Cyber Security Products
  • 2 Minutes to read
  • PDF

Cyber Security Products

  • PDF

Article summary

Introduction


Cyber Security Products (CSP) Questionnaire is a simple assessment module in SAFE that takes input about the Implementation Status and percentage Coverage Status of the implemented Cyber Security Products. There are 30+ Cyber Security Products available in SAFE. TheCyber Security ProductsQuestionnaire is available on theQuestionnaire Profile page in SAFE. Clicking this card, you will be redirected to the assessment page. 

CSP Enhancements 3

Assessment Overview


The Assessment Overview section provides a holistic view of the Cyber Security Products implementation in your organization. Here, you'll find essential details like the questionnaire's description, total cyber security products count, last updated information, and an informative implementation status summary.

CSP Implementation Status(1)

 Cyber Security Products


To assess the CSPs:

  1. Click the Questionnaire from the left navigation. 
  2. Click the Cyber Security Products card. 
  3. Go to the assessment section and select an appropriate option for the implementation status for each Cyber Security Product. There are three options available: Not Applicable, Not Implemented, and Implemented.
    1. Not Applicable: Select this option if the Cyber Security Product does not apply to your organization.
    2. Not Assessed: Select this option if the Cyber Security Product applies to your organization, but the assessment still needs to be completed.  
    3. Implemented: Select this option if the Cyber Security Product passes the assessment. It is important to define the coverage status percentage by sliding the coverage status bar toward the right to the appropriate percentage.
  4. The system auto-saves your input. 

CSP Implementation 4

Note 
By default, Cyber Security Products implementation status is Not Assessed, and it impacts the SAFE Score.


View Control Details


On clicking a Cyber Security Products from the list, you will be redirected to the control list. Here, you can further click on a control to go to the control details page. The control details page displays the control description, control severity, ID, last updated information, MITRE ATT&CK mapping, references, and other control details.

CSP Control Details(2)

Accept risks by marking controls as Accepted Failed


You can accept risk by designating a control as "Accepted Failed" for Not Implemented Cyber Security Products. 

  1. Navigate to the control details page.
  2. Change the control status to Not Implemented. The system automatically displays an option to select the control as Accepted Failed.
  3. Click the Accepted Failed option. 
  4. On the confirmation screen, click the Mark as Accepted Failed button. The system changes the control status as AcceptedFailed.

Accept CSP Risk

Watch a video on how to assess Cyber Security Products (CSP) in SAFE



Was this article helpful?