F-Secure Launches Stress Test for Business Security
It’s never a bad idea for a company to get a better sense of its security posture. That’s why F-Secure (FSOYF ) recently launched a new online tool that can help companies learn more about what’s happening on their networks in terms of security and discover the kinds of vulnerabilities that can expose them to risks.
It’s never a bad idea for a company to get a better sense of its security posture. That’s why F-Secure (FSOYF ) recently launched a new online tool that can help companies learn more about what’s happening on their networks in terms of security and discover the kinds of vulnerabilities that can expose them to risks.
In honor of October’s National Cybersecurity Awareness Month, F-Secure launched the Cyber Security Stress Test, an online questionnaire to give companies more insight into their state of security. The test is still available.
The 20-question test is aimed at helping IT professionals find gaps in security in their small-to-medium-sized businesses so they can make better decisions about what type of solutions to use to keep data and applications safe, according to a press release.
F-Secure has found that there often is a disconnect between the risks businesses face and the type of security that’s in place, which is why a simple test can help companies make better decisions, said Erka Koivunen, an F-Secure cyber security advisor, in the release.
“Today's attackers are putting serious effort into reconnaissance, and many opportunistic attacks are now being used to gather intelligence for targeted attacks,” he said. “You have to know your systems better than your adversaries do because you can't protect something if you don't know it's exposed."
The Cyber Security Stress Test polls IT professionals on a number of topics, including endpoint protection, network security, and company roles and policies, according to F-Secure. The questions were devised to provide indicators that can identify security holes that can be fixed if the company takes actions.
Based on responses, the test rates a company’s risk on a scale of 1 to 5, with 1 indicating a high risk and 5 indicating a low risk. It also gives IT professionals tips they can use to make improvements to security.
Koivunen created the framework for the test, basing it on a well-known capability maturity model. This allows businesses to assess their ability to defend themselves quickly from typical threats that small and medium-sized businesses often face, he said.
“These threats typically seek to pierce perimeter security controls, and fool the users to either install malicious applications or leak sensitive information,” Koivunen said in the release. “There is a body of evidence suggesting that existing endpoint security products are not necessarily utilized to their full potential due to a lack of due-diligence in terms of configuration management. The test seeks to direct attention in that direction."
It was in a survey run from April 26 to May 16 that collected data from 1,780 respondents in Europe that F-Secure found that evidence, the company said. F-Secure learned that while 94 percent of respondents agreed that companies can be targets for cyber attacks—and most felt that protecting themselves from these attacks is among their highest security priorities—only 31 percent of respondents said their company had endpoint intrusion detection/prevention measures in place.
F-Secure has a number of business products—including its Protection Service for Business and Business Suite—to help companies secure their networks. The solutions allow companies to choose different software components to fit their particular needs and adjust their security posture as the threat landscape changes, according to F-Secure.
