Cyber Risk Assessment: 4 Ways Your Employees Could Be Putting You At Risk

Take our cyber risk assessment to avoid 4 common pitfalls. Your organization’s cybersecurity is a team effort, so if your employees aren’t prepared, they could be unknowingly putting you at risk.

We’re sharing 4 simple questions to consider that will assess the cyber readiness of you and your employees. Touching on training, awareness, response, and policies, you’ll be able to evaluate your current efforts and take note of where adjustments or improvements need to be made.

With the ability for hackers to establish a foothold in your business with little to no effort, it’s time to take action. Download our infosheet to take the full assessment and build your defences. The data we’ve included is based on the results of 1,000+ security risk assessments for small and medium-sized businesses*, so you can see where your organization fits in.

4 ways your employees could be putting you at risk.

Ask yourself:

1. Do you programmatically train and test your employees about current security threats, company security policies, and the personal role each employee plays in keeping the business safe from cyber threats?
   
   Employees that are not trained or tested on cyber threats are a potential problem. You can’t assume that they’ll know the basics of cybersecurity. In our study, a surprising 57% of businesses surveyed have not informed and trained their users on cybersecurity.

The solution? Security awareness! Train your employees often, teaching them about data security, email attacks and your own company’s policies and procedures.

2. Do you maintain awareness of the latest tools, tactics and procedures (TTP) of cyber criminals and regularly assess your environment for vulnerabilities and potential defensive blind spots?

Ready to assess your organization’s risk? Download our infosheet to take the full assessment.

A whopping 48% of businesses assessed had not analyzed cybersecurity attack targets and methods. That’s a lot of potential security blind spots going unnoticed.

Again, security awareness is the solution here. It is important to establish a defensive baseline and close existing vulnerabilities. Look for tactics that target users, e.g., how much SPAM is reaching employees? Are strong passwords enforced? Do you deny or limit USB access?

3. If, for example, you discovered a phishing campaign targeted at your finance team or potential exposure of confidential information due to a system misconfiguration, do you have cyber incident response policies and plans in place for remediation? 

Again, 48% do not have a response plan for a cybersecurity incident. Don’t be one of them!

The solution is to craft an incident response plan. The National Institute of Standards and Technology (NIST) outlines four phases of an incident response plan: preparation; detection and analysis; containment, eradication, and recovery; and post-incident activity.

4. And the final question? Download our infosheet to finish the cyber risk assessment.

The results of your cyber risk assessment

How did your business fare with the assessment? Through our Managed IT Services in Vancouver we can help you better protect your business. Identifying security blind spots, we’ll customize your protection to the unique needs of your business. Get in touch, let’s secure your IT infrastructure against any external threats. Call us Toll Free at 1.866.266.7761 or use the form on our website.

*Results of more than 1,000 risk assessments completed by ConnectWise partners reveal that a majority of small and medium-sized (SMB) businesses do not have cybersecurity protection at the top of their agenda and are highly prone to risks and vulnerabilities. The risk assessments reveal that an alarming 69% of SMBs have not identified and documented cybersecurity threats, while two-thirds (66%) have not identified and documented cybersecurity vulnerabilities. ConnectWise study, July 2019.