Cyber Security Evaluation Tool (CSET ) Version...
Transcript of Cyber Security Evaluation Tool (CSET ) Version...
![Page 1: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/1.jpg)
Cyber Security Evaluation Tool
(CSET ) Version 6.2
Industrial Control Systems Cyber Emergency Response
Team (ICS-CERT)
![Page 2: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/2.jpg)
DHS NCCIC and ICS-CERT CSET
DHS CSET 6.2 Tool
• NIST Cybersecurity Framework
• NIST 800-30
• NIST 800-53 Rev 3
• NIST 800-53 Rev 4
• NIST 800-82 Rev 2
• NIST 1108
• NISTR 7628
• NERC CIP
• More!
National Cybersecurity and
Communications Integration Center
http://www.us-cert.gov/nccic/
![Page 3: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/3.jpg)
• Stand-alone Software application
• Self-assessment using recognized standards
• Tool for integrating cybersecurity into existing corporate risk management strategy
CSET Download:
www.ics-cert.us-cert.gov/Downloading-and-Installing-CSET
DHS CSET
![Page 4: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/4.jpg)
Organize the TeamSelect the
Mode and
Standards
Determine
the Security
Assurance
Level
Build the
Network
Diagram
Answer
Questions
Analyze
Results
Assessment Process
![Page 5: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/5.jpg)
Assessment Process
A TEAM of participants is required
to perform a successful assessment
Type of Participant KnowledgeControl Systems Engineer Control systems
Configuration Manager Systems management
Operations Manager Business operations
IT Network Specialist IT infrastructure
IT Security Officer Policies & procedures
Risk Analyst or Insurance Specialist Risk
![Page 6: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/6.jpg)
CSET Home
![Page 7: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/7.jpg)
Video Tutorials (YouTube)
![Page 8: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/8.jpg)
Resource Library
![Page 9: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/9.jpg)
New Assessment Form
![Page 10: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/10.jpg)
Standards Home - Step 1 Assessment Mode
![Page 11: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/11.jpg)
Step 2 - Questions and Standards
![Page 12: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/12.jpg)
Step 3 - Security Assurance Level
![Page 13: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/13.jpg)
Step 3 – General SAL
![Page 14: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/14.jpg)
Step 3 - NIST SAL
![Page 15: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/15.jpg)
NIST SAL Impact Levels
![Page 16: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/16.jpg)
NIST Step 2 Information Types
![Page 17: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/17.jpg)
CNNSI SAL
![Page 18: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/18.jpg)
NIST Step 3 Questions
![Page 19: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/19.jpg)
Diagram – Tools, Templates, Inventory
![Page 20: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/20.jpg)
Diagram – Tools, Templates, Inventory
![Page 21: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/21.jpg)
Diagram – Zones, Layers
![Page 22: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/22.jpg)
Diagram – Components
![Page 23: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/23.jpg)
Questions – Family, Detail, Info
![Page 24: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/24.jpg)
Analysis - Dashboard
![Page 25: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/25.jpg)
Analysis Detail
![Page 26: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/26.jpg)
Analysis Detail
![Page 27: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/27.jpg)
Reports
![Page 28: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/28.jpg)
System Security Plan
![Page 29: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/29.jpg)
Use Multiple Assessments
![Page 30: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/30.jpg)
Add Assessments
![Page 31: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/31.jpg)
Trending
![Page 32: Cyber Security Evaluation Tool (CSET ) Version 6sites.nationalacademies.org/cs/groups/depssite/... · Cyber Security Evaluation Tool (CSET ) Version 6.2 Industrial Control Systems](https://reader030.fdocuments.in/reader030/viewer/2022040616/5f17acdcaf09a408c45f9019/html5/thumbnails/32.jpg)
Compare
Sort By Best Sort By Worst
Site Total Questions Answered Yes No
Site A 560 300 260
Site B 342 300 42
Site C 268 152 116