Dates:
29/05/19
Duration:
Introductory Training workshop, 8 weeks online implementation support and final one-on-one online risk assessment completion session
Location:
Radisson Blu, Limerick (also available in CORK and DUBLIN)
Grant Aided Fee:
The cost for the first year (twelve month) licence is €480
Course code:
-444-2

Introduction

The Cybersecurity Risk Assessment (CRA) is an online Risk Assessment and Management software tool (implemented and facilitated by training and online support) that allows enterprises to regularly check whether their cybersecurity profile is prepared for and resilient to cyber-attacks. It is a continuous improvement tool which gives enterprises the opportunity to improve their systems based on an informed analysis of their risk level allowing them to take action to mitigate those risks. The Cybersecurity Risk Assessment process is based on internationally recognised cybersecurity standards including the Irish National Cybersecurity Centre (NCSC) 12 Steps to Cybersecurity framework, UK Cyber Essentials, USA National Cybersecurity Framework (NIST) and key parts of ISO 27001.

Delivery

The programme consists of:

  • 12 month licence to the online CRA system
  • Initial workshop to understand core principles of Risk Assessment and how to use the CRA system
  • Bi-weekly group online check-in sessions
  • Final one-to-one online review session to complete the self-assessment
  • Remainder of the 12 month licence period to manage, update and implement actions in the CRA system

The CRA System

The CRA ia an online system which helps companies to manage, assess and address their cybersecurity risk profile across five areas:

Preparedness

This ensures you have a working information security policy, management of information assets, good employee cyber hygiene, effective user access management, provision of appropriate physical protection for information assets, and security education and training for staff.

Prevention (against cyber threats and attacks)

This includes Firewall protection, Anti-virus and Malware Protection, Patch Management, access controls, vulnerability management, protection at boundary access points, protection for individual devices, remote working and use of mobile devices.

Detection (of cybersecurity breaches, intrusions)

This includes allocation of duties and responsibilities to identify breaches, threat monitoring and effective processes to identify technical vulnerabilities of systems in a timely manner and ensure appropriate threat mitigation measures are taken.

Response (to incidents)

Procedures for the identification, reporting, investigation, recording and managing of cybersecurity breaches.

Recovery (business continuity)

Recovery procedures, plans, polices and processes in place and tested to ensure efficient and timely Business Continuity
Management.

Benefits

  • Reassurance to customers and suppliers that you are taking steps to mitigate cybersecurity risks
  • Document and track actions arising from reports generated by the system
  • Maintain a register of cyber-incidents, near misses, etc.
  • View your high-level cybersecurity risks and the status of outstanding actions in a simple online dashboard

Who should use it?

Suitable for owner-managers, technical staff, cybersecurity practitioners or consultants or anyone with cyber security responsibilities.

Also available in CORK and DUBLIN

For any further information please contact csi@ictskillnet.ie