Complete your Cybersecurity Assessment

This cybersecurity assessment is a set of guidelines and best practices to help organisations build and improve their cybersecurity posture. It puts forward a set of recommendations and standards that enable organisations to be better prepared in identifying and detecting cyber threats, and provides guidelines on how to respond, prevent, and recover from cyber attacks.

 

There is a lack of required standards when it comes to cybersecurity. That’s why this security assessment provides a uniform set of rules, guidelines, and standards for organisations to use across industries. To gain a deep understanding of your business’ cybersecurity measures and how they can be improved, the assessment categorises all cybersecurity capabilities, projects, processes, and daily activities into 5 core functions. These are:

 

 

If you are interested in finding out how secure your business is from cyber threats and what you can do to enhance your cybersecurity measures. Complete the security assessment below.

Complete your Assessment

Why you should complete a cybersecurity assessment

1

Gain a better understanding of current security risks

2

Prioritise the activities that are the most critical

3

Evaluate effective security tools and processes

FAQ

Why should I complete the cybersecurity assessment?

The assessment can help you with many common business challenges:

 

  1. You worry about unseen risks and vulnerabilities.
  2. You do not have an accurate inventory of assets that need to be protected.
  3. Your team spends much effort chasing items that will not have impact, while you would like them to focus on real risk.
  4. You want to know how to address risk items given your current tools and what’s available in the marketplace.
  5. Your colleagues outside the security team do not understand cyber risk and therefore fail to “own” critical mitigation tasks
  6. Your board is beginning to ask you about quantifying the risk reduction outcomes from the strategic cybersecurity plan that your team has been executing. “Are we compliant with NIST”?

 

The main objective of the cybersecurity framework is to help you prioritise cybersecurity investments and decisions. It helps you understand the maturity of your current program and offers suggestions for improvement.

How to implement and improve your cybersecurity program

While all the functions of the cybersecurity framework are important for different reasons, the Identify function is foundational. Identify is all about developing an accurate IT asset inventory, and understanding the criticality of assets. Identify is also concerned about discovering vulnerabilities that attackers can exploit. We recommend that you begin the framework alignment of your cybersecurity program by focusing on Identify.

 

Once you are well on your way with Identify, You can learn about how to implement the Protect and Detect functions. No matter how good your program is, some of your business components could very well be breached at some point of time. Therefore it is also crucial to make sure you know what you will do when you discover a data breach, and how you would restore your systems back to their state before the breach. Respond and Recover are essential elements for this type of incident.

What are the 5 core functions of the cybersecurity assessment?

Identify:

 

The Identify function is focused on laying the groundwork for an effective cybersecurity program. This function assists in developing an organizational understanding to manage cybersecurity risk to systems, people, assets, data, and capabilities. To enable an organization to focus and prioritize its efforts, consistent with its risk management strategy and business needs, this function stressed the importance of understanding the business context, the resources that support critical functions, and the related cybersecurity risks.

 

Protect:

 

The Protect function outlines appropriate safeguards to ensure delivery of critical infrastructure services and supports the ability to limit or contain the impact of a potential cybersecurity event.

 

Detect:

 

Detecting potential cybersecurity incidents is critical and this function defines the appropriate activities to identify the occurrence of a cybersecurity event in a timely manner.

 

Respond:

 

The Respond function focuses on appropriate activities to take action in case of a detected cybersecurity incident and supports the ability to contain the impact of a potential cybersecurity incident.

 

Recover:

 

The Recover function identifies appropriate activities to renew and maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity incident. Timely recovery to normal operations is impressed upon, to reduce the impact from a cybersecurity incident.

Complete your Assessment

Are you ready to solve your business problems?