Reading your report

There is a lot of information that has been squeezed into your report.

Our Cyber Assessment tool has analysed lots of items to produce the breakdown held inside.

Many of the items can be solved through our various software products and some can be addressed and enhanced through policies and training.

We will explain everything you will see and what you can do to help improve your CyberRisk Score.

Overall Site Score

We produce a colour coded score for your entire site. This is calculated and weighted using a number of factors and based upon the number of computers you have submitted for analysis – we also call this Site Score your CyberRisk.

Take a look at our CyberRisk page so see how you are performing.

CyberRisk Score

%

How good is your security?

We use colour coding on your overall site and category scores to represent how well you are doing.

You're doing well

You are doing well to keep on top of your cyber security. Make sure you keep on top of this to ensure you don’t expose yourself.

Take action

Not critical but you are at risk and you should act to improve your security.

Act Now

You have risks in your environment that could expose you. You should not ignore this and you need to act now.

How we calculate your score

The assessment compares your computer(s) against a set of tests. The more computers analysed, the more accurate the report. We have over 30 tests that are performed across the following categories:

Antivirus Security

Assesses whether antivirus software is installed, active and up-to-date.

g

Patch Security

Assesses whether Microsoft and Windows security and software patches are up-to-date.

User Security

Assesses password activity and password policies for local users and domains.

Network Security

Assesses if the User Account Control setting is on or off, as well as assessing the security of certain Wi-Fi networks that managed devices have connected to in the last seven days.

Now the clever stuff

To provide a score, there are a couple of items we take into account.

Test weighting impact

We take each of the tests and apply a weighting against the impact each one poses.That means that the tests in the assessment do not all affect the score equally, but have a greater or lesser impact assigned by our proprietary algorithm.

For example, mandating that users create strong passwords is more critical to security than changing the domain policy password every 90 days. So, the test that checks that complexity is required in the local password policy is weighted more heavily than the test that checks if the domain policy password has been changed in the last 90 days.

Other impacting factors

Besides the weighting of tests, another factor that helps determine how much a test changes the score is how many objects (devices, users, accounts, etc.) are affected.

For example, if the “Software updates evaluation – Feature packs” test discovers that 20 devices are missing feature packs, that will lower your security score by a certain amount. If you then install the missing feature packs on ten of the twenty devices, your security score will be higher because fewer devices are affected by the missing security feature.

Count and Impact pie charts

Each test that is performed will be scored showing the number of times this result was triggered (count) and the impact as a percentage. The segments are colour coded into four issue levels as detailed below.

Let’s have a look at an example for User Security. We can see that 3 items have been flagged as severe and it’s impacting the score by 27.5%.

^

Severe Issues

You should act now! A severe score is something you should do something about. We have several solutions that can help you improve.

^

Minor Issues

Although minor, you should consider some form of action to recover before the issue gets worse. One of our solutions will help keep you on top of things.

^

Moderate Issues

Although not severe, you should look to act as soon as possible as these are likely to turn severe quickly. We have solutions to keep to keep you safe.

^

Passed Tests

Great news! You have passed these tests with flying colours. Just make sure you stay on top of things to keep yourself green.

Understanding the findings

Held within your report we provide a detailed breakdown of each of the tests performed and how well you performed. In this section we’ll show you what the information means.

1

Shows how many issues have been identified in the given severity. This example shows 3 moderate issues were identified.

2

This shows the overall impact this severity has had on the site score. This example is showing a reduction of 6.9%.

3

Which test was performed. The figure to the left shows whether a positive score has been allocated.

4

How many devices have been tested and how many devices failed the test.

5

What impact has this single test had on the site score. This example is showing this single test provides a negative impact of 2.75% as part of the 6.9%.

6

Provides an impact and countermeasure statement to help understand steps you can take to resolve.

7

Provides the computer name(s) impacted by the test that has been performed.

How we can help

We have options to help improve your overall security which, in turn, will help drive your CyberRisk Score positively. The table below will show the products to help solve identified issues.

 

CategoryDescriptionWhyAction
Antivirus issuesIt is vital you have antivirus and firewall installed and up-to-date.Protect your computers from malicious software which could bring your business to a costly halt.

Patch issuesOne of the biggest risks is computers not being kept up to date.Know that your team is working safely and up to date in and out of the office.

User issuesMake sure your accounts are not misused or stolen.If the user account is accessed maliciously, customer data could be stolen exposing financial loss and possible GDPR fines.

Network issuesMake sure your WiFi is encrypted and configured securely.Even if the WiFi is weak or set to default all computers need to be safe and kept safe.