The Augusta Group and 327 Solutions announce their education partnership

The Augusta Group
  • Home
  • SEC rule
  • EN NIS 2/ DORA
  • The FDA
  • Strategy
  • Risk management
  • Governance
  • Services
    • Board Governance
    • Cyber and Risk Advisory
    • Non-Executive Director
    • Training and Compliance
    • insights
  • The team
  • Contact Us
  • More
    • Home
    • SEC rule
    • EN NIS 2/ DORA
    • The FDA
    • Strategy
    • Risk management
    • Governance
    • Services
      • Board Governance
      • Cyber and Risk Advisory
      • Non-Executive Director
      • Training and Compliance
      • insights
    • The team
    • Contact Us
The Augusta Group
  • Home
  • SEC rule
  • EN NIS 2/ DORA
  • The FDA
  • Strategy
  • Risk management
  • Governance
  • Services
    • Board Governance
    • Cyber and Risk Advisory
    • Non-Executive Director
    • Training and Compliance
    • insights
  • The team
  • Contact Us

Cyber strategy

Cybersecurity is recognized as the biggest non-financial risk faced by Nation States and their public and private sector organizations.


Requiring organizations adopt a cybersecurity risk management strategy, procedures, policies and risk mitigation.

Cyber strategy

Paper: Cyber Harmonisation

Paper: Cyber Harmonisation

Paper: Cyber Harmonisation

 Cybersecurity is a global problem, requiring global solutions.  U.S and EU regulators are moving to regulate cyber security for Critical National Infrastructure (CNI) providers, Financial Institutions, public entities register on U.S Capital Markets and infrastructure.  Regulation that sets requirements for public and private sector organisations to comply with requirements for cybersecurity risk management.  Requirements that if not harmonized between partner nations set different levels of cyber compliance between nations, and their public and private sector firms. 

Paper: Augusta Plan - v1.0

Paper: Cyber Harmonisation

Paper: Cyber Harmonisation

Cyber attacks are increasing in complexity, frequency and financial impact.  Invariably national cyber strategies are offensive and not defensive in nature, and the defensive cyber strategies that exist do not address the needs of most public and private sector organizations. 


 All of which results in increasingly successful cyberattacks, increased costs of cyber compliance, higher cyber insurance premiums, and more recently a rise in cyber regulation.  At a time when cyberspace is increasing in complexity, there is a global shortage of cyber talent and corporate board rooms face increased pressure to oversight and assure cyber risk.   

Paper: Augusta Plan - v2.0

Paper: Cyber Harmonisation

Paper: Augusta Plan - v2.0

US Federal government has been working unsuccessfully to resolve cybersecurity since the passing by Congress of the Federal Information Security Management Act (FISMA) in 2002 and modified in 2014 (Modernization).  


FISMA requires the adoption of the Risk Management Framework (RMF, NIST SP 800 - 37R2) by all Federal Agencies, their contractors, and the development of C-SCRM policy, the application of risk management practices that align with both FISMA and Office of Management and Budget (OMB) A-130 (‘Managing Information as a Strategic Resource’).  

Paper: Augusta plan - v3.0

Paper: DoDi 5000.90, FISMA and SCRM

Paper: Augusta Plan - v2.0

Regulators are moving rapidly to develop and implement cybersecurity risk management legislation, regulations and regulatory enforcement programs.  Cybersecurity risk management programs that need to be aligned globally to facilitate national sovereignty, nation and international security. 


 Nations operate to different cyber security frameworks, standards and practices and failure to consider these differences results in nations applying different levels of cybersecurity controls and security to their own and their partners data.  Failure to harmonise cybersecurity risk management practices has an adverse effect on national security and international trade. 

Paper: FISMA, OMB and the RMF

Paper: DoDi 5000.90, FISMA and SCRM

Paper: DoDi 5000.90, FISMA and SCRM

Even though the Federal government has been working to resolve cybersecurity (Information) since the passing by Congress of the Federal Information Security Management Act (FISMA) in 2002 and modified in 2014 (Modernization), these laws have not been effective in reducing the impact from cyber events. 


Cyber regulation, specifically the adoption of FISMA, is a reasonable solution to the management of cybersecurity risks.  A solution that has been in place, but poorly adopted by Federal Agencies since 2002.

Paper: DoDi 5000.90, FISMA and SCRM

Paper: DoDi 5000.90, FISMA and SCRM

Paper: DoDi 5000.90, FISMA and SCRM

 Risk management, SCRM, and cybersecurity has been developing across the Federal Government since the passing of the FISMA in 2002 and its update in 2014.  Alongside the DoD is undergoing significant cyber-risk transformation to achieve superiority against all adversaries in all warfighting domains, including cyberspace.  Formalizing FISMA and the RMF across the Army, Navy, and Air Force, requiring the services to adopt a risk-based approach under DoD 8510.01 to weapon system cybersecurity, risk management and acquisition under DoDi 5000.90. 

Copyright © 2021 Augusta GRC, LLC - All Rights Reserved.

The Augusta Group

  • Home
  • SEC rule
  • EN NIS 2/ DORA
  • The FDA
  • Strategy
  • Risk management
  • Governance
  • Cyber Harmonisation
  • Board Governance
  • Cyber and Risk Advisory
  • Non-Executive Director

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept