Nagan Research Group LLC

Instead what needs be done is to identify and manage your cyber exposures so you are not always playing catchup. That is not to say you should ignore cyber threats. You need to deal with ones that are prevalent in your cyber eco-system. Rather, you need to also, if you want to get ahead of cyber threats, identify and deal with your organizations cyber exposures. By ‘cyber exposures’ we mean the vulnerabilities that arise from inhabiting the cyber eco-system. You need not be doing anything exotic or leading edge just use computers, smart devices, networks and the Internet and you are in a cyber eco-system that has predators hunting for vulnerabilities. Realize that these vulnerabilities are not just technical but rather are rooted in human behavior, legal and compliance matters, use of social media, the cloud and the Internet of Things (IoT).

In order to help you address your cyber exposure we have developed an approach that begins by examining your organization from two perspectives.

Cyber Exposure Awareness Analysis – Information is gathered from a sample of the members of your organization and examines attitudes towards cyber exposure, responsibilities towards cyber security, and awareness of the cyber threats in general. Our nick name for this is ‘the cyber canary test’. Alluding to the canaries used in olden times to determine if there was a risk in the coal mines. If the atmosphere was unhealthy the canary would die. The analogy is that if your cyber environment is unhealthy then your organization is more likely to experience a cyber event.

Cyber Exposure Determination – This is a combination survey and interview approach that identifies as near as possible all your cyber exposures. This steps provides the strategic overview needed to understand if you have major cyber exposures and provides a way to begin to prioritize and address them. If you are not aware of all your cyber exposures then you will be defending your organization from the known threats while leaving major access paths into your organization for predators to exploit. And the predators  are like most people, they will go for the easy prey.

We then use this information to create a Cyber Exposure Management Program specifically for your organization. One that address your exposures and sets you on a proactive cyber defense path.

The best part is that we have automated tools to help us so the basic steps can be done in weeks, not months, at a reasonable cost.

So if you are tired of playing cyber ‘wack-a-mole’ send an email to with the topic Cyber Exposure Management and we will discuss how you can become proactive and not longer be an easy mark.

The NRG approach to addressing cyber threats



© 2016 All rights reserved Nagan Research Group LLC

We hear a great deal about rising cyber threats. It seems every day a new cyber threat arises, which leads to a great deal of activity to determine how to react to it. This is a strategic mistake. Focusing solely on cyber threats is a losing proposition as there will always be a new cyber threat to deal with, it is technologies version of ‘wack-a-mole’.