I was advising a friend today and got another chance to bring up this graphic. It’s a nice graphic to introduce early in the conversation about a company’s security and privacy. I really like this one, it contains so much information! I’d be willing to be that most companies are maturity level 1. They usually don’t have things well defined or even tracked on a regular basis. Most everything is ad hoc.
Ok, now overlay the risk, shareholder value, and negligence.
Acknowledgement to Secure Controls Framework for the graphic. Security & Privacy Capability Maturity Model (SP-CMM) (securecontrolsframework.com)
CEO at Tracc Development, Inc.
Paul Bergman runs a business strategy and cybersecurity consulting company in San Diego. He is CEO of AMRAD. He also leads a mentoring non-profit in San Diego, Lamp of Learning. He writes on cybersecurity and board management for both corporate and nonprofit boards.
Latest posts by Paul Bergman (see all)
- Would You Ignore a 1-in-3 Chance of a $250,000 Loss? – October 23, 2025
- The cybersecurity reality for SMBs – October 21, 2025
- Protecting Yourself from FinTech Fraud: Five Common Scams and How to Stay Safe – October 14, 2025
Leave a Reply
You must be logged in to post a comment.