Cyber security assessment survey

Take our 7-question cybersecurity assessment to gauge your cybersecurity health. Please enter your email address so we can send you a copy of the feedback provided at the end of the survey. Email addresses are collected and processed in line with our privacy policy.

Please enter your email:

1. Do you have a documented IT risk assessment plan?

Note: An IT risk assessment plan helps you understand the risks in your IT systems so they can be acknowledged and mitigated.

 
 
 

2. Does your organisation require the use of Two-Factor-Authentication (2FA) for all staff?

Note: 2FA is also known as Multi-Factor-Authentication or MFA. MFA grants access based on a set of conditions or can prompt you for an additional security code when you log into online services like Microsoft 365.

 
 
 

3. Does your organisation provide regular security awareness training for staff?

Note: Security awareness training is an essential tool to help you and your staff understand cyber threats. It is most effective when it’s delivered on a regular basis and combined with phishing simulation tests.

 
 
 

4. Does your organisation carry out regular vulnerability assessments?

Note: A vulnerability assessment identifies weaknesses in the hardware and software you use. This allows these weaknesses to be managed before they can be exploited in a cyber attack.

 
 
 

5. Are backup solutions in place for all sources of critical data used in your business?

Note: Knowing where critical data is stored is essential to allow you to build a robust backup plan. These days data can be stored in multiple locations e.g. servers, laptops, cloud etc. so knowing where this data resides is imperative.

 
 
 

6. Does your organisation use an Endpoint Detection & Response (or EDR) system on all devices that is monitored on a 24/7 basis by a Service Operations Centre (or SOC)?

Note: EDR looks for emerging threats (e.g. ransomware etc.) that are often invisible to anti-virus software – a computer virus only becomes a virus when the threat is known – EDR looks for suspicious activity and acts before any damage is done.

 
 
 

7. Does your organisation use a Managed Detection & Response (or MDR) system for your Microsoft 365 accounts that is monitored on a 24/7 basis by a Service Operations Centre (or SOC)?

Note: MDR monitors your Microsoft 365 accounts. Where it sees a breach or an attempt to login from an unusual location (i.e. not where you normally login from) it will take defensive action to either prevent the breach or lock the hacker out to prevent any damage.

 
 
 

Question 1 of 7