MODERATE RISK: 15-25 POINTS HIGH RISK: 30-50 POINTS ESCALATED RISK: 55-100 POINTS LOW RISK: 0-10 POINTS
Cyber Risk Exposure Scorecard
Are You At Risk?
In recent years, cyber attacks have emerged as one of the most significant threats facing organizations of all sizes. The internet and other network operations have created risks that were unheard of less than a decade ago. When cyber attacks( such as data breaches and hacks) occur, they can result in devastating damage, such as business disruptions, revenue loss, legal
CONTACT OUR SENIOR VP BILL DALTON TODAY TO DISCUSS HOW CYBER COVERAGE CAN HELP PROTECT YOUR COMPANY’ S PRIVACY AND REPUTATION BDALTON @ CALLEGROW. COM 709-778-2398
EXPOSURE YES NO UNSURE SCORE
1. Does your organization have a wireless network, or do employees or customers access your internal system from remote locations? q q q
2. Does anyone in your organization take company-owned mobile devices( e. g. laptops, smartphones, and USB drives) with them, either home or when travelling? q q q
3. Does your organization use Cloud-based software or storage? q q q
4. Does your organization have a“ bring your own device”( BYOD) policy that allows employees to use personal devices for business use or on a company network? q q q
5. Are any employees allowed access to administrative privileges on your network or computer? |
q |
q |
q |
6. Does your organization have critical operational systems connected to a public network? |
q |
q |
q |
7. Does anyone in your organization use computers to access bank accounts or initiate money transfers? |
q |
q |
q |
8. Does your organization store sensitive information( e. g. financial reports, trade secrets, intellectual property, and product designs) that could potentially compromise your organization if stolen? q q q
9. Does your organization digitally store the personally identifiable information( PII) of employees or customers? This can include government-issued ID numbers and financial information. q q q
10. Is your organization part of a supply chain, or do you have supply chain partners? |
q |
q |
q |
11. Does your organization conduct business in foreign countries, either physically or online? |
q |
q |
q |
12. Has your organization ever failed to enforce policies around the acceptable use of computers, email, the internet, etc.? |
q |
q |
q |
13. Can the general public access your organization’ s building without the use of an ID card? |
q |
q |
q |
14. Is network security training for employees optional at your organization? |
q |
q |
q |
15. Can employees use their computers or company-issued devices indefinitely without updating passwords? |
q |
q |
q |
16. Has your IT department ever failed to install antivirus software or perform regular vulnerability checks? |
q |
q |
q |
17. Can employees dispose of sensitive information in unsecured bins? |
q |
q |
q |
18. Would your organization lose critical information in the event of a system failure or other network disaster? |
q |
q |
q |
19. Can employees easily see what co-worker are doing on their computers? |
q |
q |
q |
20. Has your organization neglected to review its data security or cyber security policies and procedures with the last year? q q q
TOTAL SCORE fees, forensic analysis, and customer or employee notifications. It is important to remember that no organization is immune to the impact of cyber crime. As a result, cyber liability insurance has become an essential component to any risk management program.
INSTRUCTIONS Begin by answering the questions below.
Each response will be given a numerical value depending on the answer:
YES: 5 POINTS NO: 5 POINTS UNSURE: 0 POINTS
EXPOSURE SCORECARD
After completing all of the questions, total your score to determine your organization’ s level of cyber risk using the scale below.
8 | FALL 2016