Cyber Resilience Maturity Assessment
Self-Assessment Questionnaire
Assess Your Cyber Resilience in Just 10 Quick Questions
Question
1 of 10
We can reliably meet the 3-2-1 rule of backups without making multiple copies at multiple locations.
Why does this matter? At the time of recovery, your backups need to be available. No if's and no but's. The 3-2-1 rule increases the availability of backups - 3 copies, 2 locations, 1 offsite/air-gapped.
Question
2 of 10
We have root access to backup servers sufficiently restricted and protected.
Why does this matter? 93% of organizations hit by ransomware in the past year said that the cybercriminals attempted to compromise their backups during the attack. Backup data can be modified or deleted by negligent or compromised admins.
Question
3 of 10
Our backup environment is sufficiently isolated from the production environment.
Why does this matter? If the same cyber attack that's paralyzing your production environment, also compromises your backup infrastructure, your recovery is even more complicated and lengthy.
Question
4 of 10
We have an effective way to identify clean versus compromised data prior to recovery.
Why does this matter? When it's time for cyber recovery, there's a critical tradeoff between the need to recover quickly and the need to recover only clean data.
Question
5 of 10
We can easily pick the cleanest restore point to minimize data loss.
Why does this matter? During their dwell time, threats often infect parts of different files mainly to complicate recovery. This forces you to go all the way back in time to find a full clean copy, which in turn, causes significant data loss.
Question
6 of 10
We can recover and restore from backups in a timely fashion during cyber attack.
Why does this matter? When the company is in crisis due to a reputation impacting cyber attack, time to recover to a clean state is critical.
Question
7 of 10
We have ways to roll back unintended or malicious backup deletions.
Why does this matter? Compromised admin credentials can be used to delete backup copies, fully or partially. When detected early, this can at times be rectified, without needing a full blown recovery.
Question
8 of 10
We have a SIEM/XDR that can provide insights into abnormal activities in the backup environment.
Why does this matter? While investigating a cyber attack, SOC teams would often need access to a lot of information in order to pull together the full picture.
Question
9 of 10
Our backup copies are protected from deletions due to accidents or malicious intent (such as an insider attack).
Why does this matter? When backup copies are deleted, you lose your ability to recover.
Question
10 of 10
We can detect and receive alerts for any threats to sensitive data and/or the backup environment.
Why does this matter? Bad actors often attempt to compromise the backups and prevent recovery.
Your Cyber Resilience Maturity Level
Benchmarking
How you compare to everyone else.
Benchmark
Level 1 : Backup Immutability
64%
Level 2 : Backup Security
67%
Level 3 : Cyber Remediation
60%
Level 4 : Cyber Investigation
62%
Level 5 : Cyber Detections
55%
Most organizations are flying blind—only 14% feel truly cyber resilient