Coverage

Requirements coverage SGCI Supplier KASPERSKY

Requeriments Capacities Services/Solutions Coverage
D1.1.1 Detail the Benefits of the SGCI for the Business Cybersecurity assessment, Risk and Vulnerability Management, Communications plan
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D1.1.2 Establishment of potential consequences and assumable risk Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D1.1.3 Understand the vision, mission, goals, values and strategies of the organization Cybersecurity assessment
D1.1.4 Analysis of the external environment Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D1.1.5 Analysis of the internal environment Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D1.1.6 Identify key processes and resources Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D1.1.7 Identification and analysis of interested parties Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D1.1.8 Identification and analysis of business requirements Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D1.1.9 Determination of risk assessment and acceptance criteria Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D1.2.1 Definition of scope Cybersecurity assessment, Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D1.2.2 Planning of resources for the implementation of the SGCI Risk and Vulnerability Management, Communications plan, Incident response support
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D1.2.3 Identification of internal and external resources Risk and Vulnerability Management, Communications plan, Incident response support
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D1.3.1 Establishment of responsibilities of the Directorate Compliance, Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D1.3.2 Establishment of responsibilities of the SGCI Committee Compliance, Communications plan
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
D1.3.3 Establishment of responsibilities of the SGCI Program Director Compliance
Kaspersky Industrial CyberSecurity for Nodes Full coverage
D1.3.4 Establishment of user responsibilities Awareness and Training, Compliance, Risk and Vulnerability Management, Communications plan
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D1.4.1 Establishment of Industrial Cybersecurity Policy Compliance, Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D2.1.1 Establishment of the risk analysis approach and methodology Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D2.2.1 Identification and characterization of assets Hardware and software inventory
Kaspersky Industrial CyberSecurity for Nodes Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D2.2.2 Identification of threats, controls and vulnerabilities Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D2.2.3 Calculation and treatment of risk Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D3.1.1 Establishment of security regulations linked to human resources Awareness and Training, Compliance, Communications plan, Access control policy, Use control policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D3.1.2 ComprobaciĆ³n de antecedentes Compliance
Kaspersky Industrial CyberSecurity for Nodes Full coverage
D3.1.3 Description of jobs Compliance
Kaspersky Industrial CyberSecurity for Nodes Full coverage
D3.1.4 Establishment of security responsibilities Compliance, Communications plan
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
D3.1.5 Periodic review of permits Account management
KICS - Kaspersky Industrial Cybersecurity Full coverage
D3.1.6 Segregation of duties Role-based access
Kaspersky Industrial CyberSecurity for Nodes Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D3.1.7 Supervision of the use of the systems Equipment use control
D3.1.8 Establishing the Acceptable Use of Resources Software usage control
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Full coverage
D3.2.1 Awareness actions Awareness and Training, Communications plan, Access control policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D3.2.2 Training actions Awareness and Training, Communications plan, Access control policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D4.1.1 Classification guidelines, impact and sensitivity categories Use control policy, Data Protection
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D4.1.2 Identification of owners and custodians Compliance, Communications plan
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
D4.2.1 Account management Account management, Access control policy, Use control policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D4.2.2 Authentication Basic user access control, User access control with hidden display, Multi-factor user access control
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D4.2.3 Authorization Role-based access, Use control policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D4.3.1 Organization of Physical Security Physical security in the installation of devices, Redundancy system
Kaspersky Security Center Partial coverage
D4.3.2 Protection of physical areas and access control Hardware Security Keys, Basic user access control, Equipment use control, Physical security in the installation of devices, Redundancy system, Backup system
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D4.3.3 Physical intrusion detection Activity log policy, Security log
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D4.4.1 Protection of communications networks in an industrial context Network event correlation analysis, Network communications control, Network integrity control, Detect attacks on industrial networks (signature-based) , SIEM integration, Network communication visualization
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D4.4.2 Network segmentation Secure network design, Separation of environments
