Get documents about "Cyber Security Vulnerability Assessment
Document Sample
Cyber Security
0•’
Vulnerability Assessment
The Department of Homeland Security (DHS) is The CSVA evaluates the policies, plans, and procedures
responsible for safeguarding our Nation’s critical in place to reduce cyber vulnerabilities for business
infrastructure from physical and cyber threats that can and control systems. It consists of approximately 100
affect our national security, public safety, and economic multiple choice questions across ten categories. Based on
prosperity. The National Cyber Security Division these responses, the CSVA identifies effective practices
(NCSD) is the Department’s lead agency for securing and suggests options that an organization or facility
cyberspace and our Nation’s cyber assets and networks. can implement to enhance their cyber security. The
assessment questions and results are applicable for all
Cyber Security Vulnerability Assessment critical infrastructure sectors
Supports Sectors’ Critical Infrastructure
The CSVA leverages recognized standards, guidance,
Protection Efforts and methodologies from organizations, such as the
Critical infrastructures are dependent on information International Organization for Standardization, the
technology systems and computer networks for essential Information Systems Audit and Control Association,
operations. Particular emphasis should be placed and the National Institute of Standards and Technology.
on the reliability and resiliency of the systems that The CSVA’s content has been reviewed and refined with
comprise and interconnect these infrastructures. NCSD security partners with cyber expertise in multiple critical
collaborates with partners from across public, private, infrastructure sectors, and it continues to be updated and
and international communities to advance this goal enhanced as security standards and practices evolve.
by developing and implementing coordinated security
measures to protect against physical and cyber threats. Key Benefits
• Contributes to organizations’ or facilities’ risk
NCSD develops guidance and tools to assist critical
management and decision-making activities
infrastructure owners and operators in assessing and
managing their cyber risks. One of these tools, the Cyber • No information is shared with DHS or other
Security Vulnerability Assessment (CSVA), enables government entities; results are intended for
organizations and facilities to self-assess their overall organizational use only
cyber security posture.
• Results can be voluntarily shared with NCSD to obtain
Dl 1 HDl. -
further insight and expertise
if—;. [_ _o._n Ma..,ntwi.qt Q.nsnLny
• Uses a repeatable approach to assess an organization’s
5
f31*n.
It
S
IImlafIcautflaia,bmtittK etdam.L.cØ I, mfl*,Qe,l
Ins Dm151,; V. mm,.ntd,oonIit’
or facility’s cyber security posture to enable
15115
ins
OEICRWS51 comparison across different facilities or over several
•mnsrmm.,II,CI51DISKU.worwinr.ncn.cq•.mia.w.sg
P151K, nm.matnitn..p.*m.md.ma years
111,
I. n 5n
150,1Km
cRIrn
S. • Raises awareness and facilitates discussion on cyber
— —
security
18 LtW —
CS,,
l1Ul5.mt
1101511P
I— • I If you would like to learn more about the CSVA or obtain
PD
.1 II a copy, please contact NCSD’s Critical Infrastructure
SZAKOKS
p. m=,, • —— Protection Cyber Security Program via e-mail at
SI nrn ° ‘ “•“
alaI M#_ur_ ., * ncsd cipcs@hq.dhs.gov.’
0 p*fl.,*W, W1.bC.TCUfl. I;
1Km I’abumctm.p
1, ‘SinK,
31
II S1,tiit 35 X1IION
R
PInK III IDOl
h.ccrfrahpUc.tIIml.,n.. tm. .mrfl1Kn.I l,flmdsfl*im
bmdt• I, 1t *md1KSIqdtKt S1KI3
Vt
IA P131511 tcSc.
11K,t tS K1KK p.m h.VtV, PVtKVIS Vtd I1K Vt
0 ls,p.. n,
1Kb51K. 1K154.Vtp.Vt*Vt m o,KK.d Vtp.
d ns. VS
ttflhtl flpVtflItlKIWtl wit IIIoS1,MulI
SI 11S.
‘The CSVA has been prepared by NCSDfor use by government and industry on a voluntary basis and is not subject to copyright
(attribution would be appreciated by NCSD). The information in the CSVA should not be taken to contradict standards and
guidelines made mandatory and binding by Federal agencies.
