GRC Sphere Cyber Consortium Announces BreakPoint Program

HARVARD, Mass. - Aug. 23, 2018 - PRLog -- The GRC Sphere (http://grcsphere.org/) a member-based Industry Benchmarking Consortium based in Harvard, Massachusetts announced today, along with three other corporate participants, their strategic cybersecurity Industry Benchmarking program. The BreakPoint Program Initiative^™ helps companies to become more efficient in transforming processes and practices to achieve a new level of cybersecurity excellence. Today's press release spans four dimensions as follows: 1.) methodologies being used, 2.) technologies being employed 3.) education being offered and 4.) an emerging open data management standard titled, The BreakPoint Risk Loss Threat (RLT) Industry Benchmarking and Reporting Standard^™. Corporate participants:

·         GRC Sphere (www.GRCsphere.org) – Industry Consortium Management

·         Hypercube Ltd. (http://www.hypercube.co.uk/) – BreakPoint Standard Development & Collaboration Management

·         NISTCSF.COM (www.NISTcsf.com) – Education Certification Management

·         Strategic Risk Associates (www.SRAbank.com) – System-of-Record Technology Management

The BreakPoint program addresses 3 business objectives:

1.)   Shared Industry Intelligence - The first objective is to power an industry benchmarking information intelligence service which GRC members and partners can tap into to glean a new level of "shared industry intelligence" for fighting cybercrime and cyber warfare.

2.)   Industry Benchmarking - The second objective is to power a global network of industry peers who want to work collaboratively to accurately measure "Peer Averages" and "Best-In-Class" performance across a range of Key Performance Questions (KPQ's), Key Performance Indicators (KPI's), Key Risk Indicators (KRI's) and Key Internal Control Indicators (KICI's). This objective also pertains to the development and exchange of methods, tools and training which are needed to develop new cyber processes and practices.

1.)   Emerging Open Standard - The third objective is to develop an "open" data information sharing and reporting standard which all members and partners will use in their collaborative work. The BreakPoint Risk Loss Threat (RLT) Industry Benchmarking and Reporting Program Standard^™ leverages in-line XBRL under the Securities and Exchange Commission's mandate for the reporting of cyber breaches and significant cyber incidents to shareholders.

"The BreakPoint Program Initiative^™ has been built, "from the ground up" around the vision of Shared Industry Intelligence, said Phil Wilson, Executive Director of GRC Sphere. "Our Member firms are blazing a trail to offer industry peers a better way to work together, collaboratively, in order to provide a number of advantages in the fight against cybercrime and cyber warfare. The BreakPoint program roadmap guides companies in their journey to ultimately achieve "Cybersecurity Convergence"; the highest level of cybersecurity performance excellence.

Michael Glotz, President and Founding Partner of Strategic Risk Associates (www.SRAbank.com) said, "The BreakPoint^™ moniker is an important concept in today's cyber environment. BreakPoint^™ is the name for the defining event (in business transformation theory) which signals a rapid business change that generates a disproportionate economic gain. Our program's methods, tools and training help global organizations to achieve this. We address this transformation requirement as our common goal." said Glotz.

Phil Wilson went on to say that, "Our BreakPoint program supersedes other cyber programs because our cybersecurity industry benchmarking methods address the second part of the BreakPoint definition, i.e. the point at which the market responds disproportionately to a change in a KPI value parameter. Our members need to manage Risk Loss Threat (RLT) data  within our System-of-Record such as Key Performance Questions (KPQ's), Key Performance Indicators (KPI's), Key Compliance Indicators (KCI's) and Key Internal Control Indicators (KICI's) in a way that has not been possible in the past."

Global Program Manager, Mike Bennett of Hypercube Ltd. Based in London added, "We define how we manage Risk Loss Threat (RLT) data and how we share it in anonymized forms and formats. Our open standard underpins our program initiative. The BreakPoint Risk Loss Threat (RLT) Industry Benchmarking and Reporting Standard is the first (emerging) standard which enables "shared industry intelligence" through a closed-loop control architecture. This allows member firms to benefit from the exchange of anonymized RLT data in such a way as to be totally secure and to not jeopardize corporate security, intellectual property, privacy concerns, or risks to any corporate asset. Our standard is based on a common federated and semantic data model which allows our partners to run their own industry benchmarking communities in concert with us, yet autonomously."

Bennett went on to say, "The BreakPoint standard leverages ground-breaking work by organizations such as the Object Management Group's Finance Domain Task Force (https://www.omg.org/fdtf/), the Enterprise Data Management (EDM) Council's work deliverable of the Financial Industries Business Ontology^™ (FIBO^™)  (https://spec.edmcouncil.org/fibo/) and XBRL US (https://xbrl.us/) with their eXtensible Business Reporting Language (XBRL) and in-line XBRL standards.   We believe that the on-going work to flesh out our open standard is an effort that progressive companies will want to be involved with. Member firms of all sizes can participate and fees are structured according to company size."

Rick Lemieux, Founder and Managing Partner of NISTCSF.com commented on the core methodologies saying that "The BreakPoint Program Initiative is based on the leading two (2) National Institute of Standards and Technology (NIST) good practice frameworks which are devoted to cybersecurity performance excellence. The first is the NIST Cybersecurity Framework (NIST CSF) and the second is the NIST Baldrige Cybersecurity Excellence Builder (NIST BCEB). NIST CSF addresses the set of discrete internal controls which need to be planned, designed, implemented, managed and sustained across an enterprise. The second framework, NIST BCEB, concerns the requirements which enable the building of a cybersecurity business plan to guide a global enterprise in their journey to achieve Cybersecurity Convergence."