January 26, 2024

Ransomware Self-Assessment Tool Version 2

The Conference of State Bank Supervisors (CSBS) recently released the Ransomware Self-Assessment Tool version 2.0. As noted by CSBS, the tool is designed to “help financial institutions periodically assess their efforts to mitigate risks associated with ransomware and identify gaps for increasing security.” The tool is not required from a regulatory perspective, but knowing risk posture is. Consider the CSBS tool as another asset in your arsenal to help fight the scourge of ransomware and hopefully prevent the institution from becoming a victim.

While completing the worksheet, do not silo the effort. Involve key players to gain different perspectives than that of just the IT department or the Information Security Officer. Consider reviewing the results with senior management, steering committees, and the board of directors. Lastly, take the lessons that are learned, update the IT risk assessment, and apply changes to general controls to cover any identified gaps.

To download the latest version of the CSBS Ransomware Self-Assessment Tool visit https://www.csbs.org/ransomware-self-assessment-tool. And, for our clients that are not specifically considered “banks” or financial institutions, there is a Non-bank Ransomware Self-Assessment Tool provided at the same link as above.

As always, if there are any questions about ransomware or any other cyber security subject, please reach out. We’re here to help.

Authored by: Mike Smith, CBISO

You May Want to Read More:

Wanted: Information Security Officer - WST

October 6, 2023

Looking for a new Information Security Officer? What skill sets should be considered? As information security professionals....

Here Comes Passkeys! - WST

September 29, 2023

The next version of Windows 11 (23H2) due October 2023 adds support for passkeys. Google also added passkey support for Google accounts back in....

Security Incident Notification Rule and Service Providers - WST

September 21, 2023

Back in November of 2021, the OCC, FRB, and FDIC jointly issued a final rule requiring banking....

Keep your institution off the evening news.


Contact Us