Cyber Score

Welcome to your one-stop checklist to measure the cyber security defences in your business.

This checklist is divided into two sections: basic and advanced. Basic will cover the essential measures you should have in place to protect your business from cyber threats. Advanced takes it that step further to ensure you’re giving cyber criminals a run for their money.

You’ll see your overall score over here on the right. →

And next to basic and advanced you’ll see your score for each section. So, what are you waiting for? Start your journey to being cyber secure today.

%

Basic

0%

Multi-Factor Authentication (MFA) Enforced

MFA is an authentication method that requires two or more verification factors. For example: when you login to your email account, you may type in a password, followed by a six-digit code from an MFA app.

Learn more

Admin Access

Only specified employees should have admin controls on your system, not all standard logins. Doing this reduces the risk from internal threats, intentional or not.

Cyber Essentials Certification

Cyber Essentials is a yearly renewal certification managed by the National Cyber Security Centre.

Having a Cyber Essential certification shows your commitment to keeping your data, as well as supplier and customer data safe with essential security measures in place.

Learn more

Cloud Controlled Network

Modern firewalls, switches and wireless devices should be controlled via a cloud service. This gives automatic security updates and peace of mind.

Domain Name System (DNS) Filtering

DNS filtering is also known as web filtering. It is a valuable tool in the protection of your business and staff when browsing the web.

It protects you from potentially malicious websites and can apply controls to which sites can be accessed by employees.

Software as a Service (SaaS) Backup

Your operating software, such as Microsoft 365, needs to be backed up to ensure you are protected and that you can restore your data in the event of a breach. Microsoft do not backup your data.

Anti Virus

Anti virus is software that is designed to help detect, prevent and remove malware. A cloud controlled anti virus product should be implemented.

Email Filtering

Email filtering reduces SPAM, malware and blocks phishing and impersonation attempts.

We offer this through our partnership with Mimecast. Their cloud-based email security filtering removes risk by blocking 100% of known viruses and more than 99% of emails before they reach your network.

Their software also re-writes links and scans sites in real-time once the link has been clicked to ensure suspicious sites are blocked.

Cyber Awareness Training

Giving your staff regular cyber security awareness training is an important part of your defence. Staff need to be kept up to date to allow them to understand modern cyber threats and how to prevent incidents.

Device Encryption

Encrypting drives in machines gives you data protection in the event of loss or theft.

No Personal Devices

Personal devices, such as laptops or work stations, that access your system can cause security risks. All devices should be company owned and controlled. Mobiles are separate to this.

Air Gap for Your Backup

Standard backups are now the target for ransomware, therefore, it’s important to protect them. An “air gapped” backup system is where there is an additional backup copy not attached to the live network.

Business Continuity Disaster Recovery (BCDR) Plan

Do you have a plan in the event of a security breach or loss of data/network?

If not, you need to document your core systems and an itinerary of what needs to be restored first. Make sure this is accessible in the event of a breach.

Vulnerability Scanning

Vulnerability scans search for security weaknesses in your devices and networks that can be exploited by cyber-criminals.

The results of the scans can help you build on and maintain your cyber security measures. Regular internal and external vulnerability scanning should be carried out.

Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM)

SPF and DKIM records to help with sender verification.

SPF allows email senders to define which IP addresses are allowed to send mail for a particular domain. DKIM provides an encryption key and digital signature that verifies that an email message was not forged or altered.

Penetration Testing

Penetration testing checks for vulnerabilities and can verify if entry to your systems is possible. This is typically carried out by an external company who will test your systems, as well as your employees by means of phishing attempts.

A penetration test should be carried out on a yearly basis.

Endpoint Detection and Response (EDR)

This is an advancement on standard anti virus. EDR gives a clearer picture of a breach and aids remediation.

Cyber Insurance

Cyber Insurance can assist in the event of an attack to help identify what happened, as well as helping you get back up and running.