Cyber attacks are growing and most people cannot deny that, but for the small- to medium-sized manufacturers, the idea of taking on a cyber security program can be daunting.
That is why the Department of Homeland Security’s (DHS) Office of Cybersecurity & Communications (CS&C) will conduct complimentary and voluntary assessments to evaluate operational resilience and cyber security capabilities within critical infrastructure sectors, as well as state, local, tribal, and territorial governments.
The Cyber Security Evaluation Program (CSEP) administers the Cyber Resilience Review (CRR) while the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) offers the Cyber Security Evaluation Tool (CSET) for industrial control systems.
While related, the CRR and CSET are two distinct assessments with different areas of focus. Organizations should carefully review which assessment best fits their operating environment.
While the CRR and CSET predate the establishment of the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), the inherent principles and recommended practices within the CRR and CSET align closely with the central tenets of the CSF.
Click here for more information on the program.