Skip to main content

CISA Shares New Ransomware Self-Assessment Tool

by Chris Brook on Thursday July 1, 2021

Contact Us
Free Demo
Chat

The new security audit self-assessment tool is designed to help organizations better understand how well they're equipped to defend and recover from ransomware.

In the wake of headline grabbing ransomware attacks on Colonial Pipeline and meat manufacturer JBS S.A this spring, the government is making inroads to prevent future attacks through education.

One of those government entities, the US Cybersecurity and Infrastructure Security Agency (CISA) - part of the Department of Homeland Security - released a new tool this week designed to help organizations better understand how well they're equipped to defend against and recover from such attacks.

The tool, the Ransomware Readiness Assessment, or RRA, takes the form of a new module for CISA's Cyber Security Evaluation Tool (CSET).

For those unfamiliar, CSET is a tool, available on GitHub, that organizations can use to carry out assessments of their enterprise and industrial control cyber systems. The tool incorporates standards from other government agencies, including NIST, North American Electric Reliability Corporation (NERC), Transportation Security Administration (TSA), and U.S. Department of Defense (DoD)

According to CISA, the latest release of CSET includes functionality - in the form of basic, intermediate, and advanced questions - for businesses to determine their cybersecurity posture as it pertains to ransomware.

“This is intended to help an organization improve by focusing on the basics first, and then progressing by implementing practices through the intermediate and advanced categories,” CISA says on its GitHub page. Central to the tool is External Dependencies Management, or EDM, a concept that’s from NIST's Cybersecurity Framework.

To use the new tool, users will have to download and install CSET, login, and select Maturity Model on the left-hand side of the application. After clicking next, there should be four options: ACET, CMMC, EDM, and what you’re looking for: Ransomware Readiness Assessment.

The tool comes the same week another entity - on the state level - New York's Department of Financial Services, issued new guidance on mitigating ransomware attacks. If you've been following the trajectory of ransomware attacks over the years, none of the instructions may be new to you, but they're still worth heeding.

In its guidance, NYDFS, like the FBI to an extent, is encouraging organizations do not pay ransoms and keep robust backups in place so they can be restored following an attack.

The rest of the department’s instructions are as follows:

  • Train Employees in Cybersecurity Awareness and Anti-Phishing;
  • Implement a Vulnerability and Patch Management Program;
  • Use Multi-Factor Authentication and Strong Passwords;
  • Employ Privileged Access Management to Safeguard Credentials for Privileged Accounts;
  • Use Monitoring and Response to Detect and Contain Intruders;
  • Segregate and Test Backups to Ensure that Critical Systems Can Be Restored in the Face of an Attack; and
  • Have a Ransomware Specific Incident Response Plan that is Tested by Senior Leadership

Tags:  Government Ransomware

Recommended Resources


The Definitive Guide to DLP

All the essential information you need about DLP in one eBook.

The Ultimate Guide to Data Protection

Everything you need to know about data protection but were afraid to ask.