Cyberfundamentals Framework
The Cyberfundamentals Framework is a set of concrete measures to:
- protect data,
-
significantly reduce the risk of the most common cyber-attacks,
- increase an organisation's cyber resilience.
The Levels
To respond to the severity of the threat an organisation is exposed to, in addition to the starting level Small, 3 assurance levels are provided: Basic, Important and Essential.
Small
The starting level Small (coming soon) allows an organisation to make an initial assessment. It is intended for micro-organisations or organisations with limited technical knowledge.
Basic
The assurance level Basic contains the standard information security measures for all enterprises. These provide an effective security value with technology and processes that are generally already available. Where justified, the measures are tailored and refined.
Important
The assurance level Important is designed to minimise the risks of targeted cyber-attacks by actors with common skills and resources in addition to known cyber security risks.
Essential
The assurance level Essential goes one step further and is designed to address the risk of advanced cyber-attacks by actors with extensive skills and resources.
