Ransomware Readiness Assessment

What is the Ransomware Readiness Assessment?

The Ransomware Readiness Assessment (RRA) was released by the US Cybersecurity and Infrastructure Security Agency (CISA) in June 2021 as the latest addition to its Cyber Security Evaluation Tool (CSET). The RRA is a no-cost service to help any organization, regardless of size, understand their cybersecurity posture with respect to the ever-evolving threat of ransomware.

Ransomware is a type of malicious attack where cyber criminals encrypt and oftentimes steal files on a device, rendering any files and the systems that rely on them unusable. The attackers then demand ransom in exchange for decryption. Ransomware actors often threaten to sell or leak the stolen information if no payment is received. In recent years, ransomware incidents have become increasingly common among government entities and critical infrastructure organizations, but no industry has been left untouched.

The RRA is formatted as a self-assessment and is based on a tiering system. The assessment enables businesses to determine how well equipped they are to defend against and recover from ransomware attacks.

What are the requirements for the RRA?

The RRA model proposes ransomware readiness in three phases: Basic, Intermediate, and Advanced. The practices are designed to help organizations improve by focusing on one tier at a time, progressing to the higher levels through an evolving progression of questions.

This suggested path to improvement can be customized by the organization to meet its own objectives. 

Ransomware Readiness Assessment Composition

The assessment represents one Domain that addresses Ransomware and is constructed with 10 Goals and Practice Questions that address each Goal.

The Practice Questions are tiered as Basic, Intermediate, and Advanced. Each question contains an identifier structured as follows:

Goal [GG] : Level [B,I,A] . Question Number [Q##]

An example of the above structure is AM:I.Q03, which represents Asset Management, Level “Intermediate,” Question Number 3.

The RRA practices and tiers are designed to:

  • guide an organization to understand its current state of readiness to address the threat of ransomware
  • assist the organization with implementing a focused path for improvement

Implementation approach

  • The Basic tier of practices should be implemented by organizations that are unfamiliar with ransomware and need to adopt basic cyber defense safeguards against ransomware threats.
  • Organizations that have already completed the basic tier of the improvement effort and are looking to strengthen their response to ransomware threats should implement the Intermediate tier of practices.
  • After adopting the basic and intermediate level RRA practices, organizations looking to further improve their risk posture against ransomware threats should focus on adopting the practices in the Advanced Tier. 

Why should you be compliant with the RRA?

Ransomware poses an increasing threat and continues to rise as a top cyber threat impacting both businesses and government agencies. Discovering that all your data has been encrypted by attackers demanding payment to restore access is every organization’s worst nightmare. Even worse, the threat actors may be threatening to disclose the encrypted information to authorities, competitors or the public.

Ransomware can shut down an organization’s operations leaving management with a difficult decision: pay the ransom with the hope that the attackers honor that and release the decryption key and withdraw the threat to publish stolen data, or do not pay the ransom and attempt to recover operations themselves. 

Having little or no controls in place to protect your organization from ransomware is plain foolish. Cyber criminals are constantly scanning the Internet for unpatched and unprotected systems and services and, if you lack even the most basic protection, it’s only a matter of time before they succeed in encrypting your organization’s files. It is so important to be aware of what is fully protected, what is partially protected, and what needs more attention.

The Ransomware Readiness Assessment was created for this crucial reason. The RRA has been adapted to varying levels of ransomware protection, so that all organizations can benefit from it, regardless of their current cybersecurity maturity.

In addition, through the RRA tiering, organizations can work their way up to the advanced tier according to their budget and resources, with the knowledge that once the basic level has been implemented, they are already much better equipped to protect themselves against ransomware threats.

How to achieve compliance?

We now understand just how important it is for organizations to protect themselves against ransomware. 

The Ransomware Readiness Assessment was designed to help organizations assess their cybersecurity posture against ransomware threats with best practices for the organization to improve as needed.

Centraleyes has integrated the RRA into its cutting-edge platform allowing companies to seamlessly run through the assessment process. The platform offers you a smart questionnaire, real-time customized scoring, and prioritized remediation guidance to fully implement the RRA controls based on your desired tier.

Benefits of using Centraleyes to implement RRA

  • Helps organizations evaluate their cyber hygiene, with respect to ransomware, against known security standards and best practices in a repeatable, strategic, and disciplined manner
  • Guides organizations through a collaborative smart-questionnaire to assess their current security controls against the ransomware threat
  • Provides an intuitive dashboard with automated remediation and a unique breakdown screen that presents the assessment details and results in a user-friendly format

As the assessment is completed, the remediation center is updated in real-time, providing actionable steps for the organization to implement. The organization will be able to manipulate and filter data in order to analyze the results with varying levels of granularity.

Using the Centraleyes platform, with its RRA integration, results in time and resource savings, more accurate and measurable data, and peace of mind.

Take the Ransomware Readiness Assessment today using the Centraleyes platform.

Read More:

Joint Ransomware Guide

Reduce the Risk of Ransomware Campaign 

Rising Ransomware Threat to Operational Technology Assets

Ransomware Alerts and Tips | CISA

Related Content

Insider Risk Mitigation

What is Insider Risk Mitigation (IRMPE)? In September 2021, the US Cybersecurity and Infrastructure Security Agency…

FINRA

What is FINRA? FINRA, the Financial Industry Regulatory Authority, is a non-profit self regulatory organization that…

OWASP MASVS

What is OWASP MASVS? The Open Web Application Security Project (OWASP) is a non-profit international organization…