The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday announced the release of a new module for its Cyber Security Evaluation Tool (CSET), namely the Ransomware Readiness Assessment (RRA).
A Department of Homeland Security (DHS) product, CSET was designed to help organizations assess their security posture, and is applicable to both IT and industrial control system (ICS) networks.
CSET includes a series of requirement questionnaires derived from recognized government and industry standards and can output a list of recommendations that should help organizations improve the security of their networks, in line with best cybersecurity standards, guidelines, and practices.
The new Ransomware Readiness Assessment (RRA) module gets defenders through a step-by-step process to assess their threat readiness in respect to ransomware attacks.
“The RRA is a self-assessment based on a tiered set of practices to help organizations better assess how well they are equipped to defend and recover from a ransomware incident,” CISA explains.
The tool was crafted for several different levels of ransomware threat readiness, so that all types of organizations can use it, regardless of their current preparedness or cybersecurity maturity.
The RRA offers ransomware threat readiness evaluation in a systematic, disciplined, and repeatable manner, helps assess both operational technology (OT) and IT network security practices, and delivers an analysis dashboard with graphs and tables to view assessment results.
Related: CISA Announces Vulnerability Disclosure Policy Platform
Related: CISA Issues MITRE ATT&CK Mapping Guide for Threat Intelligence Analysts
Related: U.S. Department of State Approves New Cyberspace Security Bureau

More from Ionut Arghire
- Information of 2.5M People Stolen in Ransomware Attack at Massachusetts Health Insurer
- US, South Korea Detail North Korea’s Social Engineering Techniques
- High-Severity Vulnerabilities Patched in Splunk Enterprise
- Enzo Biochem Ransomware Attack Exposes Information of 2.5M Individuals
- Google Temporarily Offering $180,000 for Full Chain Chrome Exploit
- Toyota Discloses New Data Breach Involving Vehicle, Customer Information
- Adobe Inviting Researchers to Private Bug Bounty Program
- Critical Vulnerabilities Found in Faronics Education Software
Latest News
- OpenAI Unveils Million-Dollar Cybersecurity Grant Program
- Galvanick Banks $10 Million for Industrial XDR Technology
- Information of 2.5M People Stolen in Ransomware Attack at Massachusetts Health Insurer
- US, South Korea Detail North Korea’s Social Engineering Techniques
- High-Severity Vulnerabilities Patched in Splunk Enterprise
- Idaho Hospitals Working to Resume Full Operations After Cyberattack
- Enzo Biochem Ransomware Attack Exposes Information of 2.5M Individuals
- Apple Denies Helping US Government Hack Russian iPhones
