New Cyber Security Evaluation Tool Released by Us Homeland Security for Organisations to Self-Test Their Security Systems

The United States Department of Homeland Security has developed the Cyber Security Evaluation Tool (CSET) which provides a systematic (and repeatable) process that critical infrastructure asset owners can use to assess and improve their cyber security management systems. This tool has a particular focus on the security of industrial control systems and information networks.

The CSET tool is available on Github and is available for download on a permissive MIT license (a type of open source licence) and can be run on Windows with a standalone installer.

The tool comes with a basic, intermediate and advanced set of questions, the intent being that organisations will use the toolkit to first focus on the basics and then to implement best practice in the intermediate to advanced sections in future.

How it works:

This tool is a really interesting example of the increasingly common assistance that government’s around the world are providing to organisations in this area (particularly those that are considered ‘critical infrastructure’ related). Critical infrastructure is a key target of hackers and it is sensible that governments are taking this approach.

Jacqueline Patishman contributed to this article. 

Copyright 2024 K & L Gates
National Law Review, Volumess XI, Number 195