Security News > 2021 > June > CISA releases new ransomware self-assessment security audit tool
The US Cybersecurity and Infrastructure Security Agency has released the Ransomware Readiness Assessment, a new module for its Cyber Security Evaluation Tool.
RRA is a security audit self-assessment tool for organizations that want to understand better how well they are equipped to defend against and recover from ransomware attacks targeting their information technology, operational technology, or industrial control system assets.
"The RRA also provides a clear path for improvement and contains an evolving progression of questions tiered by the categories of basic, intermediate, and advanced," CISA says on the tool's wiki page.
Guides asset owners and operators through a systematic process to evaluate their operational technology and information technology network security practices against the ransomware threat.
CISA has previously released Aviary, a tool to review post-compromise activity in Microsoft Azure Active Directory, Office 365, and Microsoft 365 environments.
CISA also released CHIRP, a Python-based forensics collection tool that detects signs of SolarWinds hackers' activity on Windows systems.
News URL
Related news
- CISA and FBI: Ghost ransomware breached orgs in 70 countries (source)
- Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISA (source)
- Ransomware criminals love CISA's KEV list – and that's a bug, not a feature (source)
- CISA: Medusa ransomware hit over 300 critical infrastructure orgs (source)
- FCC stands up Council on National Security to fight China in ways that CISA used to (source)
- Medusa Ransomware Strikes 300+ Targets: FBI & CISA Urge Immediate Action to #StopRansomware (source)
- CISA fires, now rehires and immediately benches security crew on full pay (source)
- Security shop pwns ransomware gang, passes insider info to authorities (source)