The new tool should help organizations better protect their assets

Sep 28, 2011 08:52 GMT  ·  By

The Department of Homeland Security launched a product called Cyber Security Evaluation Tool (CSET) in the effort of aiding organizations in properly securing their digital property.

The National Cyber Security Division of DHS and the National Institute of Standards and Technology got involved in the making of this tool that should help companies better evaluate the structure of their network safety. This way, they'll know what are the weak links and what needs to be improved so cybercriminal activities can be prevented and combated.

CSET is actually a software application that compares the network infrastructure of the user with industry rules. It then lists recommendations that should help enhance the safeguarding of the enterprises cyber structure.

The utility was designed to be easy to install and use by all the members of any company's IT staff. It doesn't have high system requirements so running it should not be too difficult.

According to the product's fact sheet, it incorporates a number of standards from different organizations such as National Institute of Standards and Technology (NIST), North American Electric Reliability Corporation (NERC), International Organization for Standardization (ISO) and U.S. Department of Defense (DoD).

When the operator selects one or more of the standards, CSET will require him to answer a few questions. Based on these answers a full report will be generated to show the things that can be improved.

The US Computer Emergency Readiness Team highlights the key features of the new utility, among which they mention:

- it improves the risk management and decision-making process; - it provides recommendations on ways to address the discovered vulnerabilities; - it constantly monitors the security systems.

It remains to be seen if the new tool will actually help organizations or not, but at least the DHS is doing something to counterattack the ever present threats that take their toll on business activities.

CEST can be downloaded from the US-CERT homepage, download, installation and troubleshooting documentation being made available.