Explore Bracketology

Bracketology is the art and science of designing, developing, and deploying cybersecurity control architectures using leading risk management frameworks for digital risk management and information supply chain protection.

NIST 800-53r4

The foundational cybersecurity control set tool kit. The most comprehensive. Use it across the technology spectrum.



A cloud security architecture built for clouds service providers doing IaaS, PaaS and SaaS. [Who isn't?].


Industrial Control Systems

NIST 800-53 tailored for ICS and SCADA. Protect the plant, the grid, the pipeline, and more.



& the on the spot update on what we're adding to the site
The Latest

Blockchain & Cybersecurity

The Future of Digital Authentication

A blockchain — a secure distributed database that maintains a constantly expanding list of records. Each record, or block, has a link to a previous block making them inherently resistant to exploitation by hackers. Blockchain is about to change how the way digital authentication is done.

Puzzle pieces.  Advanced persistent threat enables hackers to solve the puzzle by assembling a mosaic of your most important data.

Hackers and Hedgefunds

Assemble the pieces. Solve the puzzle.

Hackers and hedge funds have a lot in common. They both use mosaic research to assemble important data to solve the puzzle of what is going on in a business. Hedge funds do it legally. Hackers use advanced persistent threats to steal your information one piece at a time.

The List of Lists

Making lists to solve problems is a time-honored tradition. We've assembled all of the different cybersecurity related lists in one place.

Ottaviano Petrucci, born in 1466 is the first to print in quantity and the first to print polyphonic music, and the quality of his printings was outstanding.  Printed polyphonic music provided the way that melodic, rhythmic, and harmonic aspects of a musical composition are combined to shape the overall sound and quality of the work.  Cybersecurity automation and orchestration tools enable you to shape the overall quality of your continuous monitoring and risk management program.

Future Cybersecurity Automation & Orchestration

Ottaviano Petrucci invented a way to print polyphonic music enabling the melodic, rhythmic and harmonic aspects of music to be combined to shape the overall sound and quality of the work. The ability to combine all the aspects of your cybersecurity continuous monitoring for all of the key cybersecurity domains is an essential component of risk-based cybersecurity. Here we look at what the innovators in this space are inventing, patenting, and building.

FedRAMP control parameters are all assembled in one place to simplify building information supply chain risk management programs for the cloud.

Bracketology for FedRAMP

Because filling bracket should be so much easier.

We got tired of having to look in three different places to find the control parameters [aka "the brackets"] for FedRAMP Low, Moderate, and High baselines. We built the details into the control pages. Explore the Bracketology | FedRAMP to simplify and accelerate making decisions about how to implement FedRAMP controls.

What We Do

Business Solutions Advisory

We help you accelerate innovation and digital transformation; navigate the relentless array of new and emerging technology, products, services, architectures and deployment models.

New Visual First Risk Management

A visual, easy to use approach to eliminate the fatigue associated with continuously updating and changing your security control infrastructure and compliance and regulatory documents plans.

Open Data & Data Sets

We design and build applications and solutions using open data — patent data, cybersecurity controls, census data, public repos for data scientists and business analysts.


Commentary, research, news and the latest prognostications on the state of digital innovation, IP and technology that protects the digital economy

The Latest Risk Management Frameworks

We help our clients use and comply with cybersecurity control frameworks — Risk Management Framework (RMF), Cybersecurity Framework (CSF), FedRAMP, CJIS, HIPAA.

Risk-Based Cybersecurity

Wayfinder Digital is building ControlMatrix, new tools to manage cybersecurity controls and risks throughout the information supply chain and over the systems life.

Intellectual Property

We speak patents, trade secrets, inventions, and the processes that drive today's intellectual property marketplace and to help you protect your most important digital innovations and assets.

Integrate Strategy Compliance & Governance

Create a digital risk management infrastructure that integrates cybersecurity strategy, regulatory compliance, governance processes. We'll help you simplify, cut costs and get it done.