When organisations consider Cyber Security, a natural tendency is to concentrate purely on preventing cyber-attacks.
This is clearly very important, but as evidenced from the ever-growing number of successful attacks and data breaches, even relatively well protected organisations can still fall victim. This is why thinking about cyber in the broader context of resilience is critical. So, just how secure is your organisation? That’s where we can help you with a cyber resilience assessment.
A key element of the UK Government’s Cyber Security Strategy is addressing the substantial gap in the UK’s cyber resilience. A critical part of bridging this gap is assessing your organisation’s resilience against the NCSC developed Cyber Assessment Framework (CAF).
What is a CAF?
The CAF was originally developed for assessing cyber resilience across Critical National Infrastructure (CNI) providers. Now, the CAF is gaining traction across both the wider CNI supply chain, and non-CNI organisations as an effective way of assessing cyber resilience based on specific objectives and outcomes.
The CAF focuses on four broad objectives:
- Managing security risk,
- Protecting against cyber attacks,
- Detecting security events,
- Minimising the impact of cyber security incidents.
The assessment methodology of the CAF defines principles for each objective and provides indicators of good practice (IGP’s) to measure against each objective.
Even if you aren’t an organisation that is bound to consider CAF, our experience is that it can be a useful tool for objectively measuring cyber resilience and planning improvement initiatives across the above four critical objective areas.
More on Quorum Cyber’s Cyber Resilience Assessments
Our Cyber Resilience Assessment is based around the CAF, delivered by our highly experienced Advisory team, and informed by a tailored Threat Intelligence Assessment.
Critically, it’s not just understanding your current position, but what you do with that information, and how you prioritise the recommendations provided that will dictate the value. Our assessment also includes:
- A comprehensive, prioritised set of recommendations to improve any gaps identified,
- An indicative roadmap outlining a suggested programme of work,
- A consideration of the recommendations, risks, and your specific organisational needs.
Our new Cyber Resilience Assessment is proving to be an important, high-value service for our customers. If you’d like to book an assessment or learn more about it, get in touch today.
