The Cyber Security Evaluation Tool (CSET®) is developed by the Cybersecurity & Infrastructure Security Agency (CISA). The Department of Homeland Security (DHS) developed CSET for asset owners with the primary objective of reducing the risk to the nation’s critical infrastructure. Control systems are defined as electronic devices that control physical processes and as such, are a crucial element in the protection of our nation’s infrastructure. Since 2014 the tool evolved into a powerful tool for organizations to perform their general cyber assessment process. The tool provides a systematic approach for evaluating an organization’s security posture by guiding asset owners and operators through a step- by-step process to evaluate their industrial control system and information technology network security practices.
The lecture will provide a high-level review of the tool along with its features and assessment process. Additionally, the lecture will review the tool’s standards section, assurance level determination, creation of diagrams, generation of questions, review analysis and reports. The slide deck will have links to CSET Tutorials and key U. S. Federal cybersecurity assessment models included with the tool.
Dr. Martin is a Professor of Practice at Capitol Technology University. His work at Capitol Technology University is in the following functional areas Critical Infrastructure, Industrial Control System Security, Identity, Credential, and Access Management. Ron has relationships with a diverse mix of businesses. He serves on a board of directors for many profit and non- profit organizations. Ron retired from the United States (U. S.) Army in 1999 and the U. S. Government in 2011. Between his tours of Federal Service, he served five years as a civilian police officer in the Commonwealth of Virginia. During his Federal Service, he served with the U. S. Department of Commerce and Health and Human Services as the program director for developing and implementing both departments’ Identity, Credentialing, and Access Management (ICAM) Programs.
He now serves on the Security Industry Association Standards Committee. Ron is a former ASIS International Commission on Standards & Guidelines Commission member. Ron is a voting member of the United States Technical Advisory Group to the International Standards Organization (ISO), which works to develop and articulate the U.S. position by ensuring the involvement of U.S stakeholders from the private and public sectors. Ron currently serves on the International Foundation for Protection Officers (IFPO) Board of Directors. While on active duty, he served as Military Comptroller, Provost Marshal, Security Manager, and Doctrine Literature Writer and Instructor. Ron served as a Federal Identity, Credentialing, and Access Management (FICAM) Roadmap Development Team member. He provided FICAM Subject Matter Expertise by regularly providing advice and assistance to Federal agencies and organizations engaged in Identity Credentialing activities.
This work was a precursor of the establishment of Capitol Technology University’s ICAM Laboratory. Before retirement from the Federal Government, Ron received a Coin of Excellence from the Interagency Security committee to establish the committee’s Convergence Subcommittee. Ron serves as the vice chair of the Institute of Electrical and Electronics Engineers (IEEE) P2887 – Zero Trust Security Working Group (ZTSWG). Currently, he is a member of the Cloud Security Alliance Zero-Trust/ Software Defined Perimeter Experts and Research Working Groups