CISA’s CSET Tool Sets Sights on Ransomware Threat
12:45 PM EDT
Original release date: June 30, 2021
CISA has released a new module in its
Cyber Security Evaluation Tool (CSET): the Ransomware Readiness Assessment
(RRA). CSET is a desktop software tool that guides network defenders through
a step-by-step process to evaluate their cybersecurity practices on their
networks. CSET—applicable to both information technology (IT) and industrial
control system (ICS) networks—enables users to perform a comprehensive
evaluation of their cybersecurity posture using many recognized government
and industry standards and recommendations.
The RRA is a self-assessment based on a
tiered set of practices to help organizations better assess how well they are
equipped to defend and recover from a ransomware incident. CISA has tailored
the RRA to varying levels of ransomware threat readiness to make it useful to
all organizations regardless of their current cybersecurity maturity. The
organizations evaluate their cybersecurity posture, with respect to
ransomware, against recognized standards and best practice
recommendations in a systematic, disciplined, and repeatable manner.
asset owners and operators through a systematic process to evaluate
their operational technology (OT) and information technology (IT)
network security practices against the ransomware threat.
an analysis dashboard with graphs and tables that present the assessment
results in both summary and detailed form.
CISA strongly encourages all
organizations to take the CSET Ransomware Readiness Assessment, available at https://github.com/cisagov/cset/.