The first step in using the Ransomware Defense Initiative (RDI) is to assess your organization’s cyber risk profile. Your cyber risk profile refers to the level of acceptable risk your organization is willing to tolerate when it comes to ransomware attacks.
There are several ways organizations can find their current cyber risk profile. One way is to perform a cybersecurity risk assessment. This involves identifying and analyzing all internal and external risks, documenting the likelihood and impact of various threat events through cybersecurity risk registers integrated into an enterprise risk profile, and prioritizing and communicating enterprise cybersecurity risk response and monitoring (https://www.nist.gov/publications/identifying-and-estimating-cybersecurity-risk-enterprise-risk-management).
RDI is designed to help you identify and mitigate risks associated with ransomware. By comparing your existing security controls with those recommended by RDI, you can quickly identify any gaps and prioritize areas for improvement.
If the answer is “Yes”, then proceed to answer the next four questions. Each question follows CMMI Maturity framework standard as follows:
Once an organization has identified its risk profile and inventoried its security controls, it can begin to assess the maturity of the recommended controls that have been deployed. RDI provides a list of controls for each level (Foundational, Advanced, and Elite) to guide an organization’s assesments efforts.
RDI is intended to be a living document that an organization can use to guide its ongoing security efforts. An organization should regularly monitor and update its security controls to ensure that they remain effective and aligned with the latest ransomware threat landscape.
To conduct a quick self-assessment using RDI, allocate no more than two minutes per security control.
You can select the tab for which RDI family you would like to assess: Foundational, Advanced, or Elite.
You will then be presented with the first control of that chosen family, followed by 5 questions. You will be asked to answer the same five questions for each control, regardless of family.
The first question “Is this control deployed across my organization”, will determine if you answer the remaining questions or go to the next control. We are asking if the control is installed across the organization, and if you feel good about the deployment and status.
If the answer is “Yes”, then proceed to answer the next four questions. Each question follows CMMI Maturity framework standard as follows:
This evaluates how well the organization has organized its resources, including personnel and processes, to effectively manage the control, highlighting the presence of well-defined processes.
This question checks how thoroughly the organization documents its controls processes and settings, which is critical for ensuring that procedures can be consistently replicated and managed
This looks into the organization’s regular monitoring practices for the control, key for measuring and managing the process effectively.
This examines whether the organization has established mechanisms for regularly updating and refining the control, demonstrating ongoing process optimization.
After completing the assessment, RDI provides a clear, data-driven view of your organization’s ransomware maturity posture. Each control’s rating feeds into a comprehensive maturity score, highlighting your strengths, areas with gaps, and controls that may need closer examination.
Based on your results:
Identify and Prioritize: Focus on areas marked as "Gaps" or "of interest." These indicate potential vulnerabilities or controls that could benefit from further development.
Develop an Action Plan: Use RDI's insights to create a strategic action plan, prioritizing areas that strengthen your defenses in line with your organization's risk profile.
Monitor and Update Regularly: RDI is designed to be a living tool. Reassess periodically to track improvements, adapt to evolving threats, and ensure that your security controls remain aligned with the latest ransomware landscape.
With RDI's continuous guidance, you can confidently strengthen your ransomware defenses and achieve a proactive security posture.
Start your assessment today with the Ransomware Defense Initiative. Quickly evaluate your readiness and enhance your strategy against Ransomware.
