The Cybersecurity and Infrastructure Security Agency (CISA) released the Ransomware Readiness Assessment (RRA) tool to help organizations gauge their readiness and ability to defend and recover from a ransomware attack.
The module, which is part of the Cyber Security Evaluation Tool (CSET), covers two areas, namely, information technology (IT) and industrial control system (ICS) assets.
The Department of Homeland Security (DHS) introduced the CSET toolset in 2006 and has incrementally added functionality since then.
Ransomware Readiness Assessment tool considers all cybersecurity maturity levels
All organizations regardless of their cybersecurity maturity levels can use the ransomware readiness assessment tool to test their ransomware resilience. Thus, both small businesses without dedicated cybersecurity personnel and large corporations can benefit from the tool.
“CISA has tailored the RRA to varying levels of ransomware threat readiness to make it useful to all organizations regardless of their current cybersecurity maturity,” according to the release notes.
The ransomware readiness assessment tool offers step-by-step guidance for network administrators to evaluate their cybersecurity practices. It poses a series of questions on the organization’s cybersecurity policies and compares the responses to established cybersecurity best practices.
It focuses on the basics first, thus providing a clear path for improvement before progressing to intermediate and advanced levels.
CISA says the ransomware readiness assessment tool is based on a set of “tiered set of practices.” It helps organizations assess their ransomware readiness in the following ways:
Assist organizations to evaluate their cybersecurity posture, in respect to ransomware, against recognized standards and best practice recommendations in a systematic, disciplined, and repeatable manner. This process could help them to detect deficiencies and take corrective action.
Guide asset owners and operators through a systematic process to evaluate their operational technology (OT) and information technology (IT) network security practices against the ransomware threat.
Presents the analysis in a summarized and detailed format on a rich dashboard with graphs and tables.
CISA strongly recommends that all organizations undertake the CSET Ransomware Readiness Assessment. The toolset is available for free download on CISA’s GitHub repository.
Timely release of Ransomware Readiness Assessment tool
CISA introduced the Ransomware Readiness Assessment module after some high-profile ransomware attacks in the country. The attacks also prompted executive action on cybersecurity.
In May, President Joe Biden signed an executive order on cybersecurity to improve the nation’s defenses against increasingly sophisticated malicious cyber campaigns threatening the public and private sector.
The executive order established a Cybersecurity Safety Review Board consisting of government officials from the DOD, DOJ, FBI, CISA, NSA, and the private sector representatives.
It also directed the Secretary of Defense to adopt the National Security Systems requirements policy setting forth cybersecurity requirements for national systems within 60 days.
The executive order would also enhance software supply chain security, remove barriers to sharing information over cyber threats, standardize the federal government’s response to cyber incidents and vulnerabilities, among other proposals.
“It’s great to see CISA continue to offer not only leadership, but actionable tools to help cybersecurity professionals deal with current threats,” Chris Houlder, CISO Advisor at Aleada, said. “While these tools are commonly presented as being tailored for critical infrastructure, it’s important to remember that they are equally applicable to any business.”
Commenting on CISA’s Ransomware Readiness Assessment tool, Doug Britton, CEO at Haystack Solutions, said:
“CISA’s new toolset is a solid approach to preparing and hardening systems against cyber threats. Using tools like the RRA for self-assessment can help organizations fast-track their planning.”
“Ransomware represents a rapidly growing threat as attackers target organizations for money,” added Saryu Nayyar, CEO at Gurucul. “Many organizations, whether government entities, large enterprises, or small or nonprofit businesses are being locked out of their systems and data, unable to do their work, unless they make a payment to the attackers.”