CyberUK starts in Glasgow tomorrow, as a timely report from the BBC announces that "More than half of British firms ‘report cyber-attacks in 2019’ "
In the article, the of Head of Cyber at Hiscox said, “the percentage of firms scoring top marks on cyber security had fallen, with UK organisations doing particularly badly.”
HOW do we measure Cyber Security?
The big question most organisations ask APMG is ‘HOW do we measure our Cyber Security preparedness and ensure value for money from our cyber budget?’.
MoD’s Dstl developed a solution - CDCAT
In 2010, the MoD’s Dstl developed a solution to meet the rising demand for clarity over organisations’ cyber security preparedness. That solution would become CDCAT - a world-class approach that enables organisations to rapidly establish a clear risk management strategy.
At its core CDCAT assesses the maturity of an organisation’s cyber security posture against a multitude of global standards including ISO/IEC 27001, NIST Cyber Security Framework, HMG’s 10 Steps to Cyber Security, Cyber Essentials Plus, CPNI Security for Industrial Control Systems and Defence Cyber Protection Partnership (DCPP).. It is based on continuously updated evidence, to give organisations the confidence that they are both meeting compliance standards and targeting their resilience efforts and financial investments correctly.
CDCAT is the definitive means of measuring operational risk and managing and maintaining an effective cyber risk management strategy to drive your organisation's cyber transformation. For organisations that hold accreditations against a number of security standards, the different annual audits can cost tens of thousands. CDCAT enables assessments to be completed against multiple standards simultaneously, saving time and effort. It can also help your company plan for cyber security automation.
Is CDCAT just for military or government use?
APMG has a commercial licence for CDCAT. For firms that want an immediate overview of their current Cyber security posture, or those that are looking to prepare and understand what and when to automate to achieve greater effectiveness, APMG has developed a CDCAT Consultancy service.
Sub licences are available for consulting organisations wishing to add CDCAT to their offerings or for any organisation to carry out assessments on their internal systems or supply chain. Please see Reseller details on this page .
There is no other service available which delivers the expertise and capability intelligence to provide actionable insights into an organisation’s cyber security set up, direction and plan of action as quickly and effectively as a CDCAT assessment
How can I identify trustworthy cyber professionals or training?
Finally, if you are starting your journey and exploring Cyber Security options,– Andy Taylor’s blog outlining how you can Identify the genuine article gives a great overview on choosing the right person as well as an overview of some of the key Cyber Standards and Training available.
NCSC's Cyber UK 2019 event
If you are visiting the NCSC’s CyberUK 2019 event in Glasgow – find us on stand E7 for a free demo or to discuss CDCAT as well as our GCHQ Certified Training courses in more detail.
