Cyber Risk Assessment

Jul 8, 2020 | Advice & Guidance, Cybersecurity

Love this Post ? Spread the Word

Share on facebook
Share on twitter
Share on linkedin
Share on email

First of all, an apology up front for stating the obvious. Here goes:

Every business is unique

Well, duh!

What might not be quite so obvious, though, is that every business needs a tailor-made cybersecurity plan. One size definitely doesn’t fit all. No two businesses have identical equipment, premises, staff, and services, and no two businesses share identical philosophies and processes, strengths and weaknesses.

Our first task, with every new client, is a cyber risk assessment. We carry out a survey on every aspect of the company’s IT system, and the results will help us to compile a bespoke security plan. Why not take our free, do-it-yourself cybersecurity risk assessment.

The staff

As a general rule, employees who have many years’ IT experience will make fewer errors than newbies. Daring to generalise further, I’d say that a teenaged employee will have a more cavalier attitude towards procedure and security. I mean, let’s face it: did any of us follow all the rules and consider every risk at that age?

However well-meaning, hard-working, and intelligent your staff are, they can still do a lot of damage simply by not knowing. Naivety can be disastrous!

For example:

  • Do your employees know how to identify a potential phishing scam? Would they be able to identify a potentially harmful attachment? Are they aware that these threats are common and dangerous?
  • How do your staff treat passwords? Do they disclose passwords to one another? Do they re-use passwords for convenience?
  • Do your staff understand that printers, scanners, and photocopiers are vulnerable to cyberattack? That any device with Internet connection provides a way in for hackers?

Management and policies

Okay, now let’s talk about you: the business owner. Company policies are your responsibility to put in place, monitor, and enforce. Do your policies and procedures support cybersecurity?

For example:

  • If staff use their own devices for work, do you take steps to ensure that company data is protected? Do you have clear rules in place? Do you use Identity and Access Management?  
  • Do you ensure that passwords are changed routinely?
  • Is there a policy in place to protect printed data?
  • Is staff training provided?
  • Do you have a business continuity plan?

Hardware and Software

Not all IT disasters are down to human error. Equipment needs upkeep and monitoring.

For example:

  • Has all software received necessary updates?
  • Is online connectivity between devices (Internet of Things) checked on a regular basis?
  • How old are your computers? Have all required system upgrades been installed?
  • Are network security and firewall systems regularly updated and monitored?
  • Is your back-up system regularly updated?

24/7 Protection

If you feel you’re not totally protected against cyberattack, give us a call on 01263805012 to discuss a 24/7 cybersecurity service. Or contact us by email at info@fortify247.co.uk.

Why not take this FREE cyber risk assessment!

Article produced for and on behalf of Fortify247 Ltd by Hazel @ Folio Copywriting

Get a FREE Cyber Security Risk Assessment NOW!

Answer 15 questions to determine your Risk Score.