Is your company sure that its data is safe from cyberattacks? Can you guarantee you are doing all you can to secure confidential data? Do you know about the tools and practices that keep your system secure?
With the cost of a data breach averaging $4.45 million in 2023, cybersecurity has become a significant concern for businesses.
Many cyber insurance companies now insist clients use specific cybersecurity tools and follow certain procedures to qualify for coverage.
WEBIT Services has helped hundreds of clients in the Chicago area build effective cybersecurity strategies. It believes that knowledge is the first step in creating solid security practices.
In this article, you'll find self-assessment questions from a cyber insurance form. These questions will both teach readers about practical IT security tools and practices and can also help evaluate the effectiveness of your current IT security setup.
Cybersecurity Self-Assessment
These questions are split into two groups: protecting your network and protecting your employees.
If you answer "no" to any questions, talk to your IT provider or internal IT team to find out what you can do to fix it.
Protecting Your Network:
Network protection is a critical part of a sound cybersecurity system. Once cybercriminals access your network, they can wreak havoc on all connected systems and technology. Setting up quality network defenses is the first step.
Answer the following questions to see if your network is adequately protected.
1. Do you install security updates within 30 days of their release?
Keeping your software and hardware up to date is crucial to block cybercriminals from finding easy ways into your network.
2. Do you tag external emails to inform employees about messages from outside your company?
Tagging external emails warns employees about potential spam or phishing emails from cybercriminals.
- Do you use email protocols (SPF, DKIM, and DMARC) to stop phishing messages?
These protocols check if an email is from an authentic source and help prevent spam and phishing emails.
SPF, DKIM, and DMARC ensure the email is from a real email server or website. They make it harder to send harmful emails from fake sources.
4. Do you block access to known harmful websites with web filtering?
A website known for viruses or malware should be blocked to stop infections in your network.
5. Do you divide your network based on the type of information stored?
Specific systems should be locked off each other based on the information they hold and which departments need access. Segmenting your network like this helps isolate infections instead of spreading them through the entire network.
For example, the marketing team likely did not need access to the finance team's files and shared drives and vice versa. Therefore, these systems will remain separate on your network.
If someone on the marketing team accidentally downloads malware or exposes their system to ransomware, the attack is isolated to the marketing team's system.
6. Are you sure you're not using outdated (End of Life) operating systems?
Using old technology without security updates makes your system vulnerable. Make sure your systems are up to date for the best protection.
7. Can you confirm that you use an advanced endpoint detection and response tool (EDR) on all devices?
EDR tools continually monitor "endpoints" (i.e., any device that connects to the internet) to detect and alert users to suspicious behavior and cyber threats, including infection.
8. Do you utilize a SIEM monitored 24/7 by a SOC?
SIEM stands for "Security Information and Event Management." It helps identify potential security threats before they can disrupt your systems and business productivity.
A SOC is a Security Operations Center, a group of people, processes, and technology that analyze information collected by the SIEM. This team takes action based on the threats detected by the SIEM.
The Soc and SIEM work together to watch your network and catch and resolve potential threats before they cause problems.
9. Do you plan to get rid of unused systems securely?
Cybersecurity isn't only concerned with utilized technology; decommissioned technology can pose security risks.
Retired devices must be wiped of all data and network access.
Employees who leave the company must have all access revoked. This way, no one can use their credentials and enter your network.
10. Do you use advanced tools to protect against email threats?
Additional email protection tools help catch spam and phishing attempts.
Protecting Your Employees:
Human intelligence and resourcefulness are still our greatest tools for quality cybersecurity. Tools help prevent or detect cyberattacks, but tools are only as strong as your least tech-savvy employee.
Answer the following questions to help determine if your employees are prepared for cybersecurity success.
1. Do you regularly train your employees about security?
Regular cybersecurity training keeps employees aware of threats and helps them correct bad practices.
Because cybersecurity is constantly evolving, your training should also change to reflect the latest risks and best practices.
2. Do you test employees with fake phishing emails regularly?
Testing employees with fake phishing emails helps them recognize and avoid real ones, making your team more secure.
Cybercriminals use social engineering to convince users to give up their login credentials. Once they have user credentials, cybercriminals can access your network to steal data or launch an attack that shuts down critical systems.
Your IT provider or internal IT team can help build fake phishing emails to test employees. Both click and report rates are tracked to show employee awareness and the effectiveness of your security training.
3. Do employees only have access to what they need for their jobs?
Employees should only have access to the network areas, files, and shared drives needed to do their jobs.
Limiting employee access helps prevent a cyberattack from spreading across the network.
4. Do you use Multi-Factor Authentication for remote access?
Multi-factor authentication adds an extra layer of security, making it harder for cybercriminals to access your network even if they have login details.
Even if a cybercriminal gets an employee's login credentials, they cannot log in unless they also have the authentication code.
If a password is a lock on the door to your network, multi-factor authentication is the deadbolt.
Next Steps for Evaluating Your IT Security Strategy
If you answered "Yes" to all questions, well done! You have a strong cybersecurity foundation.
If not, talk to your IT provider about your risk profile and what practices or tools could strengthen your IT security and reduce IT risk.
Talk to your IT provider about the tools, procedures, and strategies you can add to your current cybersecurity setup.
In addition to your current practices, your IT provider should run quarterly risk assessments to discover vulnerabilities within your organization and recommend solutions.
If your provider or internal team is not doing risk assessments or bringing you the reports and recommendations, it may be time to rethink your partnership. Cybersecurity is too critical to take lightly.
WEBIT Services has established cybersecurity practices rooted in frameworks for hundreds of clients. In addition, it is passionate about education and effective cybersecurity.
If you are looking for a new IT provider, schedule a free 30-minute consultation to see how WEBIT can help.
If you're not ready to make a commitment but would like to learn more about cybersecurity, we recommend the following articles:
- Two-factor authentication: what it is and how it protects your organization
- Cybersecurity Risk Levels: Where do you draw the line?
- What is an incident response plan, and do you need one?
