The CYRA Method (English)

Nederlands

Protection against cyber incidents

Many organisations rely on digital processes or provide digital services. Examples include online retailers, high-tech manufacturing companies and hospitals where many operations are digital. Disruptions to IT or OT systems can have serious consequences for business continuity. 

This calls for appropriate security measures to protect digital processes and services against criminal activity, technical failures and incidents resulting from unintentional human actions. With the CYRA Method, you can improve your digital resilience in a structured and accessible way and demonstrate that you are in control. 

What is CYRA?

CYRA (Cyber Rating) is a user-friendly online method that enables organisations to assess their digital resilience and improve it step by step. 

The method offers an entry-level and growth model tailored to the needs of any organisation. With the CYRA Method, suppliers can demonstrate their level of digital resilience to clients through a self-declaration or a CYRA certificate. This provides greater insight and control over the digital resilience of the supply chain. 

The CYRA Method includes a growth path aligned with the risks and position of an organisation within the supply chain. There are several modules: 

The CYRA Method consists of several modules:

• CYRA-IT: Module to improve information security (based on IEC/ISO 27001)
• CYRA-OT: Module for organisations with Operational Technology (based on IEC 62443)
• CYRA-Healthcare: Module for healthcare organisations to improve information security (based on NEN 7510)
• CYRA-NDO: Digital Criminal infiltration Framework (a separate module with 9 questions that can be combined with CYRA-IT or CYRA-Healthcare)

CYRA tool and annual fee 

With the CYRA tool, you can independently assess your organisation’s digital resilience. The online environment allows you to complete the questionnaire at different CYRA levels. This gives you insight into your current position and what improvements are needed. An annual fee applies for the use of the CYRA tool. You can get started at any time.

CYRA TOOL	ANNUAL FEE PER MODULE
1–10 employees	€ 90
11-50 employees	€ 150
51-250 employees	€ 300
> 250 employees	€ 600
additional module NDO (a separate module that can be combined with CYRA-IT or CYRA-Healthcare)	€ 10

Accepteer de statistieken, marketing cookies om deze content te bekijken.

Assess your information security yourself 

With CYRA, you can carry out your own assessment. Certification is also possible through an independent, accredited certification body. The method is suitable for organisations in all sectors. CYRA can be used as a growth model towards ISO or IEC certification, or as preparation for cybersecurity legislation.

How does CYRA work?

Based on your own risk analysis, you determine at which level to complete the CYRA self-assessment. You can also use a risk analysis provided by a client, for example within a supply chain, or one from an insurer. 

In the CYRA tool, you complete a self-assessment (questionnaire). By answering these questions, you gain insight into how your processes are set up to manage digital risks. It also highlights where improvements can be made. 

CYRA consists of four levels:

• Entry
• Basic
• Intermediate
• Advanced.

Each level consists of three maturity levels: ad hoc, best effort and defined.

Want to know more about CYRA?

The CYRA Method is managed by the Centre for Crime Prevention and Safety (the CCV). The CCV is an independent, non-profit organisation with extensive experience in managing certification schemes. It works closely with external experts and the Cybersecurity Committee of Interested Parties. 

Would you like to learn more about the CYRA Method? Please contact us at: cyra@hetccv.nl.