Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

2/9/2021
03:05 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Axio Launches Free Ransomware Preparedness Assessment Tool

NEW YORK, February 9, 2021 -- Axio, a leading cyber risk management Software-as-a-Service company, today announced the availability of a free Ransomware Preparedness Assessment tool to give organizations detailed visibility into their cyber posture with respect to ransomware. 

The assessment is based on data from hundreds of real ransomware events, guidance from the U.S. Department of Homeland Security, and Axio’s research. 

By using the Axio360 platform, users can rapidly assess and prepare for a ransomware attack, the most widespread cyber scourge of our time. The framework was designed by Axio’s research and development team, who have extensive experience building the most widely used cybersecurity maturity models for critical infrastructure.

The output of the Axio360 Ransomware Preparedness Assessment will be accepted as supplementary evidence in support of cyber insurance applications. 

The assessment output can be used to rapidly evaluate gaps in an organization’s cybersecurity posture that make it more susceptible to big-game-hunting ransomware. These results are critical in identifying and implementing protections against ransomware and will have the secondary effect of increasing the organization’s overall cybersecurity posture. The assessment interface in the Axio360 platform includes a comprehensive reporting functionality for executive stakeholders such as the C-suite and board members. Functionality in Axio360 supports targeting, planning, and tracking improvements to ensure that they are implemented.

“The risk of a ransomware event being realized has become a prioritized concern for business leaders in 2021. In 2020, cybercriminals operated without any human decency, targeting the most vulnerable and at-risk parties, such as hospitals, scientists, and global manufacturers. The approach has become more sophisticated and life-threatening, shifting from individual targets to big game hunting, destroying enterprise backups, blackmailing victims with public leakage of exfiltrated data, and paralyzing critical systems and infrastructure,” said David White, President of Axio. “Our initiative with this free ransomware assessment tool offering is to empower companies to fully understand how their programs are performing and to rapidly prioritize improvements based on what we have seen will provide the most impact.”

Axio’s core value is centered around helping organizations solve cyber risk. In 2020, the company provided three free cyber risk program assessment tools that give organizations visibility into their cyber posture. Axio360’s free tool set also includes the complete NIST Cybersecurity Framework (NIST CSF), the complete Cybersecurity Capability Maturity Model (C2M2), a wizard-based on-ramp to the C2M2 called C2M2 Foundation. In 2021, Axio will continue providing the latest cutting-edge instruments, including a wizard-based on-ramp to the NIST CSF called the NIST CSF Foundations and support for company-specific control frameworks for more advanced subscribers. 

By using the Axio360 free tool set, initial assessments can be the baseline to build a cybersecurity management program. Axio recommends setting a current and target state for improvement, which is easy and convenient to track over time in the platform. 

For more information on how to secure your organization and improve your cyber risk management, access all of Axio’s free tools here: https://learn.axio.com/free-tool.

About Axio

Axio is a leading cyber risk management SaaS company. Axio believes that all organizations should have the means to solve their unique cyber risk challenges and created the Axio360 platform to deliver on that belief. Axio360 is the only methodology and software designed to empower security leaders, senior executives, and boards of directors with the ability to confidently and continuously answer the critical questions about risk, including: Where should we invest to most effectively to minimize our cyber risk and financial exposure? Axio360 cuts through complexity to give organizations a comprehensive view of cyber risk, and links business leaders to security leaders with a unified message, in language decision makers and management teams understand well: financial impact.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8032
PUBLISHED: 2021-02-25
A Insecure Temporary File vulnerability in the packaging of cyrus-sasl of openSUSE Factory allows local attackers to escalate to root. This issue affects: openSUSE Factory cyrus-sasl version 2.1.27-4.2 and prior versions.
CVE-2020-36254
PUBLISHED: 2021-02-25
scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685.
CVE-2021-27670
PUBLISHED: 2021-02-25
Appspace 6.2.4 allows SSRF via the api/v1/core/proxy/jsonprequest url parameter.
CVE-2021-27671
PUBLISHED: 2021-02-25
An issue was discovered in the comrak crate before 0.9.1 for Rust. XSS can occur because the protection mechanism for data: and javascript: URIs is case-sensitive, allowing (for example) Data: to be used in an attack.
CVE-2020-9051
PUBLISHED: 2021-02-24
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.