Frequently Asked Questions (FAQs):
The small business self risk assessments are a collection of interactive documents on multiple subjects ranging from how secure your laptop is to preventing ransom-ware from getting to your systems. They apply to both home and business. These documents present you with specific questions about what you have, how it compares to what is considered 'more secured', and point to our articles on how to fix or patch whatever problems you have. Many of these articles attempt to not re-invent the wheel so we do reference other internet resources to help you out if necessary. Remember, you do not need to be an expert to apply safe-security practices or to apply effective security controls. Each question we ask in a risk assessment is weighed in importance by us. Your risk level will vary depending on your answers. After you finish a risk assessment for a particular topic, you can email it to yourself for reference or just save and print out the PDF file- It will show your risk level as well as all the issues you may need to fix and links to our guide documents. You can even forward this reference email to an IT contractor to do the work for you if you want, though they will need to be logged into your account to view our guides. You can take any risk assessments as many times as you would like.
Our small business self risk assessments are based off our own qualitative analysis methods, allowing us to quickly identify potential risks as well as determine the magnitude/likelihood of potential consequences to assets and resources that are vulnerable to these risks.
There are 2 sets of risk assessments:
- Foundational Risk Assessments - These assessments get you to a great baseline of cyber-security to stop cyber attackers.
- Defense In Depth Risk Assessments - These assessments add extra layers of security to help achieve "Defense In Depth", more completely protecting from cyber attackers.
After you complete any risk assessment, you have a choice for our system to save your risk assessment score. This risk assessment score will aid you getting an overall risk evaluation of your cyber security on 'Overall Business Cyber Risk Score' page. You get an evaluation grade that will tell you where you're at and keeps track of your assessment scores, etc.
All risk assessments are meant to done once per year since we update them throughout the year reflecting fixes and safeguards that protect from the newest security threats. Doing a single risk assessment might take around 10 or so minutes to complete, but following the assessments's recommend fixes may take more time for you to apply.
To see the guidelines, visit here.
You should absolutely retrain your cyber security awareness at least once a year. You also need to assess your risk of a cyber security breach at least once per year. The cyber security landscape changes almost on a daily basis so periodic, if not regular, retraining and risk reassessments are highly highly recommended.
We happen to provide security awareness training and risk assessments for nearly all aspects of your small businesses. We update our classes constantly as the threat landscape changes, so that when you return to retrain the next year, there will always be some notable important differences- so it's important that you take *all* the awareness classes and risk assessments you have access to yearly.
As a member of GetCyberSecured, you get access to our exclusive Reminder Service.
We highly recommend signing up for this service below to help you stay on track with keeping your life and computer systems highly secure.
With this simple service, we'll automatically send you periodic reminder emails about when to use any GetCyberSecured services you've subscribed to for up to 3 years, enough time for you understand and schedule these event patterns in your personal calendar.
- Get reminders to start and complete your security awareness training as well as Risk Assessments.
- Get reminders of when it's ideal to make backups of your systems.
- Get reminders of when it's ideal to update your systems.
- Get reminders before key dates related to protecting your identity.
- Get yearly notifications to do your Risk Assessments (RA's).
- You'll get notified periodically when we make significant updates to any content that you may want to check. Sometimes we may notify you that we put new content up relating to recent big cyber attack events, news, and fixing these issues.
- We may send out greatly beneficial information, products, or services that we believe would help you be even more secure.
To learn more about what a DISO is (as featured on our pricing page), visit below:
This is a very useful and special tab/page that shows a letter grade/ranking easily signaling to you where you are at in your securing. It also shows what securing activities you have done and what you have left to do. This grade/rank is great to brief to the small business owner if you're a DISO.
Letter Rank Score:
This feature uses our own unique algorithm to calculate and take into account all the completed risk assessment results, security awareness training, and some extra maintenance questions to give you the letter grade/rank. Your results for each section will last 1 year from completion before you have to re-do them again- security is a never ending endeavor if you want to keep secure. Luckily, we keep it manageable here :-).
