CISA Ransomware Assessment Tool Released

Free Services to help you during COVID-19 Learn More

Support Request a Demo Contact Us Blog
Business Data Breach

Expert(s): Saryu Nayyar, Dr. George Papamargaritis, Doug Britton, Lewis Jones, Ivan Speziale, Nasser Fattah, Chris Houlder | Informationsecuritybuzz.com »

BACKGROUND:

The Cybersecurity and Infrastructure Security Agency (CISA) has released the Ransomware Readiness Assessment (RRA), a new module for its Cyber Security Evaluation Tool (CSET). RRA is a security audit self-assessment tool for organizations that want to understand better how well they are equipped to defend against and recover from ransomware attacks targeting their information technology (IT), operational technology (OT), or industrial control system (ICS) assets.

 

EXPERTS COMMENTS :

Saryu Nayyar

| July 02, 2021

Saryu Nayyar, CEO, Gurucul

Most organizations have only a limited understanding of how attackers target their systems and networks.

Ransomware represents a rapidly growing threat as attackers target organizations for money.  Many organizations, whether government entities, large enterprises, or small or nonprofit businesses are being locked out of their systems and data, unable to do their work, unless they make a payment to the attackers.  Sometimes the ransom can amount to millions of dollars, and many pay it rather than risk losing their business.

Most organizations have only a limited understanding of how attackers target their systems and networks, and what they need to do in order to better protect themselves.  CISA’s new CSET Ransomware Readiness Assessment tool can help organizations assess the vulnerability of their systems to ransomware attacks, and to identify areas that can be improved.

But auditing your systems is only the first step of the process.  Organizations using a data analytics approach to security are able to identify anomalous behaviors in real-time, and stop attackers before they have a chance to lock out legitimate users and administrators.  Constant vigilance and monitoring are essential to ensure that companies can continue to operate under the threat of external attacks.

 

| July 02, 2021

Ivan Speziale, Security Researcher, Nozomi Networks

Cyber Security Evaluation Tool (CSET) gives asset owners a useful framework to assess their security posture against modern ransomware operations.

The release by CISA of the Ransomware Readiness Assessment (RRA) for its Cyber Security Evaluation Tool (CSET) gives asset owners a useful framework to assess their security posture against modern ransomware operations.

CSET, in particular, was thought with both information technology (IT) and industrial control system (ICS) networks in mind, such that defenders can gather a holistic view of the status quo.

As we’ve witnessed with the Colonial Pipeline incident, depending on the particularities of the organization targeted by a ransomware attack, the business can be brought to a halt even if the OT network is defended successfully.

For this very reason having a comprehensive understanding of the overall security, posture is the key to maintaining a secure business in the face of today’s threats.

 

| July 02, 2021

Nasser Fattah, Executive Advisor, Shared Assessments

Ransomware has and continues to cause significant outages.

Ransomware has and continues to cause significant outages, including impacting supply-chain.  The Colonial Pipeline, which provides gasoline to nearly 50% for the East Coast, ransomware attack required the company to shut down operations for several days causing panic-buying, shortages, and price spikes in some states. Thus having an assessment tool that lets OT and IT organizations get visibility and insights into their cybersecurity readiness when it comes to ransomware is very valuable.

 

| July 02, 2021

Chris Houlder, CISO Advisor, Aleada

It’s great to see CISA continue to offer not only leadership but actionable tools.

It’s great to see CISA continue to offer not only leadership, but actionable tools to help cybersecurity professionals deal with current threats. While these tools are commonly presented as being tailored for critical infrastructure, it’s important to remember that they are equally applicable to any business.  Ransomware is a serious and active threat to many industries. The best steps for dealing with ransomware and similar threats are rooted in cybersecurity and IT fundamentals and best practices.

 

| July 02, 2021

Dr. George Papamargaritis, MSS Director, Obrela Security Industries

When companies don’t prepare, they fail and ransomware causes catastrophic damage.

Today we are seeing that only those who prepare for ransomware infections, and have a well-rehearsed security strategy for how to handle them when they happen, come out strongest. When companies don’t prepare, they fail and ransomware causes catastrophic damage. This new tool from CISA is a great offering to help organisations understand how equipped they are to deal with ransomware. However, carrying out the audit is just the first step, putting the intelligence into action and building it into an organisation’s security strategy is the most important, but also challenging, issue, particularly across critical infrastructure where legacy machines are commonplace but very difficult to update.

 

| July 02, 2021

Doug Britton, CEO, Haystack Solutions

CISA’s new toolset is a solid approach to preparing and hardening systems against cyber threats.

CISA’s new toolset is a solid approach to preparing and hardening systems against cyber threats. Using tools like the RRA for self-assessment can help organizations fast-track their planning.

Systems are only half of the solution. Preparing corporate cyber teams should be a parallel, high priority. Like CISA’s RRA, the industry has tools to assess talent pipelines and help prepare multi-dimensional teams as well as understanding how well the current teams are balanced and ready for detecting and responding to attacks.

The industry would be best served to test systems and teams together, to ensure the strongest protections are being developed and put into production to ensure continuity of business operations and protection of high-value assets.

 

| July 02, 2021

Lewis Jones, Threat Intelligence Analyst, Talion

Today we are in the middle of a cyber wild west where no organisation is safe.

This is a positive step from CISA and our government must consider a similar offering for UK businesses. Today we are in the middle of a cyber wild west where criminal gangs are getting richer and richer, and no organisation is safe because of a lack of formal guidance or regulations on how to handle ransomware.  If the government doesn’t intervene and provide this soon, things are going to get worse and potentially even out of control.

CISA Ransomware Assessment
External Link: CISA Ransomware Assessment Tool Released

Share this page:

Related Posts