More and more, small and medium-sized companies (SMEs) are relying on digital services to stay competitive in their markets. Often though, they do not realise just how important it is to adequately invest in cybersecurity until they experience a security breach. The unwelcome arrival of COVID-19 means that many companies are now totally dependent on digital services making this investment event more important.
With cyber-attacks on the rise, consequences can be significant for any organisation, from financial losses to damaged reputations. In many cases, SMEs find it very hard to implement efficient security measures because they are usually perceived as too complex, time consuming and requiring a high level of technical knowledge.
With the specific goal to tackle this issue and help companies’ staff to increase their awareness about basic cybersecurity concepts, four H2020 initiatives jointly developed a free-of-charge simple assessment which allows SMEs to measure their cybersecurity awareness skills, pinpoint their security gaps and implement the best practices in order to avoid being victim of a cyber-attack.
The “Cybersecurity self-assessment for SMEs” is a simple and quick online self-assessment questionnaire launched by 4 Cybersecurity research projects funded by the European Commission. In less than 15 minutes SMEs can easily understand where they stand in terms of cybersecurity practices implementation and learn basic security guidelines to be applied in their day-to-day routine.
The assessment focuses on eight different cybersecurity areas:
Philippe Cousin from SMESEC project assures: “the assessment will help companies’ staff to increase awareness about basic security guidelines to be applied in their day-to-day routine”.
SMEs or individuals successfully passing the test receive a certification of completion issued by the 4 H2020 projects: Cyberwatching.eu, CyberSec4Europe, CYBERWISER.eu and SMESEC. These projects are tackling cybersecurity and privacy from complementary perspectives, with the common aim of providing European SMEs with key resources to boost their online security.
cyberwatching.eu has provided content related to Risk Assessment leveraging the wide expertise of AON in this domain.
Risk assessment is a process which consists of different stages. Firstly, it is essential to identify and assess information assets; then, this information, together with relevant threat assessments, business impacts, benefits and costs, is used to assess which are the potential vulnerabilities. At this point these risks are listed in order of priority to define which mitigation measures can and must be implemented.
According to Nicholas Ferguson, Cyberwatching.eu Coordinator, “the self-assessment can help SMEs getting a first understanding of the risk assessment process and pave the way for putting in place a correct risk assessment process for their organisations”.