Cybersecurity Checklist
What is the likelihood of each of the following threats impacting your company’s cyber security?
General Threats
Lack of separation between test and production data or environments
Use of unauthorized software or hardware
Sending and receiving of login credentials through unencrypted methods
Operating system not designed for high security
Human Threats
Inadequate or inconsistently enforced security policy
Attackers who impersonate employees over the phone persuading administrators to give out usernames, passwords, modem numbers, etc.
Too many or too few system administrators, or administrators who are highly pressured
Ignorance of security issues, such as lack of security awareness, guidelines, or proper documentation
Information or incorrectly classified or accidentally destroyed, modified, or disclosed
Privacy Threats
Unauthorized monitoring of sensitive data crossing the internal network
Subversion of DNS to redirect email or other traffic
Subversion of routing protocols to redirect email or other traffic
Analysis of ewaste to access sensitive documents or data
Equipment Threats
Equipment failure due to defective hardware, cabling, or communications system
Damage from natural disasters, such as fire, smoke, water, earthquakes, storms, and power outages
Equipment failure due to airborne dust, electromagnetic interference, or static electricity
Incorrect destruction of network interface devices, hard drives, computers, or media