25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

CISA Releases Ransomware Readiness Assessment Audit Tool

Posted By on Jul 5, 2021

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has launched a new tool that can be used by organizations to assess how well they are equipped to defend and recover from a ransomware attack.

The threat from ransomware has gown significantly over the past year. The Verizon Data Breach Investigations Report shows 10% of cyberattacks now involve the use of ransomware, with SonicWall reporting a 62% global increase in ransomware attacks since 2019 and a 158% spike in attacks in North America during the same period. BlackFog predicts loses due to ransomware attacks will increase to $6 trillion in 2021, up from $3 trillion in 2015.

The Ransomware Readiness Assessment (RRA) audit module has been added to CISA’s Cyber Security Evaluation Tool (CSET). CSET is a desktop software tool that guides network defenders through a step-by-step process of assessing their cybersecurity practices for both their information technology (IT) and operational technology (OT) networks. CSET can be used to perform a comprehensive evaluation of an organization’s cybersecurity posture using recognized government and industry standards and recommendations.

The RRA can be used to evaluate cybersecurity defenses specifically relating to ransomware. CISA says the RRA tool has been developed for organizations at all levels of cybersecurity maturity and will allow network defenders to evaluate their defenses against recognized standards and best practice recommendations in a systematic, disciplined, and repeatable manner.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

The RRA guides asset owners and operators through a systematic process to evaluate cybersecurity practices against ransomware threats and provides an analysis dashboard with graphs and tables displaying the results of the assessment, both in summarized and detailed form.

The RRA tool is available through CSET, which should first be downloaded and correctly installed. The installation file and instructions on installing CSET and starting the ransomware readiness assessment is available on GitHub on this link.

CISA is urging all organizations to install the CSET tool and conduct a Ransomware Readiness Assessment to evaluate their cybersecurity defenses.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist