A cyber security risk assessment identifies the information assets that could be affected by a cyber attack (such as hardware, systems, laptops, customer data and intellectual property). It then identifies the risks that could affect those assets. Often small and medium-sized companies (SMEs) relying on digital services do not realise how important it is to adequately invest in cybersecurity until they experience a security breach. The consequences can be significant, ranging from financial losses to damaged reputations.
In order to help SMEs to get a first understanding of the cyber risks threatening their organization and pave the way for putting in place correct risk assessment processes, Cyberwatching.eu, under the supervision of the leading provider of risk management AON, developed the “Cyber risk temperature tool” providing a preliminary cyber risk assessment for SMEs.
"While Europe is home to some of the world's leading cybersecurity SMEs, many small companies still underestimate cyber risks. The cyber risk assessment tool by cyberwatching.eu will allow SMEs of different digital maturity levels to evaluate their cyber security environment and identify stes towards reducing their vulnerabilities. These are necessary and important steps for all companies willing to succeed in digital economy" - Sebastiano Toffaletti, Secretary General at Digital SME Alliance.
The Cyber Risk Temperature Tool
The tool will help SMEs to understand the real situation about their cyber security environment and obtain an evaluation of their cyber security readiness.
The questionnaire consists of two main parts: in the first one, the respondent is asked to give a personal assessment of his/her company's IT security; while the second part features technical questions. The set of questions focuses on different topics in order to analyse the company through different areas, such as:
Through the attribution of a score, SMEs will be assigned to different profiles according to their level of vulnerability.
Answer the questionnaire, assesses your cyber security readiness and take decisions regarding cyber security issues based on your own assessment of corporate cyber security.