CISA Aims To Improve Ransomware Readiness
The Cybersecurity and Infrastructure Security Agency (“CISA”), the U.S. Government Agency that works with the private sector to defend against cyber threats and to build more secure and resilient infrastructure for the future, released a new module for its Cyber Security Evaluation Toolkits (“CSET”). This toolkit is designed to assist cybersecurity professionals by providing a systematic roadmap to evaluate their organization’s existing security protocols. The toolkit includes a step-by-step guide to assess both information technology (“IT”) and industrial control system (“ICS”) environments.
The new CSET module is called Ransomware Readiness Assessment (“RRA”). It specifically assesses an organization’s readiness against tactics commonly associated with ransomware attacks. This new module is presumably in response to the uptick in ransomware attacks over the past 24 months, which are making headline news. Ransomware is a type of malware that encrypts a system’s data and demands payment in exchange for a decryption key. Ransomware is known to significantly disrupt business operations and threat actors do everything in their power to make paying for a decryption key a more attractive and cost-efficient option than restoring from backups. This includes a common tactic of navigating to and deleting backups stored on the network.
Law enforcement has routinely stated that proper backup and restoration protocols are critical to avoiding ransom payments. CISA’s RRA is designed to help businesses assess how prepared they are for defending and recovering from a ransomware incident by:
- Helping businesses evaluate their cybersecurity posture, with respect to ransomware, against recognized standards and best practice recommendations.
- Providing an analysis dashboard that presents the assessment results in both summary and detailed form.
CISA strongly encourages all organizations to take the CSET Ransomware Readiness Assessment, available at https://github.com/cisagov/cset/.
What's Hot in the U.S. Crime Market - Part III
Please join us for a fast-moving presentation on the important current trends in the crime and related insurance coverage markets.
Post-Merger Integration Challenges in the Cannabis Industry
Join us for a thoughtful discussion which will cover M&A project integration plan outlines. We will discuss the timeline for major resources, assets, and processes of the acquiring and acquired companies that will be combined in order to achieve the goals of the deal.