CISA publishes ransomware self-assessment tool

Visual representation of ransomware by showing encrypted files on a display

(Image credit: Shutterstock)

The US Cybersecurity and Infrastructure Security Agency (CISA) has published a new module for its Cyber Security Evaluation Tool (CSET) that will enable organizations to assess their security posture in relation to ransomware attacks.

The new module, Ransomware Readiness Assessment (RRA), is a self-assessment that helps organizations to comprehend their ability to defend themselves against such attacks. CSET is a desktop software tool that guides network defenders through a step-by-step process to evaluate their cybersecurity practices on their networks.

Maryland water company investigating ransomware attack Four in five ransomware victims suffer repeat attacks US to give ransomware 'terrorism' status

"This is intended to help an organization improve by focusing on the basics first, and then progressing by implementing practices through the intermediate and advanced categories."

CISA said the self-assessment would help businesses to evaluate their cybersecurity posture against recognized standards and best practice recommendations in a systematic, disciplined, and repeatable manner.

It will also guide asset owners and operators through a systematic process to evaluate their operational technology (OT) and information technology (IT) network security practices against the ransomware threat. The module also provides an analysis dashboard with graphs and tables that present the assessment results in both summary and detailed form.

Dr George Papamargaritis, MSS Director at Obrela, told IT Pro that we are seeing that only those who prepare for ransomware infections, and have a well-rehearsed security strategy for how to handle them when they happen, come out strongest.

“When companies don’t prepare, they fail, and ransomware causes catastrophic damage. This new tool from CISA is a great offering to help organizations understand how equipped they are to deal with ransomware,” he said.

“However, carrying out the audit is just the first step, putting the intelligence into action and building it into an organization’s security strategy is the most important, but also challenging, issue, particularly across critical infrastructure where legacy machines are commonplace but very difficult to update.”

Lewis Jones, threat intelligence analyst at Talion, told IT Pro that this is a positive step from CISA.

“Today we are in the middle of a cyber wild west where criminal gangs are getting richer and richer, and no organization is safe because of a lack of formal guidance or regulations on how to handle ransomware," he said.

"If the government doesn’t intervene and provide this soon, things are going to get worse and potentially even out of control."

Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.