GDFM Cyber Maturity Assessment
The overarching GDFM Cyber Maturity Assessment is delivered utilising the National Institute of Standards and Technology Cyber Security Framework (NIST CSF) which is overlaid with elements of the Information Security Management System (ISO 27001).
The NIST CSF is used by GDFM to map an organisation’s current and desired cyber security posture against the lifecycle of an organisation’s management of cyber security risk. It can be implemented in its entirety to create a cyber security framework or to assist in developing the organisation’s existing approach to cyber security.
The NIST CSF is used by GDFM to map an organisations current and desired cyber security posture against the lifecycle of an organisation’s management of cyber security risk.
The GDFM Cyber Maturity Assessment is performed against a predefined standard looking across the NIST CS Framework core, implementation tiers and framework profiles. Ultimately, the Framework is aimed at reducing and better managing cybersecurity risks. By its nature, it can involve a deep dive of different areas, some of which include Asset Management; Business Environment; Governance; Risk Assessment; and Risk Management Strategy.
The Framework is designed to take an organisation through the life-cycle of a cyber attack. It covers five key elements which are Identify, Protect, Detect, Respond and Recover.