Coverage

Requirements coverage NIST Cybersecurity Framework Supplier KASPERSKY

Requeriments Capacities Services/Solutions Coverage
ID.AM-1 Inventory of physical devices and systems within the organization Network integrity control, Hardware and software inventory
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
ID.AM-2: Software platforms and applications within the organization are inventoried Hardware and software inventory, Verification of integrity of software and hardware code
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
ID.AM-3 Organizational communication and data flows are mapped Network communications control, Industrial DPI for anomaly detection, Network communication visualization
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
ID.AM-4 External information systems are catalogued Hardware and software inventory
Kaspersky Industrial CyberSecurity for Nodes Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
ID.AM-5 Resources (e.g., hardware, devices, data, time, and software) are prioritized based on their classification, criticality, and business value Risk and Vulnerability Management, Access control policy, Use control policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
ID.AM-6 Cybersecurity roles and responsibilities for the entire workforce and third-party stakeholders (e.g., suppliers, customers, partners) are established Role-based access, Communications plan, Access control policy, Reporting of events and communication to responsible parties
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
DE.AE-1 A baseline of network operations and expected data flows for users and systems is established and managed Industrial DPI for anomaly detection
Kaspersky Industrial CyberSecurity for Network Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
DE.AE-2 Detected events are analyzed to understand attack targets and methods Network event correlation analysis, SIEM integration, Activity log policy, Reporting of events and communication to responsible parties
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
DE.AE-3 Event data are aggregated and correlated from multiple sources and sensors Network event correlation analysis, SIEM integration
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
DE.AE-4 Impact of events is determined Activity log policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
DE.AE-5 Incident alert thresholds are established Activity log policy, Reporting of events and communication to responsible parties
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
DE.CM-1 The network is monitored to detect potential cybersecurity events WI-FI control, Network communications control, Industrial DPI for anomaly detection, Advanced detection of anomalies in the IP layer, Detect attacks on industrial networks (signature-based) , Network communication visualization
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
DE.CM-2 The physical environment is monitored to detect potential cybersecurity events Activity log policy, Security log
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
DE.CM-3 Personnel activity is monitored to detect potential cybersecurity events Risk and Vulnerability Management, Inspect endpoint logs, SIEM integration, Activity log policy, Industrial network event log (forensic analysis), Security log
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
DE.CM-4 Malicious code is detected Advanced antimalware, Equipment use control, Upgrade testing support
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
DE.CM-5 Unauthorized mobile code is detected Advanced antimalware, Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
DE.CM-6 External service provider activity is monitored to detect potential cybersecurity events Network communications control, Secure network design, Risk and Vulnerability Management, Activity log policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
DE.CM-7 Monitoring for unauthorized personnel, connections, devices, and software is performed Inspect endpoint logs, SIEM integration, Activity log policy, Industrial network event log (forensic analysis), Security log
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
DE.CM-8 Vulnerability scans are performed Cybersecurity assessment, Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
DE.DP-1 Roles and responsibilities for detection are well defined to ensure accountability Awareness and Training, Risk and Vulnerability Management, Communications plan
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
DE.DP-2 Detection activities comply with all applicable requirements Compliance, Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
DE.DP-3 Detection processes are tested Risk and Vulnerability Management, Incident response support
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
DE.DP-4 Event detection information is communicated to appropriate parties Awareness and Training, Risk and Vulnerability Management, Communications plan, Incident response support
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
DE.DP-5 Detection processes are continuously improved Awareness and Training, Risk and Vulnerability Management
Kaspersky Security Awareness Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
ID.BE-1 The organization’s role in the supply chain is identified and communicated Communications plan, Reporting of events and communication to responsible parties, Incident response support
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
ID.BE-2 The organization’s place in critical infrastructure and its industry sector is identified and communicated Communications plan
ID.BE-3 Priorities for organizational mission, objectives, and activities are established and communicated Communications plan
ID.BE-4 Dependencies and critical functions for delivery of critical services are established Physical security in the installation of devices, Redundancy system, Incident response support
Kaspersky Security Center Partial coverage
ID.BE-5 Resilience requirements to support delivery of critical services are established for all operating states (e.g. under duress/attack, during recovery, normal operations) Detect attacks on industrial networks (signature-based) , Reporting of events and communication to responsible parties, Incident response support
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
ID.GV-1 Organizational information security policy is established Centralized management of security policies, Access control policy, Activity log policy, Backup Policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
ID.GV-2 Information security roles & responsibilities are coordinated and aligned with internal roles and external partners Role-based access, Compliance, Communications plan, Reporting of events and communication to responsible parties
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
ID.GV-4 Governance and risk management processes address cybersecurity risks Compliance, Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
ID.RA-1 Asset vulnerabilities are identified and documented Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
