Ransomware: This new free tool lets you test if your cybersecurity is strong enough to stop an attack

CISA's Ransomware Readiness Assessment allows organisations to test how well their networks can protect against and recover from ransomware attacks - and provides advice on improvements.
Written by Danny Palmer, Senior Writer

Organisations can test their network defences and evaluate if their cybersecurity procedures can protect them from a ransomware attack using a new self-assessment tool from the US Cybersecurity and Infrastructure Security Agency (CISA). 

The Ransomware Readiness Assessment (RRA) is a new module in CISA's Cyber Security Evaluation Tool (CSET) that allows organisations to assess how well equipped they are to defend and recover from a ransomware attack. 

Accessible by desktop software, the self-assessment tool can be applied to both information technology (IT) and industrial control system (ICS) networks, and enables users to evaluate their cybersecurity strategy based on government and industry recommendations and standards.

SEE: Cybersecurity: Let's get tactical (ZDNet/TechRepublic special feature) | Download the free PDF version (TechRepublic)

"The Ransomware Readiness Assessment (RRA) will help you understand your cybersecurity posture with respect to the ever-evolving threat of ransomware," says the tool's release notes.  

The CISA tool asks users to answer a series of questions about their cybersecurity policies with the aim helping organisations improve their defences against ransomware. It focuses on the basics first, before moving onto intermediate and advanced questions and tutorials.

The aim is to make it useful for organisations whatever the state of their cybersecurity strategy, so CISA is strongly encouraging all organisations to take the Ransomware Readiness Assessment. 

"CISA has tailored the RRA to varying levels of ransomware threat readiness to make it useful to all organizations regardless of their current cybersecurity maturity," said CISA.  

Following the high-profile ransomware attack against Colonial Pipeline, the United States has taken a firmer stance against ransomware and is encouraging organisations to do more to shore up their networks' defences.

SEE: Ransomware: Paying up won't stop you from getting hit again, says cybersecurity chief

President Joe Biden signed an executive order to boost cybersecurity across the US federal government. The US President has also discussed ransomware with Russian President Vladimir Putin.

While the exact subjects discussed during the meeting in Geneva, Switzerland aren't known, it's believed that Biden tried to press Putin on the issue of ransomware gangs working out of Russia.


Editorial standards