Key Performance Indicators of a Safe Cyber Culture

Are you and your employees being safe? Cyber security helps make sure you have the right processes set in place to secure important company data.

One of the top focus points for many organizations in 2021 is how to create a safe cyber culture and how to get employees engaged. Largely, cyber security relates to processes set in place to help secure sensitive company data. Ensuring your companies data is secure, especially in today’s market, can seem daunting and challenging. I can also be a struggle with getting enough information and education to their employees. Did you know that 95% of cyber-attacks are a result of human error?  

When analyzing your organization to detect if the safeguards you’ve invested in are working, you need to have valid key performance indicators (KPI’s).  KPI’s are useful to assess your organizations current standings, track your progress, and help your decision-making process.

There are some basic KPI’s (or controls) you can use to assess your company’s current cybersecurity to help encourage a safe culture.  

  1. Device and Asset Inventory

– Does your organization have an updated inventory of all its technology assets?  

  1. Addressing unauthorized hardware assets

– Is your organization keeping up with removing or quarantining devices that do not belong?  

  1. Authorized Software inventory

– Is your organization keeping a list of authorized software?  

  1. Addressing unauthorized software assets

– Is your organization being diligent about removing and preventing the use and/or misuse of software on business systems?  

  1. Changing default passwords and credentials

– What are your current password/credentials requirements?  

  1. Use only dedicated accounts

– Does your organization have dedicated accounts, or do you use a single account sharded amongst employees to get work completed?  

  1. Active audit logging  

– Would your organization be able to retrieve the “paper-trail” needed in the event of an internal or external audit? Would you be able to find the information needed to understand the source of an attack?

For more information on the above indicators and how to score your company, ask about our Blackink Scorecard!