The CISA (Cybersecurity and Infrastructure Security Agency) continues to build new modules for the organization's Cyber Security Evaluation Tool (CSET). The latest component, which surfaced three days before the Kaseya VSA supply chain attack, is called the Ransomware Readiness Assessment (RRA) module.
The overall CSET desktop software tool "guides network defenders through a step-by-step process to evaluate their cybersecurity practices on their networks," CISA says. The new RRA module is "self-assessment based on a tiered set of practices to help organizations better assess how well they are equipped to defend and recover from a ransomware incident."
The CISA, part of the United States Department of Homeland Security, provides timely risk management and mitigation guidance to U.S. government agencies and the private sector.