Calculate Your Cyber Score - Assess Your Cyber Security

Cyber Score

Welcome to the ultimate platform for assessing your organisation's cyber security readiness. Here’s a straightforward guide to using this tool:

Identify security measures

Mark Your Progress

Identify and select the security measures your organisation has already implemented.

Obtain your security rating

Calculate Your Score

Quickly obtain your cyber security rating displayed prominently on the dashboard.

Enhance your score

Explore and Enhance

Review the detailed information to gain insights and guidance on integrating these essential security measures.

Calculate Your Cyber Score in 3 minutes

Your Cyber Score

Contact Us

0%

Anti Virus | +1

Antivirus software is crucial for detecting, preventing, and removing malware. Implementing a cloud-controlled antivirus solution ensures continuous updates and centralised management, enhancing your system's defence against malicious attacks.

Cyber Essentials Certification | +2

Cyber Essentials is an annual certification managed by the National Cyber Security Centre. Obtaining this certification demonstrates your commitment to safeguarding your own data as well as that of your suppliers and customers through essential cyber security practices.

Cyber Essentials Plus | +2

Cyber Essentials Plus enhances the basic certification with additional requirements, including onsite testing, to ensure a higher level of security compliance and protection.

Cyber Awareness Training | +3

Regular cyber security training for employees is crucial. Keeping staff informed about current cyber threats and preventive measures strengthens your organisation's overall defense mechanisms.

No Personal Devices | +3

Allowing personal devices to access your network introduces significant security risks. Ensuring that all devices are company-owned and managed separates personal and corporate data, enhancing security.

Incident Reporting | +3

Clear incident reporting mechanisms are essential for effective communication about breaches. It's vital that employees know whom to notify and how to report incidents promptly and efficiently.

Penetration Testing | +3

Annual penetration testing by external experts helps identify vulnerabilities in your systems. This testing includes simulating real-world attacks on your systems and staff to reinforce your defences.

Application Whitelisting and RingFencing | +3

Application whitelisting and RingFencing provide precise control over which applications can operate and access data within your network. This approach not only prevents unauthorised applications but also restricts even approved applications from making system changes.

Cloud Controlled Network | +3

Utilising cloud-controlled network devices like firewalls, switches, and Wi-Fi ensures they receive automatic security updates, maintaining a robust defense against potential cyber threats.

Domain Name System (DNS) Filtering | +3

DNS filtering, or web filtering, is essential for protecting against malicious websites. It controls web access for your staff, ensuring they are shielded from potentially harmful online content.

Domain-based Message Authentication, Reporting and Conformance (DMARC) | +3

DMARC enhances email security by verifying that incoming messages are not spoofed. This helps protect against phishing and other email-based attacks.

Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) | +3

SPF and DKIM are standards for email authentication, helping to prevent spammers from sending messages with forged sender addresses from your domain, thereby protecting your brand's integrity.

Security Operations Centre (SOC) | +3

A SOC provides continuous monitoring and analysis of your network and systems. Managed by a third party, it helps identify and respond to security threats promptly.

Cyber Insurance | +3

Cyber insurance supports your organisation in the aftermath of a cyber attack, helping cover the costs associated with recovery and mitigating potential financial losses.

Email Filtering | +4

Advanced email filtering capabilities are crucial for reducing spam and blocking phishing attempts. This tool ensures that harmful or unauthorised emails do not reach your employees.

USB Control | +4

USB control policies help protect against data leaks and threats introduced by unauthorised USB devices. Configurable controls allow certain devices while blocking others.

Business Continuity Disaster Recovery (BCDR) Plan | +4

A robust BCDR plan ensures you are prepared to respond effectively to a security breach or data loss, minimising downtime and operational impact.

Device Encryption | +4

Encrypting device drives protects sensitive data in case of theft or loss, making the data inaccessible to unauthorised users.

Vulnerability Scanning | +4

Regular vulnerability scanning identifies security weaknesses in your network and devices, allowing you to address them before they are exploited by cyber criminals.

Endpoint Detection and Response (EDR) | +4

EDR goes beyond traditional antivirus by providing comprehensive visibility into potential security breaches and facilitating immediate response to incidents.

Network Segmentation | +4

Network segmentation divides your network into separate segments to contain breaches and reduce the lateral movement of attackers within your network.

Multi-Factor Authentication (MFA) | +4

MFA adds an additional layer of security by requiring multiple forms of verification to prove identity, significantly enhancing the security of user logins and transactions.

Password Manager | +5

A password manager securely stores and manages your organisation's passwords in one centralised location, reducing the risk of password theft or misuse.

Admin Access | +5

Limiting administrative privileges to necessary personnel minimises the potential for internal threats and reduces the attack surface within your organisation.

App Protection Policies | +5

App protection policies safeguard corporate data by controlling how data can be used and shared within apps on both corporate and personal devices.

Conditional Access (Devices) | +5

Conditional access policies ensure that device access to network resources is granted only under specific conditions, enhancing security, particularly for remote access.

Software as a Service (SaaS) Backup | +5

Backing up SaaS applications ensures that you can quickly restore your data and maintain business continuity in the event of data loss.

Air Gap for Your Backup | +5

An air-gapped backup provides a secure and isolated copy of your data that is not connected to the main network, protecting it from cyber attacks.