You are here


Alvarez & Marsal - Cybersecurity: The Enterprise Risk
Cybersecurity: The enterprise risk
Play Video
View related videos
Printable versionSend by emailPDF version

Cybersecurity is not just a technology issue, it is a business issue. Historically, risk management programs failed to tie cyber risk to business risk. We guide C-level executives in moving cybersecurity programs out of isolation and holistically integrate enterprise risk management functions, thereby effectively closing the gap in risk oversight.

Offerings include:

  • Functional Evaluation of Cyber Operational Risk Management Program
    • We perform a diagnosis based on the deconstruction of industry current practices and the blending of cybersecurity and risk management capabilities aligned to regulatory expectations.
  • Cyber Operational Risk Management Program Design, Development and Implementation 
    • We develop and / or enhance your risk management program at the intersection of cyber and operational risk capabilities aligned to your unique business objectives, risk appetite and regulatory climate. 

Our strategic approach includes:

  • We are experienced operators, world-class consultants and former industry and government leaders who draw upon our experience to solve problems, deliver results and create value. 
  • We have the expertise to assess an organization’s current cyber operational risk management program and the experience needed to successfully build out a cyber operational risk management framework for those looking to move to the next level with their existing risk management.
  • Our evaluations and framework are built on a methodology that considers five domains needed for a healthy, robust cyber operational risk management program:
    • Governance
    • Information Risk Management
    • Security Assurance
    • Security Operations Oversight
    • Intelligence & Response
  • Our decades of government and private sector experience include defending individuals, companies and nations against the most sophisticated cyber adversaries.
  • Our framework is guided by common organizational structures and designed to facilitate management decisions, such as which practices and capabilities to retain in-house and which to outsource.