There is a lot of information that has been squeezed into your report.
Our Cyber Assessment tool has analysed lots of items to produce the breakdown held inside.
Many of the items can be solved through our various software products and some can be addressed and enhanced through policies and training.
We will explain everything you will see and what you can do to help improve your CyberRisk Score.
Overall Site Score
How good is your security?
We use colour coding on your overall site and category scores to represent how well you are doing.
You're doing well
You are doing well to keep on top of your cyber security. Make sure you keep on top of this to ensure you don’t expose yourself.
Not critical but you are at risk and you should act to improve your security.
You have risks in your environment that could expose you. You should not ignore this and you need to act now.
How we calculate your score
The assessment compares your computer(s) against a set of tests. The more computers analysed, the more accurate the report. We have over 30 tests that are performed across the following categories:
Now the clever stuff
To provide a score, there are a couple of items we take into account.
Test weighting impact
We take each of the tests and apply a weighting against the impact each one poses. That means that the tests in the assessment do not all affect the score equally, but have a greater or lesser impact assigned by our proprietary algorithm.
For example, mandating that users create strong passwords is more critical to security than changing the domain policy password every 90 days. So, the test that checks that complexity is required in the local password policy is weighted more heavily than the test that checks if the domain policy password has been changed in the last 90 days.
Other impacting factors
Besides the weighting of tests, another factor that helps determine how much a test changes the score is how many objects (devices, users, accounts, etc.) are affected.
For example, if the “Software updates evaluation – Feature packs” test discovers that 20 devices are missing feature packs, that will lower your security score by a certain amount. If you then install the missing feature packs on ten of the twenty devices, your security score will be higher because fewer devices are affected by the missing security feature.
Count and Impact pie charts
Each test that is performed will be scored showing the number of times this result was triggered (count) and the impact as a percentage. The segments are colour coded into four issue levels as detailed below.
Let’s have a look at an example for User Security. We can see that 3 items have been flagged as severe and it’s impacting the score by 27.5%.
You should act now! A severe score is something you should do something about. We have several solutions that can help you improve.
Although minor, you should consider some form of action to recover before the issue gets worse. One of our solutions will help keep you on top of things.
Although not severe, you should look to act as soon as possible as these are likely to turn severe quickly. We have solutions to keep to keep you safe.
Great news! You have passed these tests with flying colours. Just make sure you stay on top of things to keep yourself green.
How we can help
We have options to help improve your overall security which, in turn, will help drive your CyberRisk Score positively. The table below will show the products to help solve identified issues.
|Antivirus issues||It is vital you have antivirus and firewall installed and up-to-date.||Protect your computers from malicious software which could bring your business to a costly halt.|
|Patch issues||One of the biggest risks is computers not being kept up to date.||Know that your team is working safely and up to date in and out of the office.|
|User issues||Make sure your accounts are not misused or stolen.||If the user account is accessed maliciously, customer data could be stolen exposing financial loss and possible GDPR fines.|
|Network issues||Make sure your WiFi is encrypted and configured securely.||Even if the WiFi is weak or set to default all computers need to be safe and kept safe.|
In association with the GMCC
The Cyber Essentials Security Report has been produced in association with the Greater Manchester Chamber of Commerce for its members.