The US Cybersecurity and Infrastructure Security Agency (CISA) has published a new module for its Cyber Security Evaluation Tool (CSET) that will enable organizations to assess their security posture in relation to ransomware attacks.
The new module, Ransomware Readiness Assessment (RRA), is a self-assessment that helps organizations to comprehend their ability to defend themselves against such attacks. CSET is a desktop software tool that guides network defenders through a step-by-step process to evaluate their cybersecurity practices on their networks.
"This is intended to help an organization improve by focusing on the basics first, and then progressing by implementing practices through the intermediate and advanced categories."
CISA said the self-assessment would help businesses to evaluate their cybersecurity posture against recognized standards and best practice recommendations in a systematic, disciplined, and repeatable manner.
It will also guide asset owners and operators through a systematic process to evaluate their operational technology (OT) and information technology (IT) network security practices against the ransomware threat. The module also provides an analysis dashboard with graphs and tables that present the assessment results in both summary and detailed form.
Dr George Papamargaritis, MSS Director at Obrela, told IT Pro that we are seeing that only those who prepare for ransomware infections, and have a well-rehearsed security strategy for how to handle them when they happen, come out strongest.
“When companies don’t prepare, they fail, and ransomware causes catastrophic damage. This new tool from CISA is a great offering to help organizations understand how equipped they are to deal with ransomware,” he said.
“However, carrying out the audit is just the first step, putting the intelligence into action and building it into an organization’s security strategy is the most important, but also challenging, issue, particularly across critical infrastructure where legacy machines are commonplace but very difficult to update.”
Lewis Jones, threat intelligence analyst at Talion, told IT Pro that this is a positive step from CISA.
“Today we are in the middle of a cyber wild west where criminal gangs are getting richer and richer, and no organization is safe because of a lack of formal guidance or regulations on how to handle ransomware," he said.
"If the government doesn’t intervene and provide this soon, things are going to get worse and potentially even out of control."
-
What does modern security success look like for financial services?Sponsored As financial institutions grapple with evolving cyber threats, intensifying regulations, and the limitations of ageing IT infrastructure, the need for a resilient and forward-thinking security strategy has never been greater
-
Yes, legal AI. But what can you actually do with it? Let’s take a look…Sponsored Legal AI is a knowledge multiplier that can accelerate research, sharpen insights, and organize information, provided legal teams have confidence in its transparent and auditable application
-
Volkswagen confirms security ‘incident’ amid ransomware breach claimsNews Volkswagen has confirmed a security "incident" has occurred, but insists no IT systems have been compromised.
-
The number of ransomware groups rockets as new, smaller players emergeNews The good news is that the number of victims remains steady
-
Teens arrested over nursery chain Kido hacknews The ransom attack caused widespread shock when the hackers published children's personal data
-
NCA confirms arrest after airport cyber disruptionNews Disruption is easing across Europe following the ransomware incident
-
Cyber professionals are losing sleep over late night attacksNews Hackers are biding their time and launching attacks when businesses can’t respond
-
Prolific ransomware operator added to Europe’s Most Wanted list as US dangles $10 million rewardNews The US Department of Justice is offering a reward of up to $10 million for information leading to the arrest of Volodymyr Viktorovych Tymoshchuk, an alleged ransomware criminal.
-
Jaguar Land Rover “did the right thing” shutting down systems to thwart cyber attackNews The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector
-
Ransomware attack on IT supplier disrupts hundreds of Swedish municipalitiesNews The attack on IT systems supplier Miljödata has impacted public sector services across the country
