|
CISA’s CSET Tool Sets Sights on Ransomware Threat
06/30/2021
12:45 PM EDT
Original release date: June 30, 2021
CISA has released a new module in its
Cyber Security Evaluation Tool (CSET): the Ransomware Readiness Assessment
(RRA). CSET is a desktop software tool that guides network defenders through
a step-by-step process to evaluate their cybersecurity practices on their
networks. CSET—applicable to both information technology (IT) and industrial
control system (ICS) networks—enables users to perform a comprehensive
evaluation of their cybersecurity posture using many recognized government
and industry standards and recommendations.
The RRA is a self-assessment based on a
tiered set of practices to help organizations better assess how well they are
equipped to defend and recover from a ransomware incident. CISA has tailored
the RRA to varying levels of ransomware threat readiness to make it useful to
all organizations regardless of their current cybersecurity maturity. The
RRA:
- Helps
organizations evaluate their cybersecurity posture, with respect to
ransomware, against recognized standards and best practice
recommendations in a systematic, disciplined, and repeatable manner.
- Guides
asset owners and operators through a systematic process to evaluate
their operational technology (OT) and information technology (IT)
network security practices against the ransomware threat.
- Provides
an analysis dashboard with graphs and tables that present the assessment
results in both summary and detailed form.
CISA strongly encourages all
organizations to take the CSET Ransomware Readiness Assessment, available at https://github.com/cisagov/cset/.
T
|