIUS, Team Telecom and FOCI requirements.
Incident Response Tabletop Exercises
Kroll’s field-proven incident response tabletop exercise scenarios are customized to test all aspects of your response plan and mature your program.
Explore Insights
Article List
Cyber
KAPE Quarterly Update - Q4 2023
February 14, 2024
by Andrew Rathbun, Eric Zimmerman
Cyber
Data Breach Outlook: Finance Surpasses Healthcare as Most Breached Industry in 2023
February 7, 2024
by David White
Threat Intelligence
CVE-2024-0204: Authentication Bypass Vulnerability in Fortra GoAnywhere MFT
January 25, 2024
by George Glass
Threat Intelligence
Inside the SYSTEMBC Command-and-Control Server
January 19, 2024
by Dave Truman
Videos
Cyber
Effective Management of Cybersecurity Risks
Cyber
Remote Work Security Assessment: What you need to know
Cyber
10 Essential Cyber Security Controls for Increased Resilience and Better Insurance Coverage
March 25, 2021
Litigation Support Services
Martin Nikel discusses End-to-End Litigation Support Services
February 1, 2022
Events
Article List
Cyber
State of Cyber Defense: Healthcare Edition
April 24, 2024|Online
A deep dive into the latest threats and vulnerabilities facing the health care sector along with gaps in detection and response impacting improvement efforts.
Cyber
Kroll at RSA Conference 2024
May 6 - 9, 2024|Conference
Join Kroll experts at the RSA Conference in San Francisco May 6-9, 2024. Stop by booth 2239 in the South Expo Hall to meet our team.
Threat Intelligence
Q1 2024 Cyber Threat Landscape Virtual Briefing
May 29, 2024|Online
Join the Q1 2024 Cyber Threat Landscape Virtual Briefing as Kroll’s cyber threat analysts outline notable trends and insights from our incident response intelligence.
Kroll is headquartered in New York with offices around the world.
55 East 52nd Street 17 Fl
New York NY 10055
Sign up to receive periodic news, reports, and invitations from Kroll.
Our privacy policy describes how your data will be processed.
© 2024 Kroll, LLC. All rights reserved.
Kroll is not affiliated with Kroll Bond Rating Agency,
Kroll OnTrack Inc. or their affiliated businesses. Read more.