The ECHO Multi-sector Assessment Tool (E-MAT) goes hand-in-hand with the ECHO Multi-sector Assessment Framework (E-MAF).
As the ECHO Multi-sector Assessment Framework (E-MAF) is an analysis of transversal and inter-sectoral challenges and opportunities, and it supports the development of cybersecurity technology roadmaps, the E-MAT is a complex assessment framework that incorporates multiple inputs.
The creation of a software tool that automates or guides applications is an easy way to lower entry barriers to adoption and ease the use of such a framework.
Developed in accordance with E-MAF's use cases, this tool can serve as a demonstration of E-MAF's capabilities without sharing the framework itself. Furthermore, it speeds up the development of E-MAF itself by automating the analysis of use-cases.
How does E-MAT tool work?
The behaviour of the E-MAT aims to provide the user with an easy and intuitive way to provide data regarding her/his organisation around the risk assessment:
First step. The initial step when launching the tool is for the user to briefly describe her/his organisation, as well as provide some contact details.
Second step. Then, after beginning the actual evaluation, the user must go through all controls from each area, which are represented as separate steps within the tool.
Third step. After going through all the controls and evaluating them concerning his organisation, the user finishes the evaluation and is presented with the results page.
Fourth (and last) step. The user receives the result as a report. It contains the organisation description, as well as some graphical representation of the top 5 controls for each applicable area and calculations for the global risk levels.
Cyber risks are part of a very complex a multi-levelled world. The cybersecurity includes a significant number of aspects, from the most technical to the management-related ones. The E-MAT brings automation and easiness to the user, allowing a catchy and visual-friendly entry-level to the multi-sector assessment framework on a web-based version. Since an organisation – ideally – requires an optimal governance across all units provided by the main Cybersecurity Governance Models (i.e., ISO, NIST, TOGAF), the tool provides all the controls which have to be rated by the user according to a value scale; moreover, the user – at the end of the rating phase – immediately gets feedback with a summary of her/his rates carefully distributed in a matrix that shows the most critical categories and suggests where to intervene as soon as possible to remedy (along with a brief and straightforward recap of the most urgent remedial actions/ measures).
If you wish to know more about E-MAF, watch the demonstration video on ECHO's YouTube channel here: