Metrics Based Sharing & Collaboration
A New Model for Collective Defense!
About Us
The Challenges
In order to accelerate the maturation and adoption of information security practices and products, and adequately identify the regulations and investments necessary to protect the nation’s critical infrastructure sectors there is a need for:
- a common language to support cross-sector testing, collaboration and communication
- a globally harmonized exercise delivery framework to evaluate products, services, and capabilities
- the ability to create standardized risk metrics, threat models, and playbooks necessary to assess cyber policies, regulations, and resiliency.
The Desired End State
Based on interviews and research conducted over the last decade with many of the world’s largest financial institutions and market utilities, as well as a cross-section of cybersecurity related associations and experts, it has become apparent that until the above challenges are addressed it is unclear how the regulatory and investment decisions necessary to protect the data and systems that are essential to our economic and national security can be properly identified, prioritized, and assessed.
Our Progress
CMBR is a 501c3 nonprofit and registered ISAO, created to work with the public and private sectors to build a new form of collaboration - FinCyberNet. One founded in the shared vision that unless we can find a value-added way to work together, we cannot create the engagement and infrastructure necessary to support our collective defense. Over the last 5 years more than 1,500 firms have participated in cyber range-based exercises, curated compliance and awareness based online labs, and resiliency focused workshops developed by CMBR. The related data is helping define and value offerings like FinCyberNet that generate baseline metrics firms can use to inform their customers, boards, and regulators, as well as future investments.