How Vulnerable is Your Firm?

Probably more than you think. A recent survey by the Ponemon Institute found employees are 85% more likely to leak files now than they were pre-pandemic. Working with small and medium sized firms for more than a decade, we’ve developed an interactive scorecard to identify your firm’s level of potential exposures. Take the test and see how your business stacks up.

With the cost of cybercrime projected to hit nearly $11 trillion by 2025*, it is imperative for companies to ensure they are as insulated from risk as possible. To you evaluate your risk, we prepared a brief questionnaire that will provide a “cyber score” to determine whether your firm is taking sufficient precautions or is operating at an unacceptable (and incredibly dangerous) level of risk.

Security Assessment*
Do you run scheduled, thorough security assessments on your IT infrastructure at least twice a year?
Email Protection*
Do you have advanced email protection in place that includes spam filtering, cloud malware scanning and malware blocking, and trigger-based encryption?
Secure Passwords & Other Policies*
Do you have strict, written policies for staff to use secure passwords on all devices, set short screen timeout windows and follow other device access best practices?
Security Awareness*
Do you engage in user security training to ensure they are fully informed of the current threat landscape and understand the importance of following all policies and procedures?
Advanced Endpoint Detection & Response*
Is your firm protected by advanced detection and response at the endpoint (user level) that defends against not only malware and viruses but also cyber attacks, script-based threats and ransomware?
Multi-Factor Authentication*
Have you implemented multi-factor authentication on your network, any websites housing sensitive and financial data, and even social media to ensure passwords cannot be used to access your data if they are stolen?
Software Updates*
Are you certain that critical software updates are being applied to both user facing (e.g. Microsoft; Adobe) and server-side (e.g. Java) software?
Dark Web Research*
Are you checking the Dark Web regularly to determine whether your business information and/or credentials are posted for sale?
SIEM/Log Management*
Do you use best-practices security incident and event management that meets compliance mandates (if required) and includes team review of event and security logs to identify threats?
Firewall*
Do you have an advanced firewall that is both detecting and blocking intrusion attempts?
Web Gateway Security*
Do you have a secure web gateway to filter out malware, adware and email threats arriving through Web/Internet traffic and block them before they reach your users?
Encryption*
Are all your company files encrypted both in transit and at rest (where stored) — even on mobile devices?
Mobile Device Security*
Are all phones, tablets and other mobile devices on which your corporate data or applications reside fully secured and inventoried regularly?
Backup*
Is your data being backed up (and tested) both at your business location and a secure, cloud-based facility that follows best practices for data centers?
Cyber Insurance*
Do you have Cyber Breach coverage?
Your results and vulnerability level will be sent to you immediately.