Questions About RSAT 2.0
The Ransomware Self-Assessment Tool (R-SAT) was developed by the CSBS (Conference of State Bank Supervisors), the BECTF (Bank Electronic Crimes Task Force) and the U.S. Secret Service with original release in October 2020. This tool was designed to provide a structured approach for assessing a financial institution’s security posture related to the common Ransomware attack vectors of that time across the 5 NIST CSF components. The R-SAT has been endorsed by several state regulatory authorities. However, at the time of this writing, the R-SAT has not been officially mandated by any federal regulatory agency.
Since October 2020, several factors have influenced changes to how financial institutions can best prepare to protect, detect, and respond to Ransomware. In light of these changes and lessons learned from financial institutions that had experienced Ransomware breaches, the CSBS updated the original R-SAT to R-SAT 2.0 in October 2023 to further assist banks and credit unions in the evolving effort to mitigate risks associated with recent Ransomware attack vectors. The Safe Systems, Inc. Compliance Team believes that regardless of how your financial institution is chartered, it’s a strong best practice and worth the time and effort to complete RSAT 2.0. Many FI’s are finding the depth of the analysis and the relevancy of potential actions positive in their efforts to address the improvement of cyber resilience.
Completing the Risk Self-Assessment Tool (RSAT) 2.0 is ideally a cross-departmental task involving key stakeholders from your IT, Cybersecurity, and Compliance departments, along with Senior Management. Examples of how suggested stakeholders benefit the process include: The IT team offers valuable insights into the intricacies of the technical infrastructure and associated risks, while the Cybersecurity team plays a crucial role in identifying potential vulnerabilities in security systems. The Compliance department helps ensure risk strategies comply with regulations, to avoid potential penalties. Senior Management provides strategic direction for the organization, and their support is vital for supporting a top-down approach to effective cyber resilience.
This collaborative effort in completing the RSAT 2.0 promotes proactive discussions about risk management, ultimately fostering innovative strategies for addressing emerging trends to reducing the impact of a malware attack on the FI’s systems or through a trusted third party.
RSAT 2.0 was updated with tactical details emphasizing recent experiences of FI’s who have effectively dealt with ransomware attacks. The latest version of RSAT (2.0) includes a focus on five key areas:
- A call out for the need for cloud-based data management, especially for data located outside the U.S., in compliance with international regulations like the GDPR.
- An emphasis on the growing importance of multifactor authentication, requiring specific details about its application and plans for improvements, highlighting it as a critical defense against unauthorized access.
- Increased focus on managing risks of the “human element”: a dynamic and comprehensive approach to stakeholder cybersecurity awareness training. This includes “role-based training” and regular phishing testing.
- A recommendation to include executive management’s involvement in the annual incident response test, stressing the role of leadership in cybersecurity readiness.
- Highlights the importance of ensuring clean data backups, emphasizing the significance of data integrity and availability during recovery.
Related Resources
Ask a Question, Get an Answer!
Ask a question and our compliance experts will email you back!
Explore Other Risk Management Articles