The Cyber Security Evaluation Tool (CSET®) is a Department of Homeland Security (DHS) product that assists organizations in protecting their key national cyber assets. It was developed under the direction of the DHS Industrial Control System Cyber Emergency Response Team (ICS-CERT) by cybersecurity experts. This tool provides users with a systematic and repeatable approach for assessing the security posture of their cyber systems and networks. It includes both high-level and detailed questions related to all industrial control and IT systems.
CSET is a desktop software tool that guides users through a step-by-step process to assess their control system and information technology network security practices against recognized industry standards. The output from CSET is a prioritized list of recommendations for improving the cybersecurity posture of the organization's enterprise and industrial control cyber systems. The tool derives the recommendations from a database of cybersecurity standards, guidelines, and practices. Each recommendation is linked to a set of actions that can be applied to enhance cybersecurity controls.
CSET has been designed for easy installation and use on a stand-alone laptop or workstation. It incorporates a variety of available standards from organizations such as NIST, North American Electric Reliability Corporation (NERC), Transportation Security Administration (TSA), U.S. Department of Defense (DoD), and others. When the tool user selects one or more of the standards, CSET will open a set of questions to be answered. The answers to these questions will be compared against a selected security assurance level, and a detailed report will be generated to show areas for potential improvement. CSET provides an excellent means to perform a self-assessment of the security posture of your control system environment.
- CSET contributes to an organization's risk management and decision-making process
- Raises awareness and facilitates discussion on cybersecurity within the organization
- Highlights vulnerabilities in the organization's systems and provides recommendations on ways to address the vulnerability
- Identifies areas of strength and best practices being followed in the organization
- Provides a method to systematically compare and monitor improvement in the cyber systems
- Provides a common industry-wide tool for assessing cyber systems
How to Obtain CSET
CSET is available for download at the following link:
CSET is also available on CD or USB. Please attempt to download CSET before requesting shipment unless your email address ends in .gov or .mil. Government and military installations are generally restricted from downloading this type of file and may request a copy be sent rather than attempting the download. To request a copy, please send an email to: CSET@hq.dhs.gov. Please insert "CSET" in the subject line of the email and include the following in your email request:
- Your name
- Organization name
- Complete street address (no P.O. boxes)
- Telephone number
- Preferred media (USB or CD)
Alternatively, the ICS-CERT Program also offers onsite training and guidance to asset owners in the use of CSET during onsite assessments. These assessments are conducted at no cost to the asset owners. To assist an organization in planning and organizing an assessment using CSET, the following actions and items are recommended:
- Identify the assessment team members and schedule a date.
- Become familiar with information about the organization's system and network by reviewing policies and procedures, network topology diagrams, inventory lists of critical assets and components, risk assessments, IT and ICS network policies/practices, and organizational roles and responsibilities.
- Select a meeting location to accommodate the assessment team during the question and answer portion of the assessment.
- Work with ICS-CERT for onsite or subject matter support.
For more information, or to request onsite assistance, please send an email to firstname.lastname@example.org.