CISA's New Ransomware Security Audit Tool is Released

CISA’s New Ransomware Security Audit Tool is Released

The US Cybersecurity and Infrastructure Security Agency (CISA) has created a new tool for a step-by-step assessment of the ransomware readiness of organizations.

Released on April 30, 2018, the Ransomware Readiness Assessment (RRA) is a self-assessment tool that helps organizations identify gaps in their security posture and identify areas of weakness to better defend against and recover from ransomware attacks.

This module assesses the level of ransomware threat readiness of orgs regardless of their current cybersecurity maturity.

“The RRA also provides a clear path for improvement and contains an evolving progression of questions tiered by the categories of basic, intermediate, and advanced,” CISA says on the tool’s wiki page. “This is intended to help an organization improve by focusing on the basics first, and then progressing by implementing practices through the intermediate and advanced categories.”

The Cybersecurity Awareness Alliance (CIA) has created the Ransomware Readiness Assessment (RRA) to help organizations avoid experiencing ransomware attacks by evaluating their cybersecurity posture against recognized standards and best practices.

It also outlines the various security measures that asset owners and operators can implement to prevent their OT and IT networks from being infected.

The tool provides an analysis dashboard that displays the assessment results in both the summary and detailed views.

How to use the RRA tool:

Install CSET and then:

  • Login or open the CSET app
  • Start a new assessment
  • Select Maturity Model within the Assessment Configuration screen
  • Select Ransomware Readiness Assessment from the Maturity Model screen

Complete the RRA assessment. You may review a tutorial for additional instruction, or the RRA guide found within the tool’s Help menu.

CISA has previously released Aviary and CHIRP tools, which are a PowerShell-based tool for detecting potentially compromised apps and a Python-based forensics tool respectively.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.