Press Release

Coalfire Pioneers First 3-D Blueprint For Cyber Executives

May 19, 2020

Strategy+ Approach Aligns CxOs with 2020 NACD Cyber Risk Guidelines

WESTMINSTER, CO – May 19, 2020 –Coalfire, a provider of cybersecurity advisory and assessment services, today introduced a novel method for cybersecurity strategy that spans the three risk-oriented dimensions of CxO oversight – business alignment, performance management, and controls discipline. Strategy+ was designed in accordance with 2020 NACD (National Association of Corporate Directors) risk oversight guidelines with the goal to bring executive leadership teams closer to mission-critical cyber decision-making.

“For the last 20 years, cyber risk management has been the cornerstone of Coalfire,” said Tom McAndrew, chief executive officer. “Today, with our clients moving to the cloud along with this pandemic pushing operational and workforce boundaries, executive leadership in our digital world must prioritize cyber strategy. Our Strategy+ program brings proven principles for strategic planning, enabling executives and boards to balance security with business objectives.”

Most organizations are evaluated from only one-dimension, focusing on security controls discipline across compliance frameworks and standards requirements. Coalfire incorporates the additional dimensions of business alignment and performance management into a holistic design, governance, and execution methodology. Enterprises can now integrate accepted standards and practices into the Strategy+ 3-D model to assess their cybersecurity programs.

The Strategy+ program is first-to-market to encompass elements of business strategy and performance management, combining best-practice principles established by the NACD to achieve the following outcomes:

  • Build stakeholder understanding of cybersecurity “why and how”
  • Align security posture with business objectives
  • Establish priorities, adjust culture, and optimize organizational behavior
  • Match cyber strategy at both enterprise and functional levels
  • Evaluate cyber maturity and effectiveness
  • Gain management input and buy-in for the cyber roadmap
  • Enable CxO dashboard oversight of KPIs and market performance metrics

​“Organizations spend significant time and money managing risk, and far too often, management seeks to solve cyber through the prism of technology and controls alone, resulting in a disconnect with business objectives,” said Mark Carney, executive vice president, cybersecurity services. “With Strategy+, CxOs can adopt a new risk management mindset, and recalibrate cyber risk programs from a cost center to a business accelerator. Strategy+ is our launch pad to demonstrate our commitment to business executives that want to be world-class in cyber.”

About Coalfire
Coalfire is the trusted cybersecurity advisor that helps private and public sector organizations avert threats, close gaps and effectively manage risk. By providing independent and tailored advice, assessments, technical testing and cyber engineering services, we help clients develop scalable programs that improve their security posture, achieve their business objectives and fuel their continued success. Coalfire has been a cybersecurity thought leader for nearly 20 years and has offices throughout the United States and Europe. For more information, visit


For media inquiries:
Mike Gallo
(212) 239-8594