CISA Ransomware Assessment Tool Released

BACKGROUND:

The Cybersecurity and Infrastructure Security Agency (CISA) has released the Ransomware Readiness Assessment (RRA), a new module for its Cyber Security Evaluation Tool (CSET). RRA is a security audit self-assessment tool for organizations that want to understand better how well they are equipped to defend against and recover from ransomware attacks targeting their information technology (IT), operational technology (OT), or industrial control system (ICS) assets.

https://twitter.com/easyjanjansen/status/1410488028892590084

Experts Comments

July 02, 2021
Ivan Speziale
Security Researcher
Nozomi Networks

The release by CISA of the Ransomware Readiness Assessment (RRA) for its Cyber Security Evaluation Tool (CSET) gives asset owners a useful framework to assess their security posture against modern ransomware operations.

CSET, in particular, was thought with both information technology (IT) and industrial control system (ICS) networks in mind, such that defenders can gather a holistic view of the status quo. 

As we’ve witnessed with the Colonial Pipeline incident, depending on the

.....Read More

The release by CISA of the Ransomware Readiness Assessment (RRA) for its Cyber Security Evaluation Tool (CSET) gives asset owners a useful framework to assess their security posture against modern ransomware operations.

CSET, in particular, was thought with both information technology (IT) and industrial control system (ICS) networks in mind, such that defenders can gather a holistic view of the status quo. 

As we’ve witnessed with the Colonial Pipeline incident, depending on the particularities of the organization targeted by a ransomware attack, the business can be brought to a halt even if the OT network is defended successfully.

For this very reason having a comprehensive understanding of the overall security, posture is the key to maintaining a secure business in the face of today’s threats.

  Read Less
July 02, 2021
Nasser Fattah
Executive Advisor
Shared Assessments

Ransomware has and continues to cause significant outages, including impacting supply-chain.  The Colonial Pipeline, which provides gasoline to nearly 50% for the East Coast, ransomware attack required the company to shut down operations for several days causing panic-buying, shortages, and price spikes in some states. Thus having an assessment tool that lets OT and IT organizations get visibility and insights into their cybersecurity readiness when it comes to ransomware is very valuable.

.....Read More

Ransomware has and continues to cause significant outages, including impacting supply-chain.  The Colonial Pipeline, which provides gasoline to nearly 50% for the East Coast, ransomware attack required the company to shut down operations for several days causing panic-buying, shortages, and price spikes in some states. Thus having an assessment tool that lets OT and IT organizations get visibility and insights into their cybersecurity readiness when it comes to ransomware is very valuable.

  Read Less
July 02, 2021
Chris Houlder
CISO Advisor
Aleada

It’s great to see CISA continue to offer not only leadership, but actionable tools to help cybersecurity professionals deal with current threats. While these tools are commonly presented as being tailored for critical infrastructure, it’s important to remember that they are equally applicable to any business.  Ransomware is a serious and active threat to many industries. The best steps for dealing with ransomware and similar threats are rooted in cybersecurity and IT fundamentals and best

.....Read More

It’s great to see CISA continue to offer not only leadership, but actionable tools to help cybersecurity professionals deal with current threats. While these tools are commonly presented as being tailored for critical infrastructure, it’s important to remember that they are equally applicable to any business.  Ransomware is a serious and active threat to many industries. The best steps for dealing with ransomware and similar threats are rooted in cybersecurity and IT fundamentals and best practices.

  Read Less
July 01, 2021
Dr. George Papamargaritis
MSS Director
Obrela Security Industries

Today we are seeing that only those who prepare for ransomware infections, and have a well-rehearsed security strategy for how to handle them when they happen, come out strongest. When companies don’t prepare, they fail and ransomware causes catastrophic damage. This new tool from CISA is a great offering to help organisations understand how equipped they are to deal with ransomware. However, carrying out the audit is just the first step, putting the intelligence into action and building it

.....Read More

Today we are seeing that only those who prepare for ransomware infections, and have a well-rehearsed security strategy for how to handle them when they happen, come out strongest. When companies don’t prepare, they fail and ransomware causes catastrophic damage. This new tool from CISA is a great offering to help organisations understand how equipped they are to deal with ransomware. However, carrying out the audit is just the first step, putting the intelligence into action and building it into an organisation’s security strategy is the most important, but also challenging, issue, particularly across critical infrastructure where legacy machines are commonplace but very difficult to update.

  Read Less
July 02, 2021
Saryu Nayyar
CEO
Gurucul

Ransomware represents a rapidly growing threat as attackers target organizations for money.  Many organizations, whether government entities, large enterprises, or small or nonprofit businesses are being locked out of their systems and data, unable to do their work, unless they make a payment to the attackers.  Sometimes the ransom can amount to millions of dollars, and many pay it rather than risk losing their business.

Most organizations have only a limited understanding of how attackers

.....Read More

Ransomware represents a rapidly growing threat as attackers target organizations for money.  Many organizations, whether government entities, large enterprises, or small or nonprofit businesses are being locked out of their systems and data, unable to do their work, unless they make a payment to the attackers.  Sometimes the ransom can amount to millions of dollars, and many pay it rather than risk losing their business.

Most organizations have only a limited understanding of how attackers target their systems and networks, and what they need to do in order to better protect themselves.  CISA’s new CSET Ransomware Readiness Assessment tool can help organizations assess the vulnerability of their systems to ransomware attacks, and to identify areas that can be improved.

But auditing your systems is only the first step of the process.  Organizations using a data analytics approach to security are able to identify anomalous behaviors in real-time, and stop attackers before they have a chance to lock out legitimate users and administrators.  Constant vigilance and monitoring are essential to ensure that companies can continue to operate under the threat of external attacks.

  Read Less
July 02, 2021
Doug Britton
CEO
Haystack Solutions

CISA's new toolset is a solid approach to preparing and hardening systems against cyber threats. Using tools like the RRA for self-assessment can help organizations fast-track their planning. 

Systems are only half of the solution. Preparing corporate cyber teams should be a parallel, high priority. Like CISA's RRA, the industry has tools to assess talent pipelines and help prepare multi-dimensional teams as well as understanding how well the current teams are balanced and ready for detecting

.....Read More

CISA's new toolset is a solid approach to preparing and hardening systems against cyber threats. Using tools like the RRA for self-assessment can help organizations fast-track their planning. 

Systems are only half of the solution. Preparing corporate cyber teams should be a parallel, high priority. Like CISA's RRA, the industry has tools to assess talent pipelines and help prepare multi-dimensional teams as well as understanding how well the current teams are balanced and ready for detecting and responding to attacks. 

The industry would be best served to test systems and teams together, to ensure the strongest protections are being developed and put into production to ensure continuity of business operations and protection of high-value assets.

  Read Less
July 01, 2021
Lewis Jones
Threat Intelligence Analyst
Talion

This is a positive step from CISA and our government must consider a similar offering for UK businesses. Today we are in the middle of a cyber wild west where criminal gangs are getting richer and richer, and no organisation is safe because of a lack of formal guidance or regulations on how to handle ransomware.  If the government doesn’t intervene and provide this soon, things are going to get worse and potentially even out of control.

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.