Cyber Security Analysis - Analyse My Site

At AnalyseMySite, we provide a quick and comprehensive cybersecurity assessment to help you understand your current risk level and identify the gaps in your digital defences.

Our free form-based evaluation covers the Essential Eight cyber mitigation strategies developed by the Australian Cyber Security Centre (ACSC), as well as additional measures that enhance your organisation’s security posture.

Name

Email Address

Phone Number

Company Name

Business Address

Notifiable Data Breach Compliance Criteria

Does your business generate more than $3 million in annual turnover?

Yes No

Do you collect, store, or process personal or sensitive information about clients, customers, or employees?

Yes No

Do you provide services to government, healthcare, or financial institutions or handle data regulated under Australian privacy laws?

Yes No

Essential Eight Controls

Instructions:

For each question, select "Yes" if your organisation fully meets the criteria, or "No" if it does not. This assessment will help you evaluate your cybersecurity posture based on the Australian Government’s Essential Eight mitigation strategies.

Application Control

Does your IT contractor use application control tools to prevent unauthorised software from running on staff devices?

Yes No

Why This Matters: Application control prevents the execution of malware and unauthorised software by only allowing approved applications to run on systems.

Patch Applications

Are all your business applications, including Microsoft 365 and third-party software, regularly updated by your IT team to address known security vulnerabilities?

Yes No

Why This Matters: Regular patching of applications reduces the risk of exploitation by addressing known vulnerabilities.

Restrict Microsoft Office Macros

Does your IT provider restrict Microsoft Office macros, allowing only approved and secure use in business documents?

Yes No

Why This Matters: Macros are commonly used in phishing and malware attacks, so restricting their use helps prevent malicious activity.

Configure Web Browsers

Are unnecessary features like Flash, Java, or ads disabled in your web browsers and software by your IT support provider?

Yes No

Why This Matters: Disabling outdated or risky features reduces exposure to vulnerabilities and malware.

Privileged Account Access

Are administrative privileges given only to authorised staff and monitored to prevent unauthorised system changes?

Yes No

Why This Matters: Maintaining least-privilege access and monitoring administrative accounts helps prevent privilege misuse and cyberattacks.

Patch Operating Systems

Are all operating systems (e.g., Windows, macOS) patched and updated on a scheduled basis by your IT contractor?

Yes No

Why This Matters: Regular patching of operating systems ensures that security vulnerabilities are addressed promptly.

Multi-Factor Authentication (MFA)

Is multi-factor authentication (MFA) enforced for access to cloud platforms, email, and business-critical systems?

Yes No

Why This Matters: MFA provides an additional layer of security, ensuring that even if credentials are compromised, unauthorised access is prevented.

Backup and Recovery

Is your business data backed up daily to a secure, offsite or cloud-based solution and tested regularly for recovery?

Yes No

Why This Matters: Regular backups and tested recovery processes ensure business continuity in the event of data loss or ransomware attacks.

Bonus Cybersecurity Measures

These additional questions are designed to assess advanced cybersecurity practices beyond the Essential Eight.

Endpoint Detection and Response (EDR)

Does your IT contractor provide Endpoint Detection and Response (EDR) to identify and contain advanced cyber threats?

Yes No

Managed Detection and Response (MDR)

Is your business protected with Managed Detection and Response (MDR) that actively monitors and responds to cyber threats in real-time?

Yes No

DNS Filtering

Is DNS filtering in place to block access to malicious websites and prevent phishing or malware attacks?

Yes No

Password Management

Do you use a business-grade password manager such as Passportal to securely manage team passwords?

Yes No

Cybersecurity Awareness Training

Has your team undergone human risk or cybersecurity awareness training in the past 12 months?

Yes No

I have read and agree to the terms outlined in the Privacy Policy and IT Security Policy.

Notifiable Data Breach Compliance Criteria

Essential Eight Controls

Application Control

Patch Applications

Restrict Microsoft Office Macros

Configure Web Browsers

Privileged Account Access

Patch Operating Systems

Multi-Factor Authentication (MFA)

Backup and Recovery

Bonus Cybersecurity Measures

Endpoint Detection and Response (EDR)

Managed Detection and Response (MDR)

DNS Filtering

Password Management

Cybersecurity Awareness Training

Menu

Subscribe to Our Newsletter