The Optimal Safeguards Tool (OST) is the main tool of the CUREX platform that computes optimal defensive plans of cybersecurity safeguards (henceforth refer to as safeguards) for healthcare organisations. OST is a decision-support tool that advises cybersecurity decision-makers, e.g. Chief Information Security Officers, on how to combine a number of different safeguards in a way that minimizes the overall cyber-physical risks threatening their organisation.
The overall aim of OST is to act as a decision-support tool for cybersecurity decision-makers (e.g. CISOs). The goals of the tool development are to:
- determine long-term best cybersecurity strategies, in the form of an advice, in terms of mitigating cyber risks subject to financial constraints by using fundamental principles of cybersecurity risk management to create the OST Core model and multi-criteria mathematical optimisation to solve the underlying decision-making challenge;
- visualise the cybersecurity advice using a well-known framework of cybersecurity safeguards by generating practical and detailed advice on tools and processes required to implement the safeguards;
- visualise the results of risk improvement to raise awareness of decision makers on how each cybersecurity safeguard improves the security posture of the organisation by using the OST Dashboard;
- prioritise short-term cyber actions that the organisation must take against specific cyber threats and risks identified by CAT.