Cyber Resilience Assessment Tool (CRAT)

1. Why we developed CRAT?

1. Organizations are looking for a way to check their cyber resilience status quickly and simply.

2. Organizations want insight into their attack surface, so they can minimize this attack surface to prevent cyber incidents.

3. Organizations need to comply with certain international Cybersecurity & Cyber Resilience Standards.

2. Features:

1. Secior’s CRAT presents the level of cyber resilience by identifying the maturity level (1-5) of each cybersecurity measure.

2. The required level (‘target state’) at a specific Standard/Framework can be compared with a previous assessment of the same organization or with a similar organization (benchmark).

3. CRAT Spiderchart Example

4. Input Spiderchart (Cybersecurity Maturity)

The Spiderchart is a 5-ring model showing the Cyber Security Maturity Level of each domain.

5. NIS2 Spiderchart categories:

* Based on article 21: NIS2 Cyber Security Risks.

1. Risk Analysis; Information Security Policies.

2. Incident Handling.

3. Business Continuity.

4. Supply Chain Security.

5. System Acquisition, Development and Maintenance; Vulnerability Handling.

6. Cybersecurity risk-management effectiveness measures.

7. Basic Cyber Hygiene; Cybersecurity Training.

8. Cryptography and Encryption policies & procedures.

9. Human Resource Security; Access Control Policies;Asset Management.

10. The use of MFA/continuous authentication solutions.