Introducing the
OpenCASE Framework
The Open Cybersecurity Architecture for Small Enterprise - an open source cybersecurity framework which has been developed specifically for small Enterprise.
Visit the source repo
What’s inside OpenCASE?
The OpenCASE Framework contains 11 priorities for protecting a small organisation against cybersecurity threats. Each prioritity has 3 levels to implement, with clearly defined completion criteria, and practical guidance on how they can be implemented in a small enterprise context.
- Priority 1: Protect your user accounts.
- Priority 2: Protect your people.
- Priority 3: Protect your passwords.
- Priority 4: Protect against malware.
- Priority 5: Protect your data.
- Priority 6: Protect privileged accounts.
- Priority 7: Protect your applications.
- Priority 8: Protect your email.
- Priority 9: Protect your devices.
- Priority 10: Protect third party relationships.
- Priority 11: Prepare for the worst.
Three implementation targets for different stages in your journey.
OpenCASE was deliberately designed to accommodate small organisations with gradually increasing cybersecurity capabilities. The completion criteria for each priority are set in accordance with the level of capability assumed to be available to small organisations as they grow and mature.
- Implementation Level 1: DIY, with a little help from your IT-savvy friends
- Implementation Level 2: Ad-hoc IT support provided by an experience IT professional.
- Implementation Level 3: On-going IT support from an IT Managed Services Provider.
Communicate with your stakeholders.
OpenCASE includes an intuitive self-attestation method using colour coded badges, enabling you communicate to anyone at a glance where your organisation is up to in its OpenCASE journey.
- Red: Implementation Level 0.
- Yellow: Implementation Level 1.
- Green: Implementation Level 2.
- Blue: Implementation Level 3.