304 total views
The US National Cybersecurity and Infrastructure Security Agency (CISA) has released the Ransomware Readiness Assessment (RRA: Ransomware Risk Assessment), a new module for the Cyber Security Evaluation Tool (CSET).
RRA is a self-assessment security tool for organizations that want to better understand their security health and recover from ransomware attacks targeting IT, OT, or ICS.
RRA modified this CSET module to assess ransomware threat readiness.
“The RRA covers a series of questions that range from beginner to advanced and also provides a clear path for improvement,” said CISA. “This helps the organization focus on the basics first, then practice at the intermediate and advanced levels.”
According to CISA, RRA is used to combat the growing threat because it is effective:
- Helps organizations assess their cybersecurity, especially ransomware, against recognized standards and best practice recommendations in a systematic, disciplined, and repeatable manner.
- Guide property owners and operators through a systematic process for evaluating OT, ransomware threat-based security network practices.
- Provides an analytical dashboard with charts and tables presenting assessment results in both summary and detailed form.
To use the self-assessment tool, you must first install CSET and then:
- Step 1: Log in or start up CSET application
- Step 2: Start a new review
- Step 3: Choose Maturity Model in Assessment Configuration (this is the first screen you will see after selecting New Assessment)
- Step 4: Choose Ransomware Readiness Assessment in Maturity Model
- Step 5: You have now completed the RRA assessment. Review the manual for additional instructions or RRA instructions found in the Help menu menu
Previously, CISA released Aviary, a post-compromise performance review tool in Microsoft Azure Active Directory (AD), Office 365 (O365), and Microsoft 365 (M365) environments.
Aviary works by analyzing data outputs generated with Sparrow, a PowerShell-based tool to detect potentially compromised applications and accounts in Azure and Microsoft 365.
CISA also released the CISA Hunt and Incident Response Program (CHIRP), a Python-based forensic gathering tool, to detect signs of SolarWinds hacker activity on Windows systems.
#CISA #launches #ransomware #selfassessment #security #tool