Cyber Risk Framework Workshop
Embed cyber risks within your risk register
The Cyber Risk Framework Workshop (CRFW) is designed to provide healthcare organisations with a risk framework to identify cyber security risks and align these to the corporate risk framework.
- Provides effective cyber risk management by enabling actions that reduce the risk of cyber-attack to be prioritized in a consistent way across organisations.
- Risks can be mapped to the existing organisation-wide framework
What we do
Dionach will work with you to understand your environment.
Using years of healthcare experience, we help you categorise risk and create a cyber risk register.
- Threat models can counteract the “controls-first” mind set and also risk assessment driven by vulnerabilities. Threat models can help determine what actual threats exist.
- Threat models need to clearly define relationships between assets, threats and attacks, to help identify gaps in security controls.
- A risk assessment based on ISO 27005:2011 will be developed based on the specific risks identified within the NHS Organisation.
- Risks associated with third party suppliers will also be identified.
- The risk profile is a summary of the risk assessment with the critical and high scoring risks listed, along with summary metrics and charts.
- The risk profile provides an overview of which areas to focus on, and an overall risk score.
- Risks that are not accepted, based on the risk criteria from the risk assessment will be placed into a remediation action plan which will include tactical and strategic actions, to ensure the root causes of vulnerabilities are addressed.
- Critical risks and high risks from the cyber security risk assessment will be summarized and mapped to the organisation’s existing risk management.
WHY CHOOSE DIONACH
18 Years of protecting healthcare organisations, including as one of only four suppliers to NHS Digital’s Security Services Framework. We understand where vulnerabilities exist and how to protect them
Unaffiliated with 3rd party products or services.
Continually monitoring the latest technologies and emerging threats to healthcare organisations around the world.