The US Cybersecurity and Infrastructure Security Agency (CISA) has released the Ransomware Readiness Assessment (RRA), a new ransomware self-assessment security audit tool for the agency’s Cyber Security Evaluation Tool (CSET).
RRA could be used by organizations to determine their level of exposure to ransomware attacks against their information technology (IT), operational technology (OT), or industrial control system (ICS) assets.
“The Ransomware Readiness Assessment (RRA) will help you understand your cybersecurity posture with respect to the ever-evolving threat of ransomware.” CISA says. “The RRA also provides a clear path for improvement and contains an evolving progression of questions tiered by the categories of basic, intermediate, and advanced. This is intended to help an organization improve by focusing on the basics first, and then progressing by implementing practices through the intermediate and advanced categories.”
The tool would help organizations in improving their resilience to ransomware attacks by implementing best practices.
The US agency highlights that RRA:
CISA recommends organizations download and use the CSET Ransomware Readiness Assessment, which is available on the Agency’s Git Hub Repository.
(SecurityAffairs – hacking, RRA)