What is CyberToolFramework?
CyberToolFramework enhances the widely recognized CIS Top 18 by first making it OT-centric. It not only adapts the framework for operational technology but also provides crucial context, incorporating OT cyber tools and best practices to effectively meet the CIS Critical Controls.
Audience
CyberToolFramework is intended for critical infrastructure entities of any size, all of which revolve around Operational Technology (OT) environments. Operational environments have different goals, risks, architectures, organizational structure, and considerations than IT environments creating a need for a tailored approach. These OT environments encompass not only Windows-based systems but also various end devices like Human-Machine Interfaces (HMIs) and Programmable Logic Controllers (PLCs), which often have less robust cybersecurity capabilities.
Caveat
There are multiple roads leading to Rome, meaning there are multiple ways to achieve the same outcome. CyberToolFramework is meant to provide platforms, tools, and high-level processes/best practices to help direct and guide OT organizations to be more secure. This is one person's opinion, with other tools, approaches, or best practices that may work just as well. Use what works for your organization, your goals, your risk, your requirements, and your budget. It’s important to acknowledge that certain critical infrastructure organizations operate with tighter budgets compared to larger IT environments. Because of this make sure you use a cyber risk methodology such as ISA 62443 3-2 to ensure the control selected is making the biggest impact at lowering risk. Oftentimes working off the land with proper control system configuration, adequate governance, and conducting a thorough risk assessment to reduce risk for highly critical systems specifically can be a more effective use of time, resources, and money than implementing a blanket set of tooling.
Tool Selection
With each tool, an organization needs to minimally ensure the following:
Building a cyber program using CIS Critical Controls and Cyber Tool Framework
An organization should build people, processes, and technology around each of the Critical Controls, so it has proper coverage. To establish a cybersecurity program centered around the CIS Critical Controls, the organization aligns its mission, goals, enabling functions, risk profile, and budget. The organization adopts a framework or standards (in this case CIS) to structure its cybersecurity program, identifies specific cybersecurity requirements, and formulates policies and procedures. In parallel, the organization recruits and trains personnel to support the cybersecurity program and meet the established requirements. Finally, the organization selects cybersecurity tools that meet these requirements.
Goal
CyberToolFramework provides OT organizations with a concise reference for cybersecurity tool and program guidance. It offers insights into selecting cybersecurity tools, along with best practices, considerations, and vendor-neutral guidance. Aligned with the CIS Top 18, it helps organizations meet essential cybersecurity requirements effectively.
Document Structure
CIS Critical Control: This column lists the CIS Critical Control from the CIS Top 18
OT Platform / Tool: This column lists out the cybersecurity platform/tool that meets the critical control. These are listed in alphabetical order to take away bias. These selections are based on an OT (Operational Technology) environment.
High-level Considerations / Best Practices: This column lists out considerations, best practices, and what to look for when selecting, configuring, or managing the cybersecurity tools to meet the CIS Critical Controls.
UPLOAD
Images on Server
SAVE
UPLOAD
Images on Server
SAVE