woman's head in profile overlaid by futuristic tech images

Cybersecurity Risk Management for Boards, Officers, and Executives

Boards require new approaches and models for cybersecurity risk management under cyber-legal rulings and laws. Veritas GRC is the only organization uniquely positioned to address this global challenge.

Who We Are

Veritas GRC delivers solutions for managing, overseeing, and assuring cyber risk. We provide thought leadership, consulting, and educational solutions to Governments, Agencies, Commissions, and Corporations, reducing the impact of cyber regulatory compliance.

At Veritas GRC, our mission is to empower organizations to navigate the complex landscape of cybersecurity threats with confidence and resilience. We are dedicated to providing unparalleled expertise in cybersecurity risk management, offering strategic solutions and education that safeguard our clients’ digital assets and ensure uninterrupted business operations.

Driven by a commitment to excellence, innovation, and client success, we strive to be the trusted partner for boards, officers, and executives seeking to proactively manage and mitigate cybersecurity risks. Our team of seasoned professionals combines deep industry knowledge, cutting-edge technology, and a proactive approach to deliver customized solutions that align with our clients’ unique needs and objectives.

placeholder

At Veritas GRC, our vision is to redefine the standards of cybersecurity excellence, setting the benchmark for proactive risk management and resilience in the digital age. We aspire to be the leading authority in safeguarding organizations against evolving cyber threats through knowledge, education, and actionable data.

Driven by innovation and expertise, we envision a world where businesses operate confidently in their digital environments, fortified by robust cybersecurity strategies tailored to their unique needs.

Man staring at data
  • We uphold the highest ethical standards in all our interactions, fostering trust and transparency with our clients, partners, and colleagues.

  • Our client’s success is our top priority. We listen attentively to their needs, deliver customized solutions, and go above and beyond to exceed their expectations.

  • We embrace innovation as a catalyst for progress, constantly seeking new ways to enhance cybersecurity effectiveness, efficiency, and resilience for our clients.

  • We are committed to continuous learning and development, maintaining deep industry knowledge, and staying abreast of the latest cybersecurity trends, technologies, and best practices.

  • We empower our clients with the knowledge, skills, and resources they need to confidently navigate the complexities of cybersecurity risk management, enabling them to embrace digital transformation securely and achieve their business objectives.

Andy Watkin-Child CEng, CSyP, MSyI, MIMechE

Andy is a 20-year veteran of cyber security, risk management, and technology. He has held international leadership positions in the 1st and 2nd Lines of Defense (LoD) for cyber security, cyber risk management, operational risk, and technology for companies across engineering and manufacturing, financial services, publishing, and media. Working with leadership teams of companies with balance sheets over €1 trillion. He is an experienced member of management boards, global risk leadership teams, cyber security, operational risk, and GDPR committees.

Andy holds Royal Charters in Security (CSyP), recognized by the UK Centre for the Protection of National Infrastructure (CPNI) and Engineering (CEng). He has a place on the UK’s Register of Chartered Security Professionals. Andy is a member of the Security Institute (MSyI), the largest UK members-only security trade association, a Freeman of the Worshipful Company of Security Professionals (CSP), and a Freeman of the City of London. He is a counsel-appointed expert witness specializing in cyber and risk management, and advised the Information Commissionaires Office (ICO) on high-profile GDPR cases. He is a founding member of the US CMMC Accreditation Body (CMMC-AB) standards working group, developing the CMMC assessment methodology.

Andy is the Founding Partner of Parava Security Solutions, an independent cyber risk management advisory firm supporting organizations to deliver cyber risk management and regulatory programs. He runs CMMC Europe, an advisory company that supports the European DIB deploy CMMC. 

 

 Ted Dziekanowski

Ted is a cybersecurity veteran with over 40 years of experience designing, delivering, overseeing, and assuring cybersecurity and risk management systems. Ted’s area of expertise is risk management in Information Technology developed over decades. He is an experienced systems auditor and integrator, giving him a unique insight into the challenges of developing an eGRC program that satisfies the compliance requirements of organizations of all sizes.

