The US Cybersecurity and Infrastructure Security Agency (CISA) has published a new module for its Cyber Security Evaluation Tool (CSET) that will enable organizations to assess their security posture in relation to ransomware attacks.
The new module, Ransomware Readiness Assessment (RRA), is a self-assessment that helps organizations to comprehend their ability to defend themselves against such attacks. CSET is a desktop software tool that guides network defenders through a step-by-step process to evaluate their cybersecurity practices on their networks.
"This is intended to help an organization improve by focusing on the basics first, and then progressing by implementing practices through the intermediate and advanced categories."
CISA said the self-assessment would help businesses to evaluate their cybersecurity posture against recognized standards and best practice recommendations in a systematic, disciplined, and repeatable manner.
It will also guide asset owners and operators through a systematic process to evaluate their operational technology (OT) and information technology (IT) network security practices against the ransomware threat. The module also provides an analysis dashboard with graphs and tables that present the assessment results in both summary and detailed form.
Dr George Papamargaritis, MSS Director at Obrela, told IT Pro that we are seeing that only those who prepare for ransomware infections, and have a well-rehearsed security strategy for how to handle them when they happen, come out strongest.
“When companies don’t prepare, they fail, and ransomware causes catastrophic damage. This new tool from CISA is a great offering to help organizations understand how equipped they are to deal with ransomware,” he said.
“However, carrying out the audit is just the first step, putting the intelligence into action and building it into an organization’s security strategy is the most important, but also challenging, issue, particularly across critical infrastructure where legacy machines are commonplace but very difficult to update.”
Lewis Jones, threat intelligence analyst at Talion, told IT Pro that this is a positive step from CISA.
“Today we are in the middle of a cyber wild west where criminal gangs are getting richer and richer, and no organization is safe because of a lack of formal guidance or regulations on how to handle ransomware," he said.
"If the government doesn’t intervene and provide this soon, things are going to get worse and potentially even out of control."
-
Gender diversity improvements could be the key to tackling the UK's AI skills shortageNews Encouraging more women to pursue tech careers could plug huge gaps in the AI workforce
-
Researchers claim Salt Typhoon masterminds learned their trade at Cisco Network AcademyNews The Salt Typhoon hacker group has targeted telecoms operators and US National Guard networks in recent years
-
15-year-old revealed as key player in Scattered LAPSUS$ HuntersNews 'Rey' says he's trying to leave Scattered LAPSUS$ Hunters and is prepared to cooperate with law enforcement
-
The Scattered Lapsus$ Hunters group is targeting Zendesk customers – here’s what you need to knowNews The group appears to be infecting support and help-desk personnel with remote access trojans and other forms of malware
-
Impact of Asahi cyber attack laid bare as company confirms 1.5 million customers exposedNews No ransom has been paid, said president and group CEO Atsushi Katsuki, and the company is restoring its systems
-
The US, UK, and Australia just imposed sanctions on a Russian cyber crime group – 'we are exposing their dark networks and going after those responsible'News Media Land offers 'bulletproof' hosting services used for ransomware and DDoS attacks around the world
-
A notorious ransomware group is spreading fake Microsoft Teams ads to snare victimsNews The Rhysida ransomware group is leveraging Trusted Signing from Microsoft to lend plausibility to its activities
-
Volkswagen confirms security ‘incident’ amid ransomware breach claimsNews Volkswagen has confirmed a security "incident" has occurred, but insists no IT systems have been compromised.
-
The number of ransomware groups rockets as new, smaller players emergeNews The good news is that the number of victims remains steady
-
Teens arrested over nursery chain Kido hacknews The ransom attack caused widespread shock when the hackers published children's personal data
