The changing threat environment and vulnerability landscape requires a dynamic and flexible approach to managing cyber risks. KCG brings to each engagement our proven experience implementing cyber risk management programs by tailoring the risk management processes, governance structures, and key risk indicators to the unique needs of our customers. Our approach focuses on providing actionable risk intelligence to make informed risk management decisions, delivering the greatest return for risk reduction.

KCG develops cyber risk management programs aligned to the National Institute of Standards and Technology (NIST) Risk Management Framework (NIST Special Publication 800-37), providing a repeatable and sustainable method for identifying, assessing, remediating, mitigating, and reporting risks to the critical stakeholders within an agency. We have led NIST Risk Management Framework implementation initiatives for our customers, leveraging KCG’s CISO Framework to ensure proper integration into all aspects of an agency’s cybersecurity program.

KCG supports government cyber risk management programs through these key services:

• Risk Management Framework Development
  • Development of Key Risk Management Processes
  • Establishment of Risk Executive Governance and Functions
  • Identification of Key Risk Indicators (KRI)
  • Risk Executive Reporting
• Risk Assessment Support
  • Enterprise Cyber Security Program Assessment
  • Vulnerability Assessments
  • Penetration Testing