20 Critical Controls for Effective Cyber Defense Helper Kit - Version 2.3
NOTE: Now up to version 2.3 BETA version of the tool with a Proof of Concept Health Assessment. The tool may be used and modified as needed when purchased. NOTE: This is a large EXCEL Spreadsheet, a version of EXCEL or EXCEL viewer is required. If you are stuck having to do a quick risk assessment or security posture assessment then this WILL save you A LOT of time. Also helps out if you happen to be a one man IT shop like many of us are.
Sample of Health Assessment:
Version 2.3 has the following:
Due to extensive time spent with this tool and it appears widespread use in apparently helping people I am charging a small fee for this version since it has a lot of updates, cleanup, and additions which equaled way more time than I thought. Any PREVIOUS versions are still free and just email me and I will send. Additionally anyone that purchases this latest version will get any modifications, updates, additions, along with a few other beta tools I am creating as they become available.
NOTE: The health assessment portion is in BETA. It is filled out initially in most areas to give you the idea of how what you can do with it. Please feel free to modify it for your own needs.
You can securely purchase a copy of this tool here.
Purchase for only $22
Sample of Health Assessment:
Version 2.3 has the following:
- NIST 800-53 Rev 4 crosswalk
- Council on Cyber Security mapping of 20 CC 4.1 -> NIST 800-53 Rev4.
- Updated to 20 CC's version 5.0 (just released)
- Implementation
- Solution Providers
- Metrics
- Test
- Entity Relationship Diagrams
- Attack Types
- DSD 35 Mitigation Strategies & Mapping (NOTE: This is my mapping and interpretation, not officially part of the 20 CC's)
- NIST CONTROLS links
- User Vetted Tools (UVT) - Mapping, Graph, and hotlinks to the vendors.
- 8500.2 and HIPPA Mappings and info
- NERC CIP V5 Mappings
- CC's Mapped to NIST 800-53 Rev 4
- ISO 27XXX Crosswalk
- NIST Preliminary Cyber Security Framework Reference included
- Added full 800-53 Rev 4 tab with links to all the controls. Added ISO/ISEC 27001:2013 mapping to Cybersecurity Framework Verison 1.0 Subcategories. Cleanup. Added Texas Cybersecurity Framework Crosswalk (GREAT resource that MAPS NIST 800-53 MOD Systems to all other kind of standards).
To add at some point in the future:
- Crosswalk to PCI-DSS
- Integration of some type of Risk Management Framework (RMF)
NOTE: The health assessment portion is in BETA. It is filled out initially in most areas to give you the idea of how what you can do with it. Please feel free to modify it for your own needs.
You can securely purchase a copy of this tool here.
Purchase for only $22