What are your primary concerns around Cybersecurity? (data leakage, downtime, legal/regulatory/compliance, reputation, improve posture)

What industry or customer concerns do you have around compliance?

Is there an existing “baseline” or any security framework that you are aligned to? (NIST, CIS, ISO)?

Other?

Are you aware of the sensitive data that is regulated in your business? Do you have a Written Information Security Plan?

How often do you review / update?

Have you used a third party to validate your results?

Do you have an employee handbook that establishes the “acceptable use” policy and security expectations for employees?

It’s no secret that Business Email Compromise is the #1 vector for cyber-attacks, how are you managing email security? Which products do you use?

Do you have an Incident Response Plan? Have you identified a partner for Digital Forensics and Incident Response?

Are you using the services of a Security Operations Center, are they consulting with you on threat intelligence?

Do your HR policies and procedures include employee cybersecurity training? What frequency?

Do you have a Vulnerability Management Program? Briefly describe please.

Do you maintain a current inventory of software and hardware assets? Are all these products under contract and supported by the Original Equipment Manufacturer?

How quickly are user accounts disabled upon termination of an employee?

CyberSecurity Questionnaire

Send us your answers