MODERATE RISK : 15-25 POINTS HIGH RISK : 30-50 POINTS ESCALATED RISK : 55-100 POINTS LOW RISK : 0-10 POINTS
Cyber Risk Exposure Scorecard
Are You At Risk ?
In recent years , cyber attacks have emerged as one of the most significant threats facing organizations of all sizes . The internet and other network operations have created risks that were unheard of less than a decade ago . When cyber attacks ( such as data breaches and hacks ) occur , they can result in devastating damage , such as business disruptions , revenue loss , legal
CONTACT OUR SENIOR VP BILL DALTON TODAY TO DISCUSS HOW CYBER COVERAGE CAN HELP PROTECT YOUR COMPANY ’ S PRIVACY AND REPUTATION BDALTON @ CALLEGROW . COM 709-778-2398
EXPOSURE YES NO UNSURE SCORE
1 . Does your organization have a wireless network , or do employees or customers access your internal system from remote locations ? q q q
2 . Does anyone in your organization take company-owned mobile devices ( e . g . laptops , smartphones , and USB drives ) with them , either home or when travelling ? q q q
3 . Does your organization use Cloud-based software or storage ? q q q
4 . Does your organization have a “ bring your own device ” ( BYOD ) policy that allows employees to use personal devices for business use or on a company network ? q q q
5 . Are any employees allowed access to administrative privileges on your network or computer ? |
q |
q |
q |
6 . Does your organization have critical operational systems connected to a public network ? |
q |
q |
q |
7 . Does anyone in your organization use computers to access bank accounts or initiate money transfers ? |
q |
q |
q |
8 . Does your organization store sensitive information ( e . g . financial reports , trade secrets , intellectual property , and product designs ) that could potentially compromise your organization if stolen ? q q q
9 . Does your organization digitally store the personally identifiable information ( PII ) of employees or customers ? This can include government-issued ID numbers and financial information . q q q
10 . Is your organization part of a supply chain , or do you have supply chain partners ? |
q |
q |
q |
11 . Does your organization conduct business in foreign countries , either physically or online ? |
q |
q |
q |
12 . Has your organization ever failed to enforce policies around the acceptable use of computers , email , the internet , etc .? |
q |
q |
q |
13 . Can the general public access your organization ’ s building without the use of an ID card ? |
q |
q |
q |
14 . Is network security training for employees optional at your organization ? |
q |
q |
q |
15 . Can employees use their computers or company-issued devices indefinitely without updating passwords ? |
q |
q |
q |
16 . Has your IT department ever failed to install antivirus software or perform regular vulnerability checks ? |
q |
q |
q |
17 . Can employees dispose of sensitive information in unsecured bins ? |
q |
q |
q |
18 . Would your organization lose critical information in the event of a system failure or other network disaster ? |
q |
q |
q |
19 . Can employees easily see what co-worker are doing on their computers ? |
q |
q |
q |
20 . Has your organization neglected to review its data security or cyber security policies and procedures with the last year ? q q q
TOTAL SCORE fees , forensic analysis , and customer or employee notifications . It is important to remember that no organization is immune to the impact of cyber crime . As a result , cyber liability insurance has become an essential component to any risk management program .
INSTRUCTIONS Begin by answering the questions below .
Each response will be given a numerical value depending on the answer :
YES : 5 POINTS NO : 5 POINTS UNSURE : 0 POINTS
EXPOSURE SCORECARD
After completing all of the questions , total your score to determine your organization ’ s level of cyber risk using the scale below .
8 | FALL 2016