Frequently Asked Questions (FAQs)

Consulting: What can I ask to your Cyber Security Professionals?

What are the self risk assessments you provide?

The small business self risk assessments are a collection of interactive documents on multiple subjects ranging from how secure your laptop is to preventing ransom-ware from getting to your systems. They apply to both home and business. These documents present you with specific questions about what you have, how it compares to what is considered 'more secured', and point to our articles on how to fix or patch whatever problems you have. Many of these articles attempt to not re-invent the wheel so we do reference other internet resources to help you out if necessary. Remember, you do not need to be an expert to apply safe-security practices or to apply effective security controls. Each question we ask in a risk assessment is weighed in importance by us. Your risk level will vary depending on your answers. After you finish a risk assessment for a particular topic, you can email it to yourself for reference or just save and print out the PDF file- It will show your risk level as well as all the issues you may need to fix and links to our guide documents. You can even forward this reference email to an IT contractor to do the work for you if you want, though they will need to be logged into your account to view our guides. You can take any risk assessments as many times as you would like.

Our small business self risk assessments are based off our own qualitative analysis methods, allowing us to quickly identify potential risks as well as determine the magnitude/likelihood of potential consequences to assets and resources that are vulnerable to these risks.

There are 2 sets of risk assessments:

Foundational Risk Assessments - These assessments get you to a great baseline of cyber-security to stop cyber attackers.
Defense In Depth Risk Assessments - These assessments add extra layers of security to help achieve "Defense In Depth", more completely protecting from cyber attackers.

After you complete any risk assessment, you have a choice for our system to save your risk assessment score. This risk assessment score will aid you getting an overall risk evaluation of your cyber security on 'Overall Business Cyber Risk Score' page. You get an evaluation grade that will tell you where you're at and keeps track of your assessment scores, etc.

All risk assessments are meant to done once per year since we update them throughout the year reflecting fixes and safeguards that protect from the newest security threats. Doing a single risk assessment might take around 10 or so minutes to complete, but following the assessments's recommend fixes may take more time for you to apply.

How often should I retrain and reevaluate my risk to cyber attacks on myself or my business?

You should absolutely retrain your cyber security awareness at least once a year. You also need to assess your risk of a cyber security breach at least once per year. The cyber security landscape changes almost on a daily basis so periodic, if not regular, retraining and risk reassessments are highly highly recommended.

We happen to provide security awareness training and risk assessments for nearly all aspects of your small businesses. We update our classes constantly as the threat landscape changes, so that when you return to retrain the next year, there will always be some notable important differences- so it's important that you take *all* the awareness classes and risk assessments you have access to yearly.

What is the "Reminder" Service?

As a member of GetCyberSecured, you get access to our exclusive Reminder Service.

We highly recommend signing up for this service below to help you stay on track with keeping your life and computer systems highly secure.

With this simple service, we'll automatically send you periodic reminder emails about when to use any GetCyberSecured services you've subscribed to for up to 3 years, enough time for you understand and schedule these event patterns in your personal calendar.

Get reminders to start and complete your security awareness training as well as Risk Assessments.
Get reminders of when it's ideal to make backups of your systems.
Get reminders of when it's ideal to update your systems.
Get reminders before key dates related to protecting your identity.
Get yearly notifications to do your Risk Assessments (RA's).
You'll get notified periodically when we make significant updates to any content that you may want to check. Sometimes we may notify you that we put new content up relating to recent big cyber attack events, news, and fixing these issues.
We may send out greatly beneficial information, products, or services that we believe would help you be even more secure.

What is a DISO? (On our pricing page as 'Trains Employee To Secure For You')

What is the 'Overall Business Cyber Risk Graded' and "Cyber Secured Trust Badge" feature?

This is a very useful and special tab/page that shows a letter grade/ranking easily signaling to you where you are at in your securing. It also shows what securing activities you have done and what you have left to do. This grade/rank is great to brief to the small business owner if you're a DISO.

This feature use our unique algorithm calculate and take into account all the risk assessment results, security awareness training, and some extra maintenance questions to give you the letter grade/rank.

When you get and maintain an "A" status grade, you'll be able to place a verifiable 'trust' badge on your website to help tell current and future customers that you're trustworthy when it comes to yours and their security. People will be able to click the trust badge and it will take them to your Cyber Secured certificate. This is what the badges look like:

How do the custom email and text message (sms) alerts work?

This is an ongoing service of ours as part of a membership with us (Prepared and CyberSecured). An alert will basically alert you (via email or text message) when a device/computer of yours needs attention because of a new issue or vulnerability that targets that device/computer.

How it works:

Generally on a weekly basis, we put out a blog post mentioning all the newest threats that have appeared. You can elect to receive an alert if a *relevant* threat related to what computer systems and devices you have needs security attention. If there are no alerts for you, then you'll never get a text message and/or email about it.

Within your membership area, you can setup whether you get an sms (text message) to your phone and/or an email message and what alerts you want, and you would base it on what IT systems or devices you have. You'll never hear from us if the alerts you pick never have any publicized security issues we find. If there is an issue publicized with what you chose, you get sent an SMS and/or email.

What is the members-only private knowledge-base all about?

How will I create security-minded policies for my business through your membership?

In our higher level plans, we have policy generators that allow you to generate a policy. The policy comes from a template and you can modify it to fit your business. After the policy is generated in a pdf or text (email) format, you may use it for your business if all checks out after your own legal review.

The following policies can be generated through GetCyberSecured:

What is the security awareness course?

How long are your courses or risk assessments and how much time do I have to use them?

All packages are priced per year and thus, you can complete any courses or assessments within that time, or not complete them. We highly highly recommend yearly retraining to learn about the always-changing security landscape.

All courses and assessments are at your own pace. The medium plan containing many risk assessments may take 30 minutes to an hour total to complete all of them, if not more. Following recommendations or guides referenced in the material may several hours, days, weeks, or months, depending on what all you need to fix. Figure all this time into your membership.

What are the system requirements to view GetCyberSecured's material?

What is your money back guarantee?

What if I just got hacked? What can your plans offer?

Do any of your services cover compliance or audit requirements?

None of our services are designed to help you pass all audits, though they might end up doing so if you follow our cyber-secured system.

We do cover securing aspects for compliance requirements for HIPAA, PCI-DSS, and GDPR in our defense-in-depth risk assessments. We are not considered a de-facto source for securing for these compliance standards, only the official sources of the regulations can tell you exactly what you need to do, but we do try to point you in the right direction for following these standards from a cyber-security point of view.

Is this for securing my website?

We provide you the tools and information to secure your small business procedures and practices. We do cover protecting your website(s) from cyber attacks in our "Defense in Depth" risk assessments.

Protecting a website from cyber attacks can get very technical and may require a specialized security expert for web apps. We try to keep with the security fixes that almost anyone can do so we offer practical fixes that most people can apply themselves, or at least point you to services that may best help you.

Get Cyber Secured.