He is an internationally recognized cybersecurity, risk management, and Information system auditor and a highly respected security trainer authorized to train ISACA CISA, CISM, CRISC, ISC2 CAP, CCSP, and CISSP. He holds DoD secret clearance and has taught causes for various public and private sectors (available on request).

Ted has a proven record providing training to an extensive range of public and private sector clients, including the US States Army, Navy, Air Force, Marine Corps, Defense Intelligence Agency, NSA, DHS, US Treasury, DoA, DoJ, DoL, Federal Reserve Bank of the U.S, Boeing, Lockheed Martin, Northrop Grumman, General Dynamics, General Electric, Microsoft, Verizon, AT&T, IBM, HP, SAP, Cisco, Dell, VMWare, Blackberry. Wells Fargo, Charles Schwab, PNC Bank, JPM, Goldman Sachs, Options Clearing Corporation, AIG, Bank of Canada, MasterCard, Bank of New York Mellon, Prudential Insurance, Bloomberg, Blue Cross Blue Shield of NJ, CVS Health. PWC, EY, Booze Allen, Deloitte, Health Canada, Home Depot, Nestle, M&M Mars, MIT Lincoln Labs, Johnson and Johnson, Merck, Novartis, and Lowes, to name a few. 

 

Brian McCarthy

Brian is the founder and President of 327 Solutions, Inc., a global technology, cybersecurity, and risk management training firm with over 30 years of experience in training design, development, facilitation, and human capital performance. Brian enables the best solutions for measurable impact and improvement, from pharmaceutical product launch training to reskilling thousands of developers in the financial sector to Department of Defense (DoD) compliance.

Brian formed 327 Solutions in 2014, has worked with every DoD service branch and most prime contractors, and has deployed training globally. 327 has created global soft-skills programs for organizations like Thomson Reuters in multiple localized languages, recruited and staffed multi-lingual global facilitation teams, and architected multiple telecom programs for teams like Comcast and Verizon. 327 Solutions has placed the top echelon of cybersecurity, risk management, compliance, audit, and technology trainers for organizations such as Global Knowledge, Marines, University of Arizona, and leading “Bootcamp Styled” training providers.

327 Solutions is an ISACA ELITE Authorized Training Organization (ATO), delivering the highest caliber training and ISACA programs for information management, audit, risk, and cyber, with resources to deploy globally.

Service Offerings

Decorative icon

Board and Executive Education

Decorative icon

Board Coaching

Decorative icon

Board Advisory

Decorative icon

Cyber Risk Management Audit

Decorative icon

Cybersecurity and Risk Certifications

Decorative icon

Organizational Design

Elevate Your Board and Executive Cybersecurity Competence

Amid increased regulatory scrutiny from the SEC and EU (NIS2/DORA), boards and executives must grasp cybersecurity risk management intricacies.

Veritas GRC understands the challenge of demonstrating due diligence and competence. Our educational solutions offer a single source to meet regulatory demands, providing the tools and knowledge to navigate complexities confidently.

boardroom 2
Decorative Graphic depicting brain

Cyber Board Coaching: Elevating Expertise

At Veritas GRC, we offer personalized one-on-one coaching by subject matter experts to enhance the unique competencies of your board in cybersecurity risk management compliance. Our commitment extends beyond the training sessions, as we forge a lasting relationship with each board member. Gain continuous access to our extensive resources, knowledge, and experience to strengthen your board’s cybersecurity governance capabilities.
Decorative graphic of woman facing away in front of digital screens

Cyber Board Advisory: Actionable Advice

Cyber risk management has become a pivotal focus in today’s complex legal and compliance environment, compelling boards to establish robust programs for regulatory oversight and assurance.

At Veritas GRC, our expert team stays ahead of cybersecurity regulations, offering comprehensive guidance to manage cyber risks and ensure compliance. With our tailored approach, we empower organizations to navigate the intricate regulatory landscape confidently.

