Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Governance & Risk Management

CISA Tool Helps Measure Readiness to Thwart Ransomware

Tool Designed to Gauge Whether Organizations Have Adequate Defense, Recovery Measures
CISA Tool Helps Measure Readiness to Thwart Ransomware

The U.S. Cybersecurity and Infrastructure Security Agency has released a Ransomware Readiness Assessment audit tool to help organizations size up their ability to defend against and recover from attacks.

The tool expands the agency's broader Cyber Security Evaluation Tool, which guides network defenders through the process of evaluating their security practices. That platform enables users to perform a comprehensive evaluation of their cybersecurity posture using government and industry standards and recommendations.

The new Ransomware Readiness Assessment is based on a tiered set of practices to help organizations gauge whether they are equipped to defend and recover from a ransomware incident. It's designed for use by organizations at all levels of cybersecurity maturity, the agency says.

Tool's Features

The new tool:

See Also: Live Discussion | Securing Business Growth: The Road to 24/7 Threat Detection and Response

  • Helps organizations measure ransomware attack preparedness using "recognized standards and best practice recommendations" in a "systematic, disciplined and repeatable manner";
  • Offers a guide to evaluating operational technology and information technology network practices;
  • Provides an analysis dashboard with graphs and tables that present the assessment results, via a summary and a detailed report.

New Dashboard

In April, CISA released Aviary, a dashboard that helps visualize and analyze outputs from its detection tool, Sparrow. The detection tool, released December 2020, enables network defenders to detect possible compromised accounts and applications in Azure/Microsoft 365 environments. The tool was created to support hunts for threat activity in the aftermath of the SolarWinds supply chain attack.

In March, the agency also released the CISA Hunt and Incident Response Program, a forensics collection tool designed to help network defenders find indicators of compromise by scanning for signs of APT compromise within an on-premises environment.

Ransomware Trends

Ransomware activity is surging globally in 2021. Among the most recent incidents was the Colonial Pipeline Co. attack, which led the company to temporarily shut down its major pipeline serving the East Coast (see: FBI: DarkSide Ransomware Used in Colonial Pipeline Attack).

A recent report from the security firm BlackFog documented 31 ransomware attacks in April, compared to 12 in the same month a year earlier.

A blockchain analysis from compliance and investigation firm Chainalysis says some $406 million in ransoms was paid to attackers in 2020. As of mid-May, some $81 million worth of ransoms had been paid to ransomware gangs so far this year, Chainalysis says.


About the Author

Dan Gunderman

Dan Gunderman

News Desk Staff Writer

As staff writer on the news desk at Information Security Media Group, Gunderman covers governmental/geopolitical cybersecurity updates from across the globe. Previously, he was the editor of Cyber Security Hub, or CSHub.com, covering enterprise security news and strategy for CISOs, CIOs and top decision-makers. He also formerly was a reporter for the New York Daily News, where he covered breaking news, politics, technology and more. Gunderman has also written and edited for such news publications as NorthJersey.com, Patch.com and CheatSheet.com.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.