FOR THE CEOs AND BOARD MEMBERS - CORE Cyber Strategy ™ Services
"How much should we spend
on cyber security measures?"
This is a fiduciary business decision of the CEO and Board Directors, not a technical decision by technologists or consultants. CORE helps the CEO and Board to frame the problem correctly in order to answer this central strategic investment question. And this must be done before any money is budgeted or spent on cyber resilience and cyber security initiatives.
CORE is the only firm in Japan with an integrated cyber-expertise in law, strategy and governance, industry, and technology.
CORE helps its clients to achieve continuity in all parts of the integration of cyber resilience and cybersecurity with management, governance, and technology per the strategic investment by the CEO and Board. Upstream in this work is the regulatory and business case pieces that are specific to each of our clients' industries.
THE CORE WAY — Business Case before Tech Investments.
1. CORE determines what regulations actually apply to you
CORE starts by analyzing the governing cyber laws and regulations to determine the ones to which the Client must comply, to what extent, and by when. The analysis is specific to the client's business activities and industry.
2. CORE helps you to specify your risk tolerance
CORE creates a business case to help fiduciaries to identify the many investment trade-offs involved in the job of integrating cyber resilience into the client's management, governance, and technology.
3. CORE familiarizes the CEO and Board on their roles
CORE recommends compliance guidelines to fiduciaries so they can properly perform their own duties regarding mitigation, management, and response to incidents.
Finally: You are ready for the technology
At this point, the client is well-positioned to undertake the design and implementation of its cyber resilience and cyber security measures.
Once all the above is done, the decisions about the big-ticket items come next in the CORE's method, which CORE handles through its Cyber Resilience and Cyber Security Services.