A Cyber secured Badge (there are currently 3 styles/sizes):
When you get and maintain an "A" status grade, you'll be able to place a verifiable 'trust' badge on your website to help tell current and future customers that you're trustworthy when it comes to yours and their security. People will be able to click the trust badge and it will take them to your Cyber Secured certificate.
Cyber Secured Certificate:
Every 6 months you'll be required to sign in and re-certify your business. It could be as simple as clicking the certify button if all your cyber securing (risk assessments, security awareness course, maintainance) is complete. This 6 month certificate expiration will allow some wiggle room if one of your sections expires past their 1 year completion date. It will give you time to complete them to maintain that "A" status. It also gives you a heads-up for what is coming up on needing re-cyber-securing.
Signs/Placards:
Signs/placards can also be made to print, displaying to other customers at your store or booth that you went through the rigors of Cyber Securing your business for yourself and to further gain their trust.
The knowledge-base is a private section of GetCyberSecured.com, the comments of a particular blog post that you can ask about securing. You can also search for questions (in the comments) asked previously by users to see if you can get your questions answered instantly before you talk to one of our cyber security professionals. There are no user's private information in the knowledge base.
In our higher level plans, we have policy generators that allow you to generate a policy. The policy comes from a template and you can modify it to fit your business. After the policy is generated in a pdf or text (email) format, you may use it for your business if all checks out after your own legal review.
The following policies can be generated through GetCyberSecured:
- Computer & Internet Usage
- Data Protection
- Confidentiality Policy
- Cyber Security
- Bring Your Own Device (BYOD)
- Social Media
The security awareness course teaches and tells you about security awareness through scenario based exercises. You read and answer questions in the following categories:
- Safe Computer and Web Browsing
- Social Engineering
- Social Engineering 2 -Phishing
- Social Networking and Social Media
- Office Security
Completing these sections can take 10-20 minutes each.
All packages are priced per year and thus, you can complete any courses or assessments within that time, or not complete them. We highly highly recommend yearly retraining to learn about the always-changing security landscape.
All courses and assessments are at your own pace. The medium plan containing many risk assessments may take 30 minutes to an hour total to complete all of them, if not more. Following recommendations or guides referenced in the material may several hours, days, weeks, or months, depending on what all you need to fix. Figure all this time into your membership.
All Courses and assessments are generally tailored for business's with PC's using the latest Windows OS or Mac OS and iOS/Android mobile devices.
All you or your employees require to view courses is an internet-connected web browser, (Chrome, Safari, Firefox, Edge) circa 2017.
Simple. There is a 15-day money back guarantee. You can cancel your membership at anytime within 15 days of the initial purchase of a membership plan and get your money back if you're not satisfied. Just send us a message within 15 days through our contact page if you want to cancel with your money back.
While our plans are meant for the initial prevention of security issues for small businesses, you can review our sections on fixing and post break-ins to appropriately respond to an incident. You are also welcome to ask any questions you'd like to our cyber security professionals on issues that you have regarding this, assuming you're in that level of membership.
None of our services are designed to help you pass all audits, though they might end up doing so if you follow our cyber-secured system.
We do cover securing aspects for compliance requirements for HIPAA, PCI-DSS, and GDPR in our defense-in-depth risk assessments. We are not considered a de-facto source for securing for these compliance standards, only the official sources of the regulations can tell you exactly what you need to do, but we do try to point you in the right direction for following these standards from a cyber-security point of view.
We provide you the tools and information to secure your small business procedures and practices. We do cover protecting your website(s) from cyber attacks in our "Defense in Depth" risk assessments.
Protecting a website from cyber attacks can get very technical and may require a specialized security expert for web apps. We try to keep with the security fixes that almost anyone can do so we offer practical fixes that most people can apply themselves, or at least point you to services that may best help you.