D4.4.3 Addressing plan Network event correlation analysis, Detect attacks on industrial networks (signature-based) , Secure network design, Network communication visualization
Kaspersky Industrial CyberSecurity for Network Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D4.4.4 Protection of wireless networks WI-FI control, Network communications control, Network integrity control, Detect attacks on industrial networks (signature-based) , Network communication visualization
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D4.5.1 Identify applications and software providers Reliable updates, Certification of the main ICS providers, Software usage control, Use control policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D4.5.2 Establishment of strategy and update plan to protect software Reliable updates, Advanced antimalware, Software usage control, Host-based firewall
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D4.5.3 Establishment of security tests and code analysis Upgrade testing support
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Full coverage
Kaspersky Security Center Full coverage
D4.5.4 Establishment of non-upgradeable software compensatory measures White list in discovery mode, Whitelist in prevention mode
Kaspersky Industrial CyberSecurity for Nodes Full coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D4.5.5 Establishment of Software Change Management Reliable updates, Configuration control, Software usage control, Upgrade testing support
Kaspersky Industrial CyberSecurity for Nodes Full coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D4.5.6 Establishment of SLAs on software evolution Certification of the main ICS providers, Equipment use control, Software usage control
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D4.6.1 Establishment of third party responsibilities Certification of the main ICS providers, Compliance
Kaspersky Industrial CyberSecurity for Nodes Full coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D4.6.2 Definition of cybersecurity requirements in outsourcing tasks Certification of the main ICS providers, Compliance
Kaspersky Industrial CyberSecurity for Nodes Full coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D5.1.1 Establishment of scope and policy of resilience and continuity Cybersecurity assessment, Risk and Vulnerability Management, Communications plan
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D5.1.2 Defining resilience goals and metrics Cybersecurity assessment, Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D.5.1.3 Establishment of resilience responsibilities Compliance
Kaspersky Industrial CyberSecurity for Nodes Full coverage
D5.1.4 Definition of the expert committee on resilience Compliance
Kaspersky Industrial CyberSecurity for Nodes Full coverage
D5.2.1 Establishment of risk scenarios Cybersecurity assessment, Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D5.2.2 Impact analysis Cybersecurity assessment, Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D5.2.3 Definition of the resilience and continuity strategy Awareness and Training, Communications plan, Backup Policy
KICS - Kaspersky Industrial Cybersecurity Partial coverage
D5.3.1 Incident response process Incident response support
D5.3.2 Definition of the communication plan Communications plan
D5.3.3 Definition of the training and awareness plan Awareness and Training
Kaspersky Security Awareness Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D5.3.4 Definition of the recovery plan Backup Policy, Backup system
D5.3.5 Definition of the continuity plan Redundancy system, Backup system
Kaspersky Security Center Partial coverage
D5.3.6 Definition of the test plan Incident response support
D6.1.1 Establishment of competency requirements for human resources Compliance
Kaspersky Industrial CyberSecurity for Nodes Full coverage
D6.1.2 Establishment of documentary requirements Compliance
Kaspersky Industrial CyberSecurity for Nodes Full coverage
D6.1.3 Establish communication requirements Communications plan
D6.2.1 Existence of adequate and controlled system documentation Compliance, Data Protection
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
D6.2.2 Existence of protection mechanisms for system documentation Data Protection
D6.3.1 Performance evaluation in risk management Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D6.3.2 Establishment of indicators Compliance
Kaspersky Industrial CyberSecurity for Nodes Full coverage
D6.3.3 Review of entry and exit records Activity log policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
D6.4.1 Establishing the scope of the audit Activity log policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
D6.4.2 Audit planning and implementation Activity log policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
D6.4.3 Existence of documentation of responsibilities and requirements Compliance
Kaspersky Industrial CyberSecurity for Nodes Full coverage
D6.4.4 Communication of results Communications plan
D6.5.1 Analysis of monitored events Network event correlation analysis, Industrial DPI for anomaly detection, SIEM integration, Security log
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D6.5.2 Establishment of corrective or preventive actions Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D6.5.3 Management of the review by the Directorate Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
D6.6.1 Definition of content to be communicated Communications plan
D6.6.2 Communication planning Communications plan
D6.6.3 Establishment of communication processes Communications plan
D6.7.1 Definition of integration of responsibilities and functions Compliance
Kaspersky Industrial CyberSecurity for Nodes Full coverage
D6.7.2 Integration of policies, documentation and activities Activity log policy
KICS - Kaspersky Industrial Cybersecurity Full coverage