slider

Your Information:

How prepared are you to deal with the latest cyber threats? How secure are your systems, employees, and data? This quick assessment will help you get an idea of where you stand right away.

We take your privacy very seriously and, as such, we will never sell or share your data with any third parties. We promise we won't spam you. We may, however, reach out to inquire about your experience with this assessment. You have the right to opt out of all further communications from us at any time by following the included instructions.

The Assessment:
1. Do you have a current and frequently updated inventory of all of your IT assets (hardware, software packages, licenses, agreements, etc.)?
No    Somewhat    Yes
2. Do you have a risk management plan that is regularly reviewed and updated?
No    Somewhat    Yes
3. Do you require at least annual/semi-annual security training for all employees?
No    Somewhat    Yes
4. Do you regularly receive, review and monitor threat and vulnerability information for your IT systems and software?
No    Somewhat    Yes
5. Have you identified potential business impacts of a security breach and prepared adequate mitigation strategies for them?
No    Somewhat    Yes
6. Are you actively managing employee access (both physical and virtual), identities, and credentials? For example, are you enforcing strict password policies, implementing role-based permissions for users on all systems, and utilizing strong physical protections (locks, alarms, biometrics, etc.) for critical infrastructure?
No    Somewhat    Yes
7. Do you have a robust firewall, antivirus/anti-malware, and intrusion detection/prevention systems in place?
No    Somewhat    Yes
8. Are you monitoring and controlling employee remote access (VPN, Citrix, etc.) and mobile devices that access your systems so as to prevent the transport, storage or printing of sensitive data outside of company networks?
No    Somewhat    Yes
9. Are your data and systems being securely backed up at regular intervals in geographically distinct regions and do you have a robust disaster recovery plan that is tested on a regular (at least quarterly) basis?
No    Somewhat    Yes
10. Are your un-needed data and obsolete hardware devices being destroyed or disposed of in a secure manner?
No    Somewhat    Yes
11. Do you have an active configuration management and/or change control policy for your IT systems?
No    Somewhat    Yes
12. Are you performing routine vulnerability scans and activity monitoring for all of your IT systems?
No    Somewhat    Yes
13. Do you have established incident response procedures and is your staff aware of it?
No    Somewhat    Yes
14. Are your vendors and suppliers aware of their roles and responsibilities in managing security risks with signed agreements in place?
No    Somewhat    Yes
15. Are employees and senior executives aware of their roles and responsibilities in managing security risks with signed agreements in place?
No    Somewhat    Yes
16. Do you patch and update of all of your IT systems on at least a weekly basis?
No    Somewhat    Yes
17. Are you ensuring that sensitive data "at rest" (on disk, in a database, etc.) is stored safely utilizing strong encryption as necessary?
No    Somewhat    Yes
18. Are you ensuring that sensitive data "in transit" (moving over the network or internet) is securely encrypted as necessary?
No    Somewhat    Yes
19. Do you have an up-to-date policy for personal (user-owned) device and computer security standards (encryption, anti-virus, software, etc.) that is strictly enforced?
No    Somewhat    Yes
20. Are you routinely communicating the latest high-risk security threats and scams/phishing attempts to your employees?
No    Somewhat    Yes

Copyright © Netizen Corporation. All Rights Reserved.