CISA publishes ransomware self-assessment tool

The auditing software will enable organizations to evaluate how well they are protected against threats

The US Cybersecurity and Infrastructure Security Agency (CISA) has published a new module for its Cyber Security Evaluation Tool (CSET) that will enable organizations to assess their security posture in relation to ransomware attacks.

The new module, Ransomware Readiness Assessment (RRA), is a self-assessment that helps organizations to comprehend their ability to defend themselves against such attacks. CSET is a desktop software tool that guides network defenders through a step-by-step process to evaluate their cybersecurity practices on their networks.

"This is intended to help an organization improve by focusing on the basics first, and then progressing by implementing practices through the intermediate and advanced categories."

CISA said the self-assessment would help businesses to evaluate their cybersecurity posture against recognized standards and best practice recommendations in a systematic, disciplined, and repeatable manner.

It will also guide asset owners and operators through a systematic process to evaluate their operational technology (OT) and information technology (IT) network security practices against the ransomware threat. The module also provides an analysis dashboard with graphs and tables that present the assessment results in both summary and detailed form.

Dr George Papamargaritis, MSS Director at Obrela, told IT Pro that we are seeing that only those who prepare for ransomware infections, and have a well-rehearsed security strategy for how to handle them when they happen, come out strongest.

“When companies don’t prepare, they fail, and ransomware causes catastrophic damage. This new tool from CISA is a great offering to help organizations understand how equipped they are to deal with ransomware,” he said.

“However, carrying out the audit is just the first step, putting the intelligence into action and building it into an organization’s security strategy is the most important, but also challenging, issue, particularly across critical infrastructure where legacy machines are commonplace but very difficult to update.”

Lewis Jones, threat intelligence analyst at Talion, told IT Pro that this is a positive step from CISA.

“Today we are in the middle of a cyber wild west where criminal gangs are getting richer and richer, and no organization is safe because of a lack of formal guidance or regulations on how to handle ransomware," he said.

"If the government doesn’t intervene and provide this soon, things are going to get worse and potentially even out of control."

Featured Resources

Seven steps to connect and empower your frontline workers

How business leaders can improve communication with a secure platform

Free download

Create what’s next

The future of collaboration and productivity

Free Download

Leveraging the cloud without relinquishing control

Your data. Their cloud.

Free download

Re-architecting for nonstop innovation

Unlocking productivity, scalability, and lower costs for cloud natives

Free Download

Recommended

US government warns of increased risk of ransomware over holiday season
ransomware

US government warns of increased risk of ransomware over holiday season

24 Nov 2021
Out-of-hours ransomware attacks have a greater impact on revenue
ransomware

Out-of-hours ransomware attacks have a greater impact on revenue

18 Nov 2021
US and Israel join forces to fight ransomware
ransomware

US and Israel join forces to fight ransomware

15 Nov 2021
Almost 70% of CISOs expect a ransomware attack
ransomware

Almost 70% of CISOs expect a ransomware attack

19 Oct 2021

Most Popular

Looking beyond the obvious: What’s best for multi-cloud?
Sponsored

Looking beyond the obvious: What’s best for multi-cloud?

8 Nov 2021
Nike to take customers into the metaverse with 'NIKELAND'
virtualisation

Nike to take customers into the metaverse with 'NIKELAND'

19 Nov 2021
How to speed up Microsoft's Windows 11
Microsoft Windows

How to speed up Microsoft's Windows 11

9 Nov 2021