ENISA Updated the Risk Analysis Methodology

The European Union Agency for Cybersecurity (ENISA) yesterday published the “Interoperable EU Risk Management Toolbox” which provides a comprehensive framework for managing cybersecurity risks across different sectors. The toolbox is designed to enable organisations to identify, assess and manage risks in a consistent and effective manner regardless of the size of the organisation, sector or geographical location of assets.

This tool will allow different stakeholders to work with risk scenarios and compare risk levels, even though they may be analysed with different assessment methods, including their own ones.

This approach will create an integrated view for policy makers, organisations and regulators on cybersecurity in different sectors against specific or emerging threats.

The toolbox was developed in response to the increasing complexity and diversity of cybersecurity threats that organisations in Europe and around the world face. ENISA came to the conclusion that a standardised approach to risk management is needed in order to ensure that organisations can effectively address the threats and protect themselves from cyberattacks.

The National Security Authority issued a risk analysis methodology more than a year ago, nevertheless, it is compatible with the methodology issued by ENISA. The cybersecurity risk analysis methodology adopts a structured approach to cybersecurity risk management, which includes several steps such as risk identification, risk assessment, risk treatment and risk monitoring. The methodology also provides guidance on how to prioritise and allocate resources to risk management activities. This methodology was developed in cooperation with the community.

« Späť na zoznam