Given the rising incidents of ransomware attacks on different organizations, the US CISA has launched a new security audit tool. Dubbed Ransomware Readiness Assessment (RRA), CISA has introduced it as a new module in its CSET desktop security tool.
CISA Introduced RRA Tool For Organisations
The cybersecurity agency of the US Department of Homeland Security has recently announced the launch of a security audit tool. According to CISA, the new feature will be available as a separate module in the Cyber Security Evaluation Tool (CSET).
CSET is a dedicated desktop software that guides users to self-assess the cybersecurity status of their networks. The tool serves both the IT and the ICS (industrial control system) networks to evaluate their security against the government and industry standards.
Named “Ransomware Readiness Assessment (RRA)”, this new module will further facilitate the users in evaluating their protection status against ransomware threats. This is helpful for all big and small businesses to assess their protection against different threat levels.
As stated in the advisory,
The RRA is a self-assessment based on a tiered set of practices to help organizations better assess how well they are equipped to defend and recover from a ransomware incident. CISA has tailored the RRA to varying levels of ransomware threat readiness to make it useful to all organizations regardless of their current cybersecurity maturity.
Regarding how RRA would benefit the users, CISA elaborated on three main functionalities.
- Let the organizations know of their ransomware readiness posture against industry standards and best practices.
- Help the system owners analyze their IT and OT network security against potential threats.
- Present detailed graphical analyses of the findings for the users to evaluate the next steps.
CISA has released the tool for all organizations on GitHub (here). All interested users can get the tool to assess their ransomware readiness status.