Read Time: 2 Minutes
F-Secure has created a new test to help companies assess their cyber security posture. The Cyber Security Stress Test is a simple, 20-question test that covers a range of topics about cyber security – everything from endpoint protection to company policies and practices.
The questions have been selected to be simple and accessible, yet specific enough to give respondents insight into how well their various processes prepare them to defend against fairly typical online threats. It’s not a replacement for a full-blown security audit, but it’s enough to ensure respondents become informed about what their companies are doing right, and what they should focus on improving to prevent security incidents.
After completing the 20 questions, respondents are given a rank between 1 and 5. “5” indicates a relatively strong cyber security posture, and a correspondingly “low” risk of a security incident. “1” indicates a weaker cyber security posture, meaning the respondent’s company has a correspondingly “high” risk.
But what’s more important than the rating are the tips given once the test is complete. These tips are designed to give IT personnel concrete actions they can take to address security deficiencies. Because the test is free to take and relatively fast, it gives IT admins a way to begin taking immediate steps to improve their company’s security.
Here’s a few examples of the tips provided by the test:
“Corporate services that are typically opened up for BYOD access include e-mail, intranet, travel management, CRM, worktime-reporting and corporate-wide subscriptions to online news media and periodicals. While the BYOD devices are not typically centrally managed, there are ways to extend endpoint protection to such devices on incentive-based schemes. One such scheme is to provide the workforce with a license grant for endpoint security products to be used on their own devices.”
“Make sure you have taken end-users’ management rights into account.”
“Make sure that your public web servers are in a different network from your production systems. This will ensure that DOS attacks on your public website don’t kill your business systems.”
October is National Cyber Security Awareness Month (or European Cyber Security Month in Europe), so spend a few minutes to fill out the test and learn more about your company’s cyber security posture.