Skip to content

CSET 9.0.1 Release Notes

Jump to bottom
INLGuy edited this page Oct 24, 2019 · 2 revisions

CSET 9.0.1

Planned release on April 30th, 2019

New Features and Enhancements 🆕

The following is additional functionality:

  • Module Builder
    • Users can now create custom question and requirement sets in an easy to use interface.
    • Users can clone other standards and add to or edit them.
  • Upgraded to Entity Core Framework and Bootstrap 4
  • NIST SP800-53
  • Several bug fix, stabilization, and cybersecurity issues addressed.

Key Benefits 🗝

  • Provides a systematic, disciplined, and repeatable method for assessing infrastructure;
  • The Inherent Risk Profile in the tool helps determine a credit union’s exposure to risk by identifying the type, volume, and complexity of the institution’s operations;
  • Controls priority list provided using feedback from cybersecurity experts on actual reported incidents;
  • Compare multiple assessments to establish a baseline and determine trends;
  • Answer questions based on specific standards and network components or develop your own custom question sets based on the cybersecurity framework;
  • Provides a plain-language explanation and references for each of the declarative statements included in the assessment;
  • Saves significant time and money by eliminating the need to research each government and industry standard in order to understand your cybersecurity posture;
  • Includes professionally designed reports and a customized System Security Plan based upon the results of the assessment;

Current Standards Included 📑

  • NIST SP 800-82
  • NIST SP 800-82 Rev 1
  • NIST SP 800-82 Rev 2
  • NIST SP 800-53, Rev 3 App 1
  • NIST Cybersecurity Framework V. 1.1
  • NIST SP 800-53, Rev 3
  • NIST SP 800-53, Rev 4
  • NIST SP 800-53, Rev 4 App J
  • NIST SP 800-53 Rev 5
  • NIST SP800-161 Supply Chain Risk Management
  • NIST SP800-171
  • CFATS Risk Based Performance Standard Guide 8-Cyber
  • INGAA Control Systems Cyber Security Guidelines for the Natural Gas Pipeline Industry
  • NEI 08-09 Cybersecurity Plan for Nuclear Power Reactors
  • NERC CIP-002-009 Rev 3
  • NERC CIP-002-009 Rev 4
  • NERC CIP-002-011 Revision 5
  • NERC CIP 006-6
  • NISTR 7628 Guidelines for SmartGrid Cyber Security: Vol 1
  • NISTR 7628 Guidelines for SmartGrid Cyber Security: Vol 1, Rev1
  • NRC Regulatory Guide 5.71
  • TSA Pipeline Security Guidelines April 2011
  • DHS Catalog of Recommendations Rev 7
  • CAG Consensus Audit Guidelines
  • DoD Instruction 8500.2
  • APTA Rail, FAA PEDS & Maintenance
  • DoD Instruction 8510.01
  • Cybersecurity Maturity Model (C2M2)
  • CNSSI No. 1253 Baseline V2 March 27, 2014
  • HIPAA
  • SANS CSC top 20
  • CCIs
  • Protected Questionnaires
  • PCI DSS

Contact 📬

For technical questions or issues please see the project issue tracker or contact Barry Hansen (@INLGuy)

Clone this wiki locally