Questions by Ron December 19, 2016 in No Comments 11708 Start the Quiz Does your organization have a documented Cybersecurity program? yes No Does your organization have dedicated Cybersecurity staff that hold industry standard certifications (I.E. CISSP, CEH, GSEC, and Security+)? Yes No Does your organization track security metrics today? If so, does the results help direct your information security program/road map? Yes No I Don’t Know Does your organization maintain an up to date asset inventory? If so, do you evaluate, classify, and inventory assets according to risk? Yes, we have a formal asset management system Yes, we use a spreadsheet to track assets No Does your organization currently utilize security technologies that extend beyond traditional Firewall and/or Unified Threat Management appliances (I.E. SIEM/Logger/Vulnerability Scanning/Threat Feeds, etc.) ? Yes, we have a formal asset management system Yes, we use a spreadsheet to track assets No Is your organization able to detect and identify real-time security threats? If so, do you have reports that showcase compliance/due diligence in this area? Yes, we receive actionable threat intelligence from a centralized security platform Yes, we are using a SIEM to identify and respond to threats Yes, we utilize point solutions like Anti-Virus and Anti-Malware software, Firewall, IDS, IPS, etc. No, we don’t have that capability today Is your organization required to comply to a regulatory body (I.E. HIPAA, SOX, PCI, SEC, FFIEC)? Yes, we have a formal patch management system Yes, although it’s not formal and is best effort No Is your organization performing routine vulnerability assessments? Yes, vulnerability scans are scheduled on a regular basis Yes, occasionally Yes, but rarely No Does your organization have security staff assigned to continuously monitor network traffic for insecure behavior? Yes, we use IDS and/or IPS sensors, Netflows, NextGen Firewall, or combination of point solutions Yes, we collect firewall logs only No Does your organization have the ability to detect, audit and report on user access changes or privilege escalation within the network? Yes No Does your staff know when someone is scanning and/or attempting to exploit a vulnerability on a service at your organization? If so, does this information roll up to a report that is readily available? Yes, we have a SIEM solution and are responding to real-time threats Yes, we have a centralized syslog sever Yes, we have logs from security event viewer Yes, other No, we do not retain logs Does your organization have the ability to audit and report on policy violations or potential insecure behavior within the network? Yes, we have a SIEM solution and are responding to real-time threats Yes, we have a centralized syslog sever Yes, we have logs from security event viewer Yes, other No, we do not retain logs Does your organization have the ability to provide logs to an Incident Responder in the event of a Cybersecurity incident or breach? Yes No Does your organization keep raw logs for a specified period of time for forensic purposes? Yes No Does your organization have an incident response experience/team on-site to deal with potential threats and/or breaches to your environment? No Name Business Email Phone Number Time's up Share Recent Posts i90 Release Notes 1.15.0 November 4, 2024 Microsoft Exposure Assessments October 29, 2024 i90 Release Notes 1.14.0 September 3, 2024