Skip to main content

Ransomware Readiness Assessment (RRA)

Better cyber security protection

Ransomware is a growing threat and is one of the main cyber threats affecting both private and public organizations. Ransomware is a malicious attack in which attackers encrypt an organization's data and demand payment to restore access. In some cases, attackers may also steal an organization's information and demand additional payment in exchange for not disclosing the information to authorities, competitors or the public.

Ransomware disrupts or stops an organization's operations and presents management with a dilemma: pay the ransom and hope the attackers keep their word about restoring access and not releasing data, or don't pay the ransom and restore operations themselves.

How do I protect my organization from Malware and Ransomware?

As an organization, are you also looking for ways to have ultimate protection against Malware and Ransomware attacks? Unfortunately, ultimate protection does not exist in the field of cyber security. However, you can minimize the risk as far as possible by strengthening your internal processes and IT systems.

For this purpose, the CISA (Cybersecurity & Infrastructure Security Agency) has published the Ransomware Readiness Assessment (RRA). RRA is a self-assessment tool that allows step-by-step assessment of the maturity (maturity) of the cyber security processes in your organizations in terms of Malware and Ransomware.

RRA consists of the following 9 evaluation domains:

  • Robust Data Backup (DB).
  • Web Browser Management and DNS Filtering (BM).
  • Phisihing Preventino and Awareness (PP).
  • Network Perimiter Monitoring (NM).
  • Asset Management (AM).
  • User and Access Management (UM).
  • Application Integrity and Allowlist (AI).
  • Incident Response (IR).
  • Risk Management (RM)

As a result of the assessment, you will receive a Ransomware Readiness maturity report and a report with specific points and processes for improvement.

Ransomware and the Role of Internal Audit

At the IIA Congress 2024, our colleague Anita van der Leeuw spoke about ransomware and the role of Internal Audit, including the relationship with DORA legislation. With her presentation she managed to captivate and inspire a full room of auditors. Her presentation is now available for download.

More about Ransomware Readiness Assessment (RRA)

ARC People is happy to support you in applying and executing the Ransomware Readiness Assessment. Do you want to know how your organization is prepared for a Ransomware attack? Please contact Anita van der Leeuw or Toine van den Hurk. We are ready to answer your questions and help you further.

Our expert team, with years of experience, is ready to support you and offer personalized advice tailored to your specific situation. We strive to respond to your inquiries as quickly as possible so that you are always helped quickly.

Anita van der Leeuw

Senior Manager of IT Audit & Risk

06-18682946

Toine van den Hurk

Senior Manager of IT Audit & Risk

06-41773152