In the spring of 2021, the National Emergency Supply Agency's project on cyber security in healthcare (Kyber-Terveys) piloted the use of the Cybermeter tool in the social welfare and healthcare sector. The Cybermeter was found to be an accurate tool and method for determining and developing the cyber security management abilities of social welfare and healthcare organisations, too. The observations gathered and lessons learned during the pilot can be found in this guide. The guide can also be applied to organisations that operate in other fields.
The Cybermeter is a cyber security assessment and development tool provided by the National Cyber Security Centre Finland at the Finnish Transport and Communications Agency. It is targeted at managers of organisations as well as information security and data protection experts as a tool for cyber security management, sector-specific comparisons and steering of development investments.
In the spring of 2021, a social welfare and healthcare organisation assessed the current status of its cyber security with the support of the Kyber-Terveys project. The instructions below present the lessons learned and observations gathered concerning the status assessment process as well as the Cybermeter tool used in the assessment. The assessment was made using version 1 of Cybermeter. The goal of the instructions is to help organisations understand the amount of work required by the assessment, scope assessment appropriately and schedule the assessment work realistically.
Free to use – under a few conditions
The Kyber-Terveys project published the instructions under a Creative Commons Attribution 4.0 (CC BY 4.0) (External link) license. This means that you can use the instructions for whatever purposes you wish, edit it as you wish and distribute it as you wish under the following conditions:
- Attribution – You must give appropriate credit, provide a link to the licence and indicate if you made changes to the content. You may do the aforementioned things in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
- No additional restrictions – You may not apply legal terms or technological measures that legally restrict others from doing anything that is permitted by the licence.
Instructions for deployment of Cybermeter
Comments, proposals and requests concerning the instructions
Contact us at ncsc-fi@ncsc.fi.