Decorative graphic

Cyber Risk Management: Audit for Accuracy

In today’s rapidly evolving cyber landscape, ensuring regulatory compliance and robust cybersecurity strategy delivery is non-negotiable. Our tailored 3rd Line of Defense cyber audit is your key to closing the cyber risk gap and fortifying board cyber governance. With our trusted internal audit partners, we ensure compliance with cybersecurity standards, empowering your board to confidently attest to regulatory compliance. Don’t just meet baseline requirements—thrive in cybersecurity assurance with our expert solutions.

The Veritas GRC Cyber Collective Peer Network

We’ve cultivated and are continually expanding a vibrant cybersecurity community that fosters informal learning. Our dynamic environment encourages collaboration, knowledge sharing, and ongoing growth. This network not only enriches the professional development of its members but also strengthens the overall resilience of the cybersecurity community.

shutterstock_1794950857_3 1 (1)

Unlock Your Potential with Veritas GRC Training Certifications

Your gateway to global cybersecurity training and certification excellence! Join forces with us to access world-class programs curated by leading authorities such as ISC2, EC-Council, CompTIA, ISACA, and the Cloud Security Alliance.

Dive into top-tier programs including CISSP, CCSP, CISM, CRISC, CISA, CGEIT, CCAK, and more. Elevate your cybersecurity prowess and stay ahead in today’s dynamic landscape!

Optimize Organizational Design for Cyber Risk Management Resilience

Cybersecurity risk management poses legal and regulatory challenges, necessitating a structured approach to mitigate board liabilities. We collaborate with boards to evaluate their cybersecurity competencies and establish organizational frameworks for regulatory compliance.

shutterstock_1794950857_3 2
Veritas GRC Logo

Board and Executive Education

 Boards and Accountable Executives, due to new regulatory oversight by the Security and Exchange Commission (SEC) and European Union (NIS2/DORA), must have a unique awareness of not only cybersecurity risk management but also an understanding of how SEC, EU, and other regulators will interpret their actions as board members and accountable executives. With the SEC cyber ruling in effect now and EU oversights coming online in the third quarter of 2024, organizations must build their leadership teams to manage cyber risk proactively to attest to cyber risk management maturity. 

Veritas GRC is the single answer to address these requirements, helping organizations show due-diligence in competence and competency. 

Board Coaching

Veritas GRC helps expand unique competence and competencies in the board through one-on-one subject matter expert coaching in cybersecurity risk management compliance. Training will not end on your last day of class. We enter into a relationship, providing each board member access to our resources and extensive knowledge and experience.

Industry Benchmarking

Elevate your cybersecurity capabilities with our cutting-edge cyber benchmarking service. Our tailored assessments compare your regulatory and compliance capability against industry standards and best practices, enabling you to identify strengths, weaknesses, and areas for improvement. Stay ahead in the cyber protection race by leveraging data-driven insights to benchmark and enhance your organization’s resilience against evolving threats.

Cybersecurity risk management audit

For regulatory assurance and organizational preparedness. [3rd party]

The 3rd Line of Defense cyber audit is critical to evaluate the delivery of cybersecurity strategy and assure cyber regulatory compliance. To define and close the cyber risk gap required to address board cyber governance and regulatory compliance, you must assure baseline compliance. Using our internal audit partners to ensure cybersecurity risk management compliance to cybersecurity standards enables the board to attest to cybersecurity regulatory compliance.

Cyber and Risk Certifications [3rd party]

Veritas GRC, in partnership with 327 Solutions, delivers global, multi-lingual training and certification services in programs created by ISC2, EC-Council, CompTIA, ISACA, Cloud Security Alliance, and others. Organizations that need professional training, exam prep and review, and certification services can partner with Veritas GRC globally. Top programs include CISSP, CCSP, CISM, CRISC, CISA, CGEIT, CCAK, and others.

Organizational Design

Cybersecurity risk management is a complex regulatory problem requiring a program that increases board legal risk, including civil and criminal liabilities. Cyber regulatory compliance requires the board to adopt an appropriate organizational structure for the oversight, assurance, and attestation of cybersecurity risk management within a governance framework.
Skip to content