About Us

The Global Manufacturing Cyber Governance Center

Global security and prosperity depends upon an innovative, safe, secure, and resilient Manufacturing Sector.

GLOBAL MANUFACTURING CYBER RESILIENCE

The Manufacturing Sector includes public- and private-sector owners and operators and other stakeholders with a role in the manufacturing ecosystem, all dependent upon cyber resilience.  Each manufacturing organization’s risk is unique. The reliance on technology, communication, and the interconnectivity of industrial control systems (ICS) has changed and expanded potential vulnerabilities and increased risks to operations. To manage cybersecurity risks, a clear understanding of the business drivers and security considerations specific to Manufacturing systems, operations, and the supporting environment including the tools and methods used to achieve and sustain resilience is required.

To enable the sustainability of global manufacturing cyber resilience, a public/private partnership in coordination, cooperation and collaboration with Manufacturing owners and operators, in 2016, established the:

THE GLOBAL MANUFACTURING CYBER GOVERNANCE CENTER (GM-CGC)

THE GLOBAL MANUFACTURING INFORMATION SHARING & ANALYSIS ORGANIZATION (GM-ISAO)

Headquartered at the Global Institute for Cybersecurity + Research (GICSR) – Global Situational Awareness Center (GSAC) at NASA/Kennedy Space Center

THE GM-CGC IS A NON-PROFIT ORGANIZATION 

DEDICATED MISSION – TO FOSTER, ENABLE AND SUSTAIN:

Manufacturing Cyber Resilience Risk Management Best Practice Adoption and Adaption – Operationalizing Manufacturing Cyber Resilience 

Aligning Organizational ContextOperational Environment (Product Offerings, Mission/Vision/Values), Cybersecurity Workforce Profile, Asset Management, Legal and Regulatory Requirements); Organizational Relationships (Organizational, Customers and Stakeholders, Suppliers (Supply Chain) and Partners); Organizational Situation – Competitive Environment (Competitive Position, Competitiveness Changes, Comparative Data); Strategic Context (Key Strategic Challenges and Advantages); Performance Improvement System (Key Elements)

Fostering LeadershipSenior and Cybersecurity Leadership (Commitment, Implementation, Legal/Ethical Behavior, Policies, Operations, Communication (Internal/External), Action (Focus to Achieve Resilience); Governance (Compliance – Policies/Procedures/Operations/Legal/Regulatory, Community)

Supporting Strategy – Cybersecurity Strategic Planning (Alignment to Organization’s Overall Strategic Planning, Innovation Stimulation, Data Collection and Analysis, Process Implementation and Compliance, Objectives Timetable, Customer/Stakeholder/Business Balance, Deployment/Action Plans/Performance Measures)

Exceeding Customers’ Expectations Outreach/Engagement (Internal/External Communications, Relationships Supporting the Customer’s Defining Voice

Leveraging Performance Measurement/Analysis/Knowledge Management to Mature Cyber Resilience – Performance Data (Cybersecurity Operations and Cybersecurity Performance), Key Cybersecurity Performance Measures (Comparative Data to Support Fact-Based Decision-Making, Change Response, Reviews, Public Projection, Leverage Findings to Drive and Deploy Priorities for Continuous Improvement and Innovation Opportunities)

Enabling a Highly Skilled Cyber-Resilient WorkforceEnvironment (Assess Capabilities, Recruitment/Hiring/Placement/Retention, Roles/Responsibilities, Response to Changing Capability and Capacity Needs), Continuing Education (Sector, Cross-Sector, Organizational, Role-Based); Workforce Engagement – High Performance and Open Communication Culture. Workforce Innovation

Sustaining Operations – Key Cybersecurity Work Processes (Process Design/Management/Improvement); Asset Management (Identification, Documentation, and Management of Organizational Assets); Configuration and Change Management – Ensuring Integrity of Organizational Assets; Vulnerability Management – Identification, Analysis, and Management of Organizational Operating Environment Vulnerabilities; All-Hazards Preparedness – Identify, Detect, Protect, Respond, Recover– Incident Management. Alignment of Physical and Cyber Response Protocols, Real-Time Accessibility to Sector and Cross-Sector Security Situational Awareness Actionable Intelligence and Multi-Directional (Internal/External)  Information Sharing and Coordinated Response (Secure Communications and Control) Capabilities

Learning from Results – Supporting Continuous ImprovementOrganizational Cybersecurity Process Performance (Protection, Detection, Response, Recovery, Process Effectiveness, Emergency Preparedness, Suppliers’ and Partners’ Roles and Responsibilities, Supply Chain Management); Customer-Focused Cybersecurity Performance (Internal/External Customers’ Satisfaction or Dissatisfaction with Organizational Cybersecurity Policies and Operations, Understanding of Roles and Responsibilities);  Workforce Cybersecurity Performance (Capability, Capacity, Engagement, Roles and Responsibilities Fulfillment)

Validating Governance Governance Leadership (Communication, Engagement, Ethical Behavior, Community Support Achievement or Cybersecurity Strategic and Action Plans); Governance (Management and Compliance Accountability); Financial/ROI (Cybersecurity Operations)