CISA’s Cset tool has new module on ransomware threat

Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today, Secure Tomorrow

CISA’s CSET Tool Sets Sights on Ransomware Threat

12:45 PM EDT


Original release date: June 30, 2021

CISA has released a new module in its
Cyber Security Evaluation Tool (CSET): the Ransomware Readiness Assessment
(RRA). CSET is a desktop software tool that guides network defenders through
a step-by-step process to evaluate their cybersecurity practices on their
networks. CSET—applicable to both information technology (IT) and industrial
control system (ICS) networks—enables users to perform a comprehensive
evaluation of their cybersecurity posture using many recognized government
and industry standards and recommendations.

The RRA is a self-assessment based on a
tiered set of practices to help organizations better assess how well they are
equipped to defend and recover from a ransomware incident. CISA has tailored
the RRA to varying levels of ransomware threat readiness to make it useful to
all organizations regardless of their current cybersecurity maturity. The

  • Helps
    organizations evaluate their cybersecurity posture, with respect to
    ransomware, against recognized standards and best practice
    recommendations in a systematic, disciplined, and repeatable manner.
  • Guides
    asset owners and operators through a systematic process to evaluate
    their operational technology (OT) and information technology (IT)
    network security practices against the ransomware threat.
  • Provides
    an analysis dashboard with graphs and tables that present the assessment
    results in both summary and detailed form.

CISA strongly encourages all
organizations to take the CSET Ransomware Readiness Assessment, available at