ID.RA-2 Cyber threat intelligence and vulnerability information is received from information sharing forums and sources Risk and Vulnerability Management, Communications plan, Reporting of events and communication to responsible parties
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
ID.RA-3 Threats, both internal and external, are identified and documented Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
ID.RA-4 Potential business impacts and likelihoods are identified Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
ID.RA-5 Threats, vulnerabilities, likelihoods, and impacts are used to determine risk Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
ID.RA-6 Risk responses are identified and prioritized Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
ID.RM-1: Risk management processes are established, managed, and agreed to by organizational stakeholders Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
ID.RM-2 Organizational risk tolerance is determined and clearly expressed Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
ID.RM-3 The organization’s determination of risk tolerance is informed by its role in critical infrastructure and sector specific risk analysis Risk and Vulnerability Management, Communications plan
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
ID.SC-1 Cyber supply chain risk management processes are identified, established, assessed, managed, and agreed to by organizational stakeholders Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
ID.SC-2 Identify, prioritize and assess suppliers and partners of critical information systems, components and services using a cyber supply chain risk assessment process Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
ID.SC-3 Suppliers and partners are required by contract to implement appropriate measures designed to meet the objectives of the Information Security program or Cyber Supply Chain Risk Management Plan. Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
ID.SC-4 Suppliers and partners are monitored to confirm that they have satisfied their obligations as required. Reviews of audits, summaries of test results, or other equivalent evaluations of suppliers/providers are conducted Risk and Vulnerability Management, Communications plan
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
ID.SC-5 Response and recovery planning and testing are conducted with critical suppliers/providers Risk and Vulnerability Management, Communications plan, Activity log policy, Backup Policy, Reporting of events and communication to responsible parties, Redundancy system, Backup system
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.AC-1: Identities and credentials are issued, managed, revoked, and audited for authorized devices, users, and processes Basic user access control, User access control with hidden display, Account management, Access control policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.AC-2 Physical access to assets is managed and protected Basic user access control, User access control with hidden display
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.AC-3 Remote access is managed Basic user access control, User access control with hidden display, Multi-factor user access control, Access control policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.AC-4: Access permissions and authorizations are managed, incorporating the principles of least privilege and separation of duties Role-based access, Basic user access control, Multi-factor user access control, Account management, Access control policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
PR.AC-5: Network integrity is protected, incorporating network segregation where appropriate Network communications control, Network integrity control, Secure network design, Separation of environments
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.AC-6 Identities are proofed and bound to credentials, and asserted in interactions when appropriate Basic user access control, User access control with hidden display, Account management, Access control policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.AT-1 All users are informed and trained Awareness and Training
Kaspersky Security Awareness Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
PR.AT-2: Privileged users understand roles & responsibilities Awareness and Training, Communications plan, Access control policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.AT-3: Third-party stakeholders (e.g., suppliers, customers, partners) understand roles & responsibilities Certification of the main ICS providers, Awareness and Training, Communications plan, Access control policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.AT-4: Senior executives understand roles & responsibilities Awareness and Training, Communications plan, Access control policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.AT-5: Physical and information security personnel understand roles & responsibilities Awareness and Training, Communications plan, Access control policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.DS-1 Data-at-rest is protected Hardware Security Keys, Equipment use control, Certificate use policy, Data Protection
PR.DS-2 Data-in-transit is protected PKI infrastructure, Certificate use policy, Data Protection
PR.DS-3 Assets are formally managed throughout removal, transfers, and disposition Equipment use control, Hardware and software inventory, Data Protection, Physical security in the installation of devices
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.DS-4 Adequate capacity to ensure availability is maintained Redundancy system
Kaspersky Security Center Full coverage
PR.DS-5 Protections against data leaks are implemented Awareness and Training, Equipment use control, Compliance, Data Protection
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.DS-6: Integrity checking mechanisms are used to verify software, firmware, and information integrity Software usage control, File integrity monitoring, Verification of integrity of software and hardware code, Verify PLC integrity
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.DS-7 The development and testing environment(s) are separate from the production environment Role-based access, Data Protection, Separation of environments
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.DS-8 Integrity checking mechanisms are used to verify hardware integrity Verification of integrity of software and hardware code, Verify PLC integrity
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.IP-1 A baseline configuration of information technology/industrial control systems is created and maintained incorporating appropriate security principles (e.g. concept of least functionality) Configuration control, Detection of use of default passwords
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.IP-2 A System Development Life Cycle to manage systems is implemented Awareness and Training, Configuration control, Centralized management of security policies, Risk and Vulnerability Management, Separation of environments
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.IP-3 Configuration change control processes are in place Configuration control, Activity log policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
