Assessment – Cybersec Solutions LLC

Cybersecurity Maturity Assessment

I agree to the Mutual Non-Disclosure Agreement (NDA) and Terms of Service .

CYBERSEC SOLUTIONS LLC

Question 1 of 15

In the event of a breach right now, are there documented procedures that clearly define every employee's role?

Fully Documented & Tested Documented but not tested Basic Guidelines Only No Clear Roadmap

CYBERSEC SOLUTIONS LLC

Question 2 of 15

How does the organization ensure that departing employees effectively lose all access to all systems?

Automated & Immediate Revocation Manual Periodic Review Dependent on Manager Request No Formal Process

CYBERSEC SOLUTIONS LLC

Question 3 of 15

Can sensitive company data be moved to unauthorized devices (via USB or private cloud) without alerting management?

Technically Restricted & Monitored Possible but requires approval Limited Controls in Place No Restrictions/Not Monitored

CYBERSEC SOLUTIONS LLC

Question 4 of 15

When a suspicious email is received, is there a technical mechanism for immediate reporting and analysis?

Dedicated 'Report' Button & SOC Analysis Manual Email to IT Support Informal Notification No Reporting Mechanism

CYBERSEC SOLUTIONS LLC

Question 5 of 15

What is the maximum downtime the organization can tolerate before critical services must be fully restored?

Less than 4 Hours (High Resilience) Within One Business Day Up to 48 Hours Not Formally Defined

CYBERSEC SOLUTIONS LLC

Question 6 of 15

How do you ensure that the software used does not contain forgotten vulnerabilities from previous years?

Automated Periodic Technical Scans Manual Periodic Updates On-Demand Updates Only Only After a Problem Occurs

CYBERSEC SOLUTIONS LLC

Question 7 of 15

Are Technical Vendors required to adhere to the same security standards that your organization applies?

Yes, by Contract & Active Audit Signed Security Questionnaire Only Basic Reference Check No Security Requirements

CYBERSEC SOLUTIONS LLC

Question 8 of 15

If a senior leader's laptop is lost, is the data inside guaranteed to be unreadable by unauthorized parties?

Yes, Full-Disk Encryption Enforced Password Protected Only Basic OS Login Protection Data is Not Encrypted

CYBERSEC SOLUTIONS LLC

Question 9 of 15

How are unusual activities (e.g., late-night logins) monitored on the organization’s critical systems?

24/7 Automated SIEM/SOC Monitoring Logs Reviewed Monthly Logs Checked Only Post-Incident No Active Monitoring

CYBERSEC SOLUTIONS LLC

Question 10 of 15

Are copies of vital data stored outside the main headquarters to ensure survival in case of a physical disaster?

Yes, Immutable Geo-Redundant Backup Off-site Physical Storage Local Backup Only No Off-site Backups

CYBERSEC SOLUTIONS LLC

Question 11 of 15

Do systems that handle customer data undergo an independent security assessment before they are launched?

Yes, Full Third-Party Penetration Test Internal Security Review Basic Functionality Testing Relies on Developer Promises

CYBERSEC SOLUTIONS LLC

Question 12 of 15

How capable is the organization of proving its ongoing compliance with regulators and auditors?

Ready with Instant Automated Compliance Reports Needs 3-5 Days to Manually Compile Data Compliance is Checked Only Once a Year No Formal Mechanism to Prove Compliance

CYBERSEC SOLUTIONS LLC

Question 13 of 15

Are the powers of 'System Administrators' controlled to prevent potential misuse of authority?

Yes, Dual-Control & Privileged Access (PAM) Standard Admin Account Management Basic Identity Separation No Active Oversight

CYBERSEC SOLUTIONS LLC

Question 14 of 15

How is old data that the organization no longer needs handled or disposed of?

Certified Secure Digital Destruction Manual Permanent Deletion Occasional Archive Cleaning Remains in Archives Forever

CYBERSEC SOLUTIONS LLC

Question 15 of 15

Does senior management have a dashboard or report that shows the current level of cyber risks?

Yes, Real-time Dashboard/Quarterly Reviews Annual Written Reports Ad-hoc Updates Only No Regular Risk Reporting