Oakland County has launched an updated version of CySAFE, a free information technology security assessment tool to help small and mid-sized organizations assess, understand and prioritize their basic IT security needs, Deputy County Executive and CIO Phil Bertolini announced today. CySAFE 2.0 has five new controls: email and web protections, monitoring and review of third party services, physical and environmental security, penetration tests and red team exercises, and compliance.
“IT security threats are always evolving,” Bertolini said. “We’ve updated CySAFE so businesses and governments will have the latest from three well-known IT security frameworks when evaluating the security status of the apps they use to conduct business internally and externally.”
CySAFE 2.0 condenses and removes redundancies from three well-known IT security frameworks: NIST, CIS 20, and ISO 27001.
“CySAFE combines the 400-plus controls from all three frameworks into one condensed list, removing any redundant controls and assesses the controls against the organization’s current IT security capabilities,” said Chris Burrows, Oakland County’s chief information security officer.
After downloading and completing an IT security evaluation form online, which takes 60-90 minutes, CySAFE 2.0 generates a priority list and trending graphs for an organization’s IT security needs. The most critical updates will be in red.
“The data an organization enters is private and only stored in Excel format,” Burrows said.
For more information about CySAFE 2.0, go to G2GMarket.com. CySAFE is a collaborative effort of five Michigan counties – Oakland, Livingston, Monroe, Washtenaw, and Wayne – and the state of Michigan.