Join us for this FREE live webinar to hear all about our new Cybersecurity Risk Assessment (CRA) programme. During this 30 minute webinar, we will give you an overview of the programme, demo the online CRA system and explain how other IT Providers are using this programme with their customers to offer services higher up the value chain helping them understand, assess and address their cybersecurity risk. You’ll also have the opportunity to ask any questions during the final 10 minute Q&A session.
If you are an IT Provider working with companies who have yet to embrace the concept and importance of risk to their business in a practical way, then this webinar is for you.
The webinar is FREE but booking is essential. To book your place, follow the link below.
Cybersecurity Risk Assessment Programme (CRA) Overview
The Cybersecurity Risk Assessment (CRA) is an online Risk Assessment and Management software tool (implemented and facilitated by training and online support) that allows enterprises to regularly check whether their cybersecurity profile is prepared for and resilient to cyber-attacks. It is a continuous improvement tool which gives enterprises the opportunity to improve their systems based on an informed analysis of their risk level allowing them to take action to mitigate those risks. The Cybersecurity Risk Assessment process is based on internationally recognised cybersecurity standards including the Irish National Cybersecurity Centre (NCSC) 12 Steps to Cybersecurity framework, UK Cyber Essentials, USA National Cybersecurity Framework (NIST) and key parts of ISO 27001.
The programme consists of:
- 12 month licence to the online CRA system
- Initial workshop to understand core principles of Risk Assessment and how to use the CRA system
- Bi-weekly group online check-in sessions
- Final one-to-one online review session to complete the self-assessment
- Remainder of the 12 month licence period to manage, update and implement actions in the CRA system
The CRA System
The CRA ia an online system which helps companies to manage, assess and address their cybersecurity risk profile across five areas:
This ensures you have a working information security policy, management of information assets, good employee cyber hygiene, effective user access management, provision of appropriate physical protection for information assets, and security education and training for staff.
Prevention (against cyber threats and attacks)
This includes Firewall protection, Anti-virus and Malware Protection, Patch Management, access controls, vulnerability management, protection at boundary access points, protection for individual devices, remote working and use of mobile devices.
Detection (of cybersecurity breaches, intrusions)
This includes allocation of duties and responsibilities to identify breaches, threat monitoring and effective processes to identify technical vulnerabilities of systems in a timely manner and ensure appropriate threat mitigation measures are taken.
Response (to incidents)
Procedures for the identification, reporting, investigation, recording and managing of cybersecurity breaches.
Recovery (business continuity)
Recovery procedures, plans, polices and processes in place and tested to ensure efficient and timely Business Continuity Management.
- Reassurance to customers and suppliers that you are taking steps to mitigate cybersecurity risks
- Document and track actions arising from reports generated by the system
- Maintain a register of cyber-incidents, near misses, etc.
- View your high-level cybersecurity risks and the status of outstanding actions in a simple online dashboard
Who should use it?
Suitable for IT Providers or Consultants working with owner-managers, technical staff or anyone with cyber security responsibilities.