CySAFE - Cyber Security Assessment For Everyone

About the Program

Category: Information Technology (Best in Category)

Year: 2015

Cyber Security Assessment for Everyone (CySAFE) is a tool for governments working on assessing, planning, and implementing cybersecurity measures. CySAFE was created by a coalition of representatives from governments in Southeastern Michigan, including the State of Michigan and Oakland, Washtenaw, Monroe, Livingston, and Wayne Counties. CySAFE is adapted from several well-known frameworks – 20 Critical Controls, National Institute of Standards and Technology (NIST) Cyber Security Framework, and ISO 27001 – in order to get the best of each and apply them to the local government domain. Adapting, rather than creating, standards is a way to take advantage of work that has already been done, build upon a common language for security measures, provide benchmarks for comparison of readiness across organizations, and provide support for needed investments in cybersecurity capabilities. CySAFE allows a government to quickly assess compliance with the various frameworks and identify the most important next steps based on their own current capabilities. The tool includes multiple worksheets to help organizations self-evaluate and understand readiness. CySAFE is a guide that helps governments assess their needs and determine priorities, while providing additional information and resources for moving forward.