CISA has announced a new Ransomware Readiness Assessment (RRA) tool designed to help organizations better understand how well they’re equipped to defend against and recover from ransomware attacks targeting their information technology (IT), operational technology (OT), or industrial control system (ICS) assets.
Cyber experts weighed-in on this announcement and the effectiveness of the action by CISA.
Sascha Fahrbach, Cybersecurity Evangelist, Fudo Security:
“This is a positive first step, and CISA is on the right track to helping businesses and organizations provide more holistic security. This new tool will certainly assist various industries in expanding their know-how about ransomware and assessing their readiness towards this threat. Having said that, this CISA RRA module is very much a foundational step, and utilizing the audit will only do so much.
Security teams need to use the information, data and other elements of this tool and structure the knowledge into an organization’s security policy and strategy. Security should not just be a box ticking exercise, and although helpful, there are many other layers and steps that must be implemented to safeguard vital industry and IT infrastructure. Other national governments should follow suit and continue to provide as much support and cross industry collaboration to keep the next breach or attack at bay, or at least be prepared to mitigate against the next plethora of threats.”
Ivan Speziale, Security Researcher, Nozomi Networks:
"The release by CISA of the Ransomware Readiness Assessment (RRA) for its Cyber Security Evaluation Tool (CSET) gives asset owners a useful framework to assess their security posture against modern ransomware operations.
CSET, in particular, was developed with both information technology (IT) and industrial control system (ICS) networks in mind, such that defenders can gather a holistic view of the status quo.
As we’ve witnessed with the Colonial Pipeline incident, depending on the particularities of the organization targeted by a ransomware attack, the business can be brought to a halt even if the OT network is defended successfully.
For this very reason, having a comprehensive understanding of the overall security posture is the key to maintaining a secure business in the face of today’s threats.”
Jerome Becquart, COO, Axiad:
"The first line of defense against any cyberattack is to educate, train, and assess your organizational readiness, which this tool will help achieve. Utilizing this tool will prepare businesses for zero trust security, which was recently highlighted in President Biden's executive order.
By assessing their ability to control access to their corporate resources, businesses can identify gaps in their security infrastructure. For instance, many organizations have started enforcing multi-factor authentication in parts of their ecosystems, but haven't secured all their use cases, which could leave vulnerabilities open for hackers to strike. This tool is a great step to identify these gaps and help IT leaders take a holistic approach for securing resources.
As cybersecurity regulation increases across industries, this will be an invaluable way for businesses to future-proof their infrastructure."
Alicia Townsend, Technology Evangelist, OneLogin:
"It is encouraging that government agencies are providing tools such as the Ransomware Readiness Assessment to help organizations better understand how well they are prepared to defend against ransomware attacks or recover from these attacks in case they do occur. We all need to strive to find ways to educate and empower IT administrators to protect themselves from these ever increasing threats."