How prepared are you to deal with the latest cyber threats?

How secure are your systems, employees, and data?

This quick assessment will help you get an idea of where you stand right away.

We take your privacy very seriously and, as such, we will never sell or share your data with any third parties. We promise we won't spam you. We may, however, reach out to inquire about your experience with this assessment. You have the right to opt out of all further communications from us at any time by following the included instructions.

arrow

THE ASSESSMENT

1 .
Do you have a current and frequently updated inventory of all of your IT assets (hardware, software packages, licenses, agreements, etc.)?
     

2 .
Do you have a risk management plan that is regularly reviewed and updated?
     

3 .
Do you require at least annual/semi-annual security training for all employees?
     

4 .
Do you regularly receive, review and monitor threat and vulnerability information for your IT systems and software?
     

5 .
Have you identified potential business impacts of a security breach and prepared adequate mitigation strategies for them?
     

6 .
Are you actively managing employee access (both physical and virtual), identities, and credentials? For example, are you enforcing strict password policies, implementing role-based permissions for users on all systems, and utilizing strong physical protections (locks, alarms, biometrics, etc.) for critical infrastructure?
     

7 .
Do you have a robust firewall, antivirus/anti-malware, and intrusion detection/prevention systems in place?
     

8 .
Are you monitoring and controlling employee remote access (VPN, Citrix, etc.) and mobile devices that access your systems so as to prevent the transport, storage or printing of sensitive data outside of company networks?
     

9 .
Are your data and systems being securely backed up at regular intervals in geographically distinct regions and do you have a robust disaster recovery plan that is tested on a regular (at least quarterly) basis?
     

10 .
Are your un-needed data and obsolete hardware devices being destroyed or disposed of in a secure manner?
     

11 .
Do you have an active configuration management and/or change control policy for your IT systems?
     

12 .
Are you performing routine vulnerability scans and activity monitoring for all of your IT systems?
     

13 .
Do you have established incident response procedures and is your staff aware of it?
     

14 .
Are your vendors and suppliers aware of their roles and responsibilities in managing security risks with signed agreements in place?
     

15 .
Are employees and senior executives aware of their roles and responsibilities in managing security risks with signed agreements in place?
     

16 .
Do you patch and update of all of your IT systems on at least a weekly basis?
     

17 .
Are you ensuring that sensitive data "at rest" (on disk, in a database, etc.) is stored safely utilizing strong encryption as necessary?
     

18 .
Are you ensuring that sensitive data "in transit" (moving over the network or internet) is securely encrypted as necessary?
     

19 .
Do you have an up-to-date policy for personal (user-owned) device and computer security standards (encryption, anti-virus, software, etc.) that is strictly enforced?
     

20 .
Are you routinely communicating the latest high-risk security threats and scams/phishing attempts to your employees?
     

Your Information