Expert Cybersecurity Risk advisory for Boards and Management

Aligning operations, governance and compliance for effective cyber risk management.

+1.917.930.5300

Olde Town Advisors

Cybersecurity: The Ubiquitous Risk

Cybersecurity is the most pervasive and potentially consequential risk facing all organizations and government entities. As responsibility to oversee cyber risk continues to transition from management to the board, it becomes more challenging to align the expertise, governance, compliance, and reporting considerations of cybersecurity programs that are well risk-managed. Old Town Advisors brings the perspective of years of work with senior leadership to help organizations understand the operational, legal, regulatory, and reputational implications of their cybersecurity decisions and practices.

advisory Services

Cybersecurity Board Governance Imperatives

Credible Oversight Models

Board Cyber Conversance
Independent CISO Alignment with Outside Directors
Reporting Cadence

The Independent CISO

CISO as a Corporate Officer
Reporting Lines that Reduce Risk
CISO Archetypes

Defensible Regulatory Disclosure Process

Cybersecurity Risk Disclosure Model
Reactive Incident Disclosure Model
Lookback Disclosures

Aligning Operational Risk & Resilience Plans

Cyber Incident Response Plan
Business Continuity Plan
IT Disaster Recovery Plan
Emergency Management Plan

Cybersecurity Program Assessments & Go-Forward Roadmaps

Selecting the Right Framework
Regulatory Compliance
Implementation
Cybersecurity Culture as the Baseline

Federal, State and Local Cybersecurity Challenges

Grant Funding Good Practices
Compliance Obligations
Cybersecurity Governance Among Competing Agencies

About Olde Town Advisors

Our Team

I'm Scott Corzine, the Managing Principal at Olde Town Advisors. I work with exceptionally talented professionals who have practiced for years on the client side, so their advisory work is operationally well-informed, practical and achievable. Our team endeavors to be direct, thoughtful and provocative. We only take on projects when we agree with you that we can be impactful and our outcomes consequential. We'll gladly refer you elsewhere if we feel that others can serve you better.

Representative engagements

Corporate

State, Local, Tribal & Territorial (SLTT)

Federal Government

We have engaged across insurance, financial services, technology, retail, defense, biotech, manufacturing, and services sectors on cybersecurity compliance, risk and resilience in operations and in the M&A context; on board governance in cybersecurity; standing up the CISO office; and on SEC materiality and disclosure models.

Federal Government

State, Local, Tribal & Territorial (SLTT)

Federal Government

We have advised an agency in the homeland security and cybersecurity space on mapping its workflow process, developing key performance indicators (KPI), and render visualization dashboards for reporting. We have drafted state-level water sector cybersecurity plans required by the EPA and helped states optimize their deliverables under federal cybersecurity grant programs.

State, Local, Tribal & Territorial (SLTT)

Our partners have worked with multiple states on cybersecurity strategy and governance, to assess security models for municipalities and townships, articulate cyber programs using federal grants funding to improve SLTT cyber resilience. We have assessed and proposed cyber roadmaps for large counties and municipal health systems.

Global

Education and Not-for-Profit

State, Local, Tribal & Territorial (SLTT)

We are well connected in the global insurance and risk management community, and have conducted a comprehensive cybersecurity assessment for the Board Audit Committee of a southeast Asian telecom entity. Partners have participated in cyber endeavors funded through USAID and the USTDA to improve the cyber capacity of participating nation-state entities.

Critical Infrastructure

Education and Not-for-Profit

We have led an assessment of the cybersecurity risk present in the operational technology (OT) environment at a large surface transportation authority and the development of an improvement roadmap that aligned its various contingency plans. We have been principal investigator on multiple research projects for a unit of the National Academy of Sciences dealing with operational risk and resilience in the U.S. airport sector.

Education and Not-for-Profit

We have advised numerous higher education institutions on cybersecurity and their operational resilience needs articulated in their business continuity plans; engaged with many large K-12 school systems on their all-hazards emergency management plans and tabletop exercises; and supported not-for-profit organizations on their approach to risk and security programs to meet compliance obligations.

Olde Town Advisors

Expert Cybersecurity Risk advisory for Boards and Management

Olde Town Advisors

Cybersecurity: The Ubiquitous Risk

ADVISORY Services

advisory Services

Cybersecurity Board Governance Imperatives

Defensible Regulatory Disclosure Process

Aligning Operational Risk & Resilience Plans

Cybersecurity Program Assessments & Go-Forward Roadmaps

Federal, State and Local Cybersecurity Challenges

About Olde Town Advisors

Our Team

Representative engagements

Corporate

State, Local, Tribal & Territorial (SLTT)

Federal Government

Federal Government

State, Local, Tribal & Territorial (SLTT)

Federal Government

State, Local, Tribal & Territorial (SLTT)

State, Local, Tribal & Territorial (SLTT)

State, Local, Tribal & Territorial (SLTT)

Global

Education and Not-for-Profit

State, Local, Tribal & Territorial (SLTT)

Critical Infrastructure

Education and Not-for-Profit

Education and Not-for-Profit

Education and Not-for-Profit

Education and Not-for-Profit

Education and Not-for-Profit

Contact Us for an exploratory

Write Us

Call Us

Olde Town Advisors

Expert Cybersecurity Risk advisory for Boards and Management

Olde Town Advisors

Cybersecurity: The Ubiquitous Risk

ADVISORY Services

advisory Services

Cybersecurity Board Governance Imperatives

Defensible Regulatory Disclosure Process

Aligning Operational Risk & Resilience Plans

Cybersecurity Program Assessments & Go-Forward Roadmaps

Federal, State and Local Cybersecurity Challenges

About Olde Town Advisors

Our Team

Representative engagements

Corporate

State, Local, Tribal & Territorial (SLTT)

Federal Government

Federal Government

State, Local, Tribal & Territorial (SLTT)

Federal Government

State, Local, Tribal & Territorial (SLTT)

State, Local, Tribal & Territorial (SLTT)

State, Local, Tribal & Territorial (SLTT)

Global

Education and Not-for-Profit

State, Local, Tribal & Territorial (SLTT)

Critical Infrastructure

Education and Not-for-Profit

Education and Not-for-Profit

Education and Not-for-Profit

Education and Not-for-Profit

Education and Not-for-Profit

Contact Us for an exploratory

Write Us

Call Us

Olde Town Advisors

This website uses cookies.