PR.IP-4 Backups of information are conducted, maintained, and tested periodically Backup Policy, Data Protection, Backup system
PR.IP-5 Policy and regulations regarding the physical operating environment for organizational assets are met Compliance, Physical security in the installation of devices
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
PR.IP-6 Data is destroyed according to policy Compliance, Data Protection
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
PR.IP-7 Protection processes are continuously improved Centralized management of security policies, Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
PR.IP-8 Effectiveness of protection technologies is shared with appropriate parties Certification of the main ICS providers, Awareness and Training, Communications plan
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.IP-9 Response plans (Incident Response and Business Continuity) and recovery plans (Incident Recovery and Disaster Recovery) are in place and managed Certification of the main ICS providers, Awareness and Training, Communications plan, Access control policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.IP-10 Response and recovery plans are tested Awareness and Training, Communications plan, Backup Policy, Backup system
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.IP-11 Cybersecurity is included in human resources practices (e.g., deprovisioning, personnel screening) Awareness and Training, Communications plan
Kaspersky Security Awareness Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.IP-12 A vulnerability management plan is developed and implemented Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
PR.MA-1 Maintenance and repair of organizational assets is performed and logged in a timely manner, with approved and controlled tools Use control policy, Activity log policy, Security log, Physical security in the installation of devices
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.MA-2 Remote maintenance of organizational assets is approved, logged, and performed in a manner that prevents unauthorized access Device control, Use control policy, Activity log policy, Security log
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
PR.PT-1 Audit/log records are determined, documented, implemented, and reviewed in accordance with policy Equipment protection diagnostics, Inspect endpoint logs, SIEM integration, Activity log policy, Industrial network event log (forensic analysis), Security log, Reporting of events and communication to responsible parties
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
PR.PT-2 Removable media is protected and its use restricted according to policy Device control, Monitor USB access, Activity log policy, Reporting of events and communication to responsible parties
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
PR.PT-3 The principle of least functionality is incorporated by configuring systems to provide only essential capabilities Configuration control, Equipment use control
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Security Center Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.PT-4 Communications and control networks are protected WI-FI control, Network communications control, Network integrity control, Industrial DPI for anomaly detection, Advanced detection of anomalies in the IP layer, Detect attacks on industrial networks (signature-based) , Secure network design, PKI infrastructure, Network communication visualization
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
PR.PT-5 Systems operate in pre-defined functional states to achieve availability (e.g. under duress, under attack, during recovery, normal operations). Secure network design, Advanced process control rules
Kaspersky Industrial CyberSecurity for Network Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
RS.RP-1 Response plan is executed during or after an event Awareness and Training, Incident response support
Kaspersky Security Awareness Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
RS.CO-1 Personnel know their roles and order of operations when a response is needed Awareness and Training, Communications plan
Kaspersky Security Awareness Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
RS.CO-2 Events are reported consistent with established criteria Awareness and Training, Communications plan
Kaspersky Security Awareness Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
RS.CO-3 Information is shared consistent with response plans Awareness and Training, Communications plan
Kaspersky Security Awareness Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
RS.CO-4 Coordination with stakeholders occurs consistent with response plans Awareness and Training, Communications plan
Kaspersky Security Awareness Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
RS.CO-5 Voluntary information sharing occurs with external stakeholders to achieve broader cybersecurity situational awareness Awareness and Training, Communications plan
Kaspersky Security Awareness Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
RS.AN-1 Notifications from detection systems are investigated  Awareness and Training, Communications plan, Incident response support
KICS - Kaspersky Industrial Cybersecurity Partial coverage
RS.AN-2 The impact of the incident is understood Awareness and Training, Communications plan, Incident response support
KICS - Kaspersky Industrial Cybersecurity Partial coverage
RS.AN-3 Forensics are performed Industrial network event log (forensic analysis), Incident response support
Kaspersky Industrial CyberSecurity for Network Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
RS.AN-4 Incidents are categorized consistent with response plans Communications plan, Incident response support
RS.MI-1 Incidents are contained Incident response support
RS.MI-2 Incidents are mitigated Incident response support
RS.MI-3 Newly identified vulnerabilities are mitigated or documented as accepted risks Risk and Vulnerability Management
Kaspersky Industrial CyberSecurity for Network Full coverage
Kaspersky Security Center Full coverage
KICS - Kaspersky Industrial Cybersecurity Full coverage
RS.IM-2 Response strategies are updated Compliance
Kaspersky Industrial CyberSecurity for Nodes Full coverage
RS.IM-1 Response plans incorporate lessons learned Awareness and Training, Compliance, Backup Policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
RC.RP-1 Recovery plan is executed during or after an event Backup Policy, Redundancy system, Backup system
Kaspersky Security Center Partial coverage
RC.IM-1 Recovery plans incorporate lessons learned Awareness and Training, Compliance, Backup Policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
RC.IM-2 Recovery strategies are updated Awareness and Training, Compliance, Communications plan, Backup Policy
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
KICS - Kaspersky Industrial Cybersecurity Partial coverage
RC.CO-1 Public relations are managed Communications plan
RC.CO-2: Reputation after an event is repaired Communications plan
RC.CO-3 Recovery activities are communicated to internal stakeholders and executive and management teams Communications plan