EBSCO Security MVP
The Security MVP: Elevating Cyber resilience, One Check at a Time
Empowering the business with data-driven decisions while exercising due dillengence and due care. "The Security MVP" isn't just about compliance; it's about reslience.
Who: President, Finance Leader, IT Leader
Measurement: Assessment against capabilities and controls
Frequency: Annually
Requirement Details: Standards Documentation
In navigating the vast amount of security controls, the Minimum Viable Product (MVP) serves as a strategic process, identifying the most crucial controls as baseline measures. While the landscape evolves, the MVP provides a starting point to mitigate cyber risks, recognizing that complete risk elimination is not feasible. Rather, our aim is to minimize the potential impact on the business.
The MVP serves as the cornerstone for our security assessments, enabling the identification and prioritization of risks across our business units. It is a compliance measure coordinated by members of our Governance, Risk, & Compliance (GRC) team in partnership with the business unit stakeholders.
The defined controls originate from the FBI guidelines for Small Midsize Businesses (SMB). The defined controls are dynamic, and we consider changes over time, including the relevant controls defined by the National Institute of Standards and Technology (NIST).
Fig 1. (MVP framework)
Fig 2. (MVP Illustration)
Discipline Experts
