Methodology and results
The Arctic Wolf® サイバーレジリエンス評価 helps you evaluate the security posture of your organization in terms of:
- Groups — These are proven strategies and techniques based on an overarching principle.
- Elements — These are action items that help organizations follow the framework recommendations.
Groups and elements respectively represent the high-level and low-level components of a cybersecurity framework. Each cybersecurity framework has its own terminology for groups and elements. For example:
| Framework | Group | Element |
|---|---|---|
| CIS Critical Security Controls(CIS Controls) | CIS Controls | CIS Safeguards |
| 米国国立標準技術研究所(NIST)サイバーセキュリティフレームワーク(CSF) | Categories | Subcategories |
| オーストラリア信号局(ASD)Essential Eight 成熟度モデル | Mitigation Strategy | Controls |
| 英国国家サイバーセキュリティセンター(NCSC)「Cyber Essentials」 | Technical Controls | Requirements |
Arctic Wolf weights each element to visualize its contribution to the security posture of your organization. Generally, the weighting system uses this logic:
- Every element contributes to a group, but some elements increase cyber resilience more than others.
- The extent to which your organization has implemented an element determines how effective the element is.
To complete a サイバーレジリエンス評価, you must provide information about specific factors that affect cyber resilience for one or more elements. For descriptions of each cyber resilience factor, see Value calculation.
After completing an assessment, you can review the security posture of your organization from these perspectives:
- Overall security posture — For more information, see サイバーレジリエンスインデックス.
- Impact of updates to a サイバーレジリエンス評価 over time — For more information, see Progress Tracker.
- Total value of all elements for each group — For more information, see View framework groups.