cyber-risk-framework

Solutions

Cyber Risk Framework

Providing a disruptive cyber risk analysis methodology

In a world increasingly driven by digital technologies and information, cyber threats are becoming more and more an everyday strategic imperative. Dynamic, pragmatic and proactive, Deloitte’s Cyber Risk Framework (CRF) is a disruptive framework combining an improved methodology, a web application, and cyber security experts to understand business risks and their related cyber threats.

Identify your risks and make the right security decisions

Our clients believe in us

“How can I be sure that my cyber security measures are relevant against cyber threats?”

– CIO

“What are the cyber threats that can induce business risks?”

– Business Unit Our clients believe in us

The benefits

Focus on the right priorities Focus on the right priorities

Spend money only on the cyber capabilities that you really need. The CRF helps you find the configuration that best fits your objectives and your budget.

Improve risk governance Improve risk governance

Check and evaluate all your risks from one place.

Consolidate risk management and tools Consolidate risk management and tools

The whole methodology is packaged in the CRF dynamic web application.

Enhance value from cyber security investments Enhance value from cyber security investments

Ensure that security is not just a cost center but is also a source of opportunities.

Save time and effot when performing risk analysis Save time and effort when performing risk analysis

Most of the methodology is assisted by the CRF tool. Don't waste time trying to consider everything - the CRF is fast and totally impartial.

The methodology

UNDERSTAND

1

Interviews with business units to collect business risks and impacts

2

Identify information systems that support the business processes

3

Identify which cyber threats can induce a business risk (e.g. a cyber criminal steals client data)

IMAGINE

4

Model the sequence of attacks that cyber criminals will imple-ment (attack scenarios)

5

Identify the cyber security measures that block or reduce the impact of each attack in the scenario (knowledge database)

PLAN

6

Evaluate the current level of maturity of each identified cyber security measure; identify cyber security measures to imple-ment or improve and formalize the risk treatment plan

The methodology

Let us help you to stay proactive!

Nos experts

Michael Bittan

Michael Bittan

Associé Cyber Risk Services

Fort de plus de 19 ans d'expérience dans le Conseil en Sécurité des Systèmes d’Information, Michael conseille les Directions Générales des entreprises internationales du CAC40, notamment celles du sec... En savoir plus

François Vergez

François Vergez

Directeur, responsable Cyber Risk Management

François est Directeur responsable des activités Cyber Risk Management. Il débute sa carrière avec la mise en place d’une plateforme d’hébergement et de développement de services de l’Internet puis, a... En savoir plus