Clarity is the strongest cybersecurity control you can implement
Most organizations don’t fail because of technology gaps—they fail because their governance foundation is unclear, inconsistent, or incomplete. Policies evolve separately from standards. Procedures don’t match expectations. Teams interpret requirements differently. And when governance is fragmented, risk grows quietly.
The CyberDynamX Governance Enablement Program fixes this by giving organizations a complete, integrated, and audit‑ready governance framework—built with precision, tailored to your environment, and delivered in a structured 90‑day engagement.
No guesswork. No over‑engineering. No sprawling documentation. Just a clean, defensible governance model your organization can adopt with confidence.
A targeted, proven approach
You receive a fully structured set of policies, standards, procedures, and baselines (tier‑dependent), aligned to NIST, ISO, and SOC 2 and customized with your organization’s terminology and branding. Advisory support helps your team understand the structure, implement it effectively, and build alignment across leadership and IT.
The result is a governance foundation that is consistent, sustainable, and ready for executive approval and audit review.
The materials have been arranged in the following three tiers.
Tier 1 — Core
A complete governance foundation with essential support. Ideal for organizations formalizing cybersecurity governance for the first time.
Tier 2 — Enhanced
A full governance library plus advisory days, walkthrough sessions, and implementation tools.
Ideal for organizations seeking deeper clarity and guided adoption.
Tier 3 — Advanced
Strategic alignment, executive‑ready materials, framework mapping, and ongoing advisory touchpoints.
Ideal for organizations building long‑term maturity and leadership‑level oversight.
| Tier 1 – CORE | Tier 2 – PLUS | Tier 3 – ADVANCED | |
|---|---|---|---|
| Pricing | $[CONTACT] | $[CONTACT] | $[CONTACT] |
| Engagement Duration | 90 Days | 90 Days | 90 Days |
| STANDARDS | |||
| Acceptable Use |  | | |
| Account Lockout | | | |
| Asset Management | | | |
| Backup | | | |
| Data Classification | | | |
| Data Encryption | | | |
| Electronic Media Disposal | | | |
| Logging & Monitoring | | | |
| Malicious Software Prevention, Detection & Eradication | | | |
| Network Security | | | |
| Passwords | | | |
| Patch & Vulnerability Management | | | |
| Privileged Account Creation & Management | | | |
| Remote Access | | | |
| Risk Management | | | |
| Security Incident Response | | | |
| Security Training & Awareness | | | |
| User Account Creation & Management | | | |
| Cloud Vendor Security. | | | |
| Configuration & Baseline Hardening | | | |
| Cryptographic Key Management | | | |
| Data Residency | | | |
| Data Retention | | | |
| Data Transmission | | | |
| Database Security | | | |
| Guest Wireless | | | |
| IT Change Management | | | |
| Major Risk Travel | | | |
| Mobile Device Management | | | |
| Physical Security | | | |
| Secure Coding | | | |
| Vendor Risk Management | | | |
| Wireless LAN | | | |
| Zones Architecture | | | |
| PROCEDURES | |||
| 3rd Party Disclosure | | | |
| Exception Request | | | |
| IT Change Management | | | |
| Risk Management | | | |
| Security Incident Response | | | |
| BASELINES | |||
| Cloud Security | | ||
| Endpoint Security | | ||
| Identity & Access Security | | ||
| Logging & Monitoring Security | | ||
| Network Device Security | | ||
| Server Security | | ||
| GUIDELINES | |||
| Major Risk Travel | | ||
| Passphrases | | ||
| Risk Register Operation | | ||
| Segregation of Duties | | ||
| ENABLEMENT & ASSURANCE | |||
| Intake Questionnaire & Customization | Lite | Full | Full |
| Detailed Program Instructions | | | |
| Organization‑Specific Tailoring | | | |
| Branding (Logo) Application | | | |
| Advisory Consulting Days | 2 Days | 4 Days | |
| Governance Walkthrough (executive) | | | |
| Basic Risk Register | | | |
| Implementation Prioritization Matrix | | | |
| Policy | Standard | Procedure Traceability Matrix | | ||
| ISO | SOC 2 | NIST Mapping | | ||
| Board‑Level Security Overview Deck | | ||
| Signed copy of CyberDynamX | |
Download a copy of the: Service Description
I have been consistently impressed by Curtis' professional competency and solid knowledge in the IT security, compliance and governance disciplines.
Sr. Manager
Alberta Blue Cross
Curtis is one of the most creative mind I know, and taught me to think outside of the box…
Senior Security Consultant
TELUS
I wish that I’d had this book when I was starting out in cyber security. It would have saved me from making many common and uncommon mistakes, leaving me free to find new and creative mistakes of my own to make.
Chief Information Security Officer
University of Northern BC
If you’re looking for someone with that rare combination of character, vision and leadership, who can still roll up their sleeves to get things done, meet Curtis Blais.
President
SC Canada Services Inc.
Curtis is a strategic 21st Century thinker and doer and he has a vision that captures the imagination. Curtis is a highly regarded leader in the security community.
CSO / Canadian Security Director of the Year
TELUS
I believe the book is well positioned to be a thought-leader and practical guide for organizations looking to establish a solid security posture. I love how the book transcends the commercial and not-for-profit sectors, and is applicable to companies in Canada, the US, and internationally. Highly recommended and worth every penny!
CISO
MRNET
Curtis has proven to be a strong and highly knowledgeable professional who has served our organization very well…
CIO
Alberta Blue Cross
Curtis’ leadership and guidance in advancing cybersecurity programs within Canada’s higher education sector highlight his deep expertise in risk management and his commitment to high standards.
Chief Information Security Officer
British Columbia Institute of Technology
I'm a practical person, and I don't like to fall into excessive praising, but I chose my words lightly when I say you were very inspiring.
Sr. Consultant/Manager
KPMG
He always demonstrates professionalism in every facet of business and has a proven record of success as a leader…
Director, National Solutions Delivery
TELUS
I still have the materials and lessons learned from the leadership program you did for us!
Manager Server Infrastructure & Operations
Alberta Blue Cross
Your work has been sooo helpful!
Director, Information Technology
Olds College
I've never worked with a person with more integrity.
Information Security Analyst
AIMCo
Curtis is a pragmatic strategist who emphasizes risk reduction and digital resilience by implementing effective controls in key areas to thwart one's adversaries.
Field CTO Cybersecurity
Cisco Canada
Curtis is a leader, humble, creative, and has a tremendous amount of integrity.
Team Manager
Alberta Blue Cross
He is a visionary…
CTO
ATB Financial
I’ve had the privilege of working with Curtis on some really cool things this past year. He’s a trusted source, whip smart, super humble, and an all-around great guy. If you’re employed in any cyber security role regardless if you’re just starting out or have a few battle scars, his book is probably something you want to add to your library.
Director, Cybersecurity & CISO
MacEwan University
Curtis is the definition of professionalism. He is one of the most knowledgeable professionals it is my pleasure to know in the areas of Security and Compliance.
Much of your work regarding IT Security Governance has remained as the foundation for effective operations. And it provided an excellent foundation that we could expand upon. Your great work, and its cumulative impacts, set us up for future success in a lot of regards. Also, our Enterprise Architect is a big fan.
Director of Information, Risk & Compliance
NorQuest College
…you speak with humility, something that makes you very approachable, especially to people who may not have the confidence of those more established in the field. Cybersecurity needs more people like you.
Chief Information Security Officer
University of Northern BC