Profile photo
Marius Mihail Russo-Got

also known as Marius Russo

Enterprise architecture · cybersecurity governance · AI & quantum strategy · regulated environments

English (C2) · French (C1) · NATO Secret until Aug 2027
NATO/NCIA · UN · UNDP · UNOPS · FREELANCING · EU · EEAS · IBM · ALCATEL/NOKIA · MOTOROLA
Cybersecurity & governanceIdentity-centric · audit-ready

Cybersecurity & governance

Designing cybersecurity governance models that keep digital environments resilient, defensible and aligned with executive accountability, using practices aligned with NIST CSF, ISO 27001/27002, CIS Controls, COBIT and zero-trust principles, reinforced by cybersecurity, CISA-oriented audit practice, ITIL and governance certifications, with Agile / DevSecOps alignment where appropriate.

Institutional foundation

Built on security governance, architecture assurance and delivery leadership, cybersecurity is approached through defensible controls, traceable decisions and operational models that can withstand audit scrutiny in regulated and mission-critical settings.

Standards, governance frameworks & certifications

Cybersecurity governance models and architecture assurance approaches are aligned with internationally recognised standards, control frameworks and audit practices used in regulated and mission-critical environments. Operational understanding is reinforced through participation in three Red/Blue Team environments with strong performance in simulated cyber defence and attack scenarios.

Frameworks, certifications & executive education

Cybersecurity & risk: NIST CSF, ISO 27001/27002, CIS Controls, COBIT, zero-trust and Agile / DevSecOps alignment where appropriate. Professional certifications: Certified Information Systems Auditor (CISA)-oriented audit practice, Professional Cybersecurity Expert-level capability, ITIL and governance credentials. Executive education: Harvard learning in risk management, crisis management, process improvement and strategic thinking.

Auto scroll →
15+
cybersecurity governance frameworks designed or implemented
40+
regulated or mission-critical environments across banking, defence and the UN system
10+
multinational digital transformation programmes with security governance oversight
25+
cybersecurity and security-governance audits
20
audit observation sets closed through remediation, control redesign and evidence alignment
Representative security architecture exampleZero-trust architecture for regulated environments

🛡 CyberPro cybersecurity assurance

Built from operational experience across international organisations, defence environments and regulated financial systems, with selected contributions from senior experts from multinational technology corporations and large-scale enterprise programmes.

CyberPro was designed to connect governance, operational monitoring, architecture controls and audit evidence into a single defensible cybersecurity assurance capability.

Key integrated capabilities include:
  • AI-assisted network defence and cyber threat analysis
  • Data science and analytics for incident pattern identification
  • Hybrid and cloud security monitoring models
  • Governance mechanisms aligned with executive accountability
  • Structured cybersecurity assurance and audit evidence
Representative capabilities include:
  • Cyber threat analytics using machine learning and behavioural analysis
  • Cyber crisis management support for executive decision-making
  • Integration of operational monitoring with governance oversight
  • Incident-trend analysis improving services, processes and resilience

CyberPro reflects lessons learned across defence, banking and international institutional environments where cybersecurity must remain operationally effective, audit-ready and aligned with executive accountability.

A4 strategic infographic summarising zero trust, IAM/PAM governance, control evidence, threat defence, measurable scale and key artefacts.
Cybersecurity & governance infographic — executive A4 visual for web, briefings and PDF capability packs. A4 · high-tech · premium briefing style
Auto / manual scroll →
Zero-trust architecture

Continuous verification and controlled access

Cybersecurity architectures increasingly rely on identity-centric controls, segmentation and explicit trust decisions rather than implicit network confidence.

Typical focus areas include:
  • Zero-trust segmentation patterns
  • Least-privilege access design
  • Service-to-service trust boundaries
  • Continuous verification and adaptive controls

These capabilities are relevant in defence, banking, international organisations and other environments where trust assumptions must be tightly governed.

IAM, PAM & privileged control

Identity as the core security control surface

Identity governance is central to reducing risk, controlling privileged access and making security decisions traceable.

Typical focus areas include:
  • IAM and PAM governance models
  • Role design and segregation-of-duties patterns
  • Privileged session oversight and evidence capture
  • Identity lifecycle and joiner-mover-leaver controls

Strong identity governance improves control coherence, audit defensibility and executive visibility over access risk.

Assurance evidence & audit readiness

Security that can be demonstrated, not only claimed

Cybersecurity governance requires structured evidence showing how controls are designed, operated and reviewed.

Typical focus areas include:
  • Control libraries and policy-to-control mapping
  • Evidence packs for audits and assurance reviews
  • Risk registers and treatment traceability
  • Exception management with accountable approvals

This is particularly important in regulated sectors and institutional environments where trust depends on documentation and reviewable controls.

Operational monitoring & response governance

From alerts to accountable action

Monitoring becomes effective when detection, escalation and response processes are tied to ownership and governance.

Use cases include:
  • SOC/SIEM integration governance
  • Incident classification and escalation models
  • Security operations playbooks and reporting cadences
  • Cross-functional cyber risk dashboards

This helps organisations convert technical telemetry into accountable decisions and timely executive action.

Typical deliverables

Evidence-led cybersecurity artefacts for governance and assurance

Cybersecurity governance produces evidence-led artefacts that connect policy, architecture, operations and assurance.

  • Cybersecurity governance frameworks and control models
  • Zero-trust reference architectures and segmentation patterns
  • IAM/PAM governance designs and privileged access controls
  • Assurance evidence packs, risk dashboards and audit support materials
  • Security operating models, escalation pathways and response governance
  • Policy-to-control mapping and exception management registers

Cybersecurity becomes credible when controls are understandable, enforceable and evidenced across architecture, operations and executive governance.