The CYRA Method (English)

Nederlands

Many companies have digital business processes or provide digital services. Think of an online shop, the high-tech manufacturing industry, or a port company where many activities are digitally managed. A failure in IT (and/or OT) systems can have major consequences for business operations.

Protection against cyber incidents

This calls for proper protection of digital business processes and services; protection against criminal activities, as well as against technical failures or incidents caused by unintentional human actions. The CYRA Method enables you to improve your cybersecurity in a simple and structured way and to demonstrate that you have it well organised. 

What is CYRA?

CYRA (Cyber Rating) is a user-friendly online tool that helps organisations to map out and improve their information security. The method offers an entry and growth model that matches the needs of any organisation. You can choose a programme or level that suits the risks of your enterprise and your company’s position in the supply chain. 

Accepteer de statistieken, marketing cookies om deze content te bekijken.

Self-assessing your information security

With CYRA, you can not only perform a self-assessment, but you can also have it certified by an independent party. The method is suitable for companies in all sectors and can be used as a growth model towards ISO 27001 certification or as preparation for the NIS2 Directive. 

How does CYRA work?

CYRA starts with a risk assessment and insight into suitable, proportionate measures. You can carry out this risk assessment yourself (or have it done), or you can use a risk assessment made by a client about your company, for example, if you are part of a supply chain or one provided by your insurer.

Based on that risk assessment, you choose which level you want to complete in CYRA. In a practical and user-friendly online environment, you answer targeted questions. By answering these questions, you gain insight into how you have organised your processes to manage your digital risks and where you can make improvements. 

CYRA consists of four levels:

• Entry
• Basic
• Intermediate
• Advanced

 Within each level, there are three maturity levels.

What is the likelihood of cyber incidents in your company?

The Digital Security Risk Classification is an independent and objective risk model. It helps SMEs to estimate the impact of a cyber incident on the organisation and to take appropriate security measures to reduce the risks.

Digital Criminal Infiltration Framework (NDO)

The CYRA Method primarily focuses on the cyber resilience of information technology and privacy. A separate module for digital criminal infiltration has also been developed. You can obtain an NDO certificate if you have at least achieved CYRA Entry level.

CYRA was developed by:

• Cyber Resilience Centre Brainport, in collaboration with the business community
• FERM Rotterdam Port Cyber Resilience
• SME Cyber Campus
• TÜV NORD Netherlands

The CYRA Method is managed by the Centre for Crime Prevention and Safety (CCV). The CCV is an experienced scheme manager. The CCV is an independent, non-profit organisation. The CCV, as scheme manager, works together with the Cybersecurity Stakeholders Committee.

Want to know more about CYRA?

If you would like to know more about the CYRA Method, please send an email to: cybersecurity@hetccv.nl.