www.acronis.com 3
ASSESSMENT QUESTIONNAIRE
4 Are you
correctly
insured against
any damage
or loss from
cybersecurity
incidents,
including
employee
negligence or
insider threats?
ID.RM
consequences of online disasters, be they a bad agent attack, data loss, data theft,
ransomware, malvertising, etc.
established insurers.
As it’s new, it is a complex space to navigate. Players are still jockeying for position in what is
touted to be a huge market.
the cheapest rates may not be the one that returns its investment in any meaningful way.
narrow your choices to a strong shortlist.
TIP: As it has not been around for long, be very careful not to assume it is a one-size-ts-all
market. Insurers oer a variety of cover options, so it’s key to get proper advice on which
policies are right for you, should a cyber threat be successful.
5 Is your
organization
compliant with
the industry's
and/or region's
cybersecurity
operational
requirements,
as appropriate?
(e.g. HIPAA,
PCI, GDPR)
ID.GV
State laws regarding cybersecurity requirements vary from state to state, just as compliance
While industry standards vary, depending on the industry and its individual requirements,
there is overlap between these bodies (e.g. many regulators will require that sensitive and PII
information must be stored securely, that backups are kept and regularly updated, and yearly
organizations providing medical services, and the individual regulatory stipulations take these
all into account.
It is important to understand which of these bodies impact the organization. Then you can
prioritize the requirements and recommendations these regulatory bodies require your
business to follow.
There are few things to look out for here. First, ensure your information security partner
understands your regulatory compliance needs, whether they are tied to industry standards,
federal law, or state law.
Building an information security infrastructure to protect your organizations’ people, services
approach can dramatically reduce the network’s operational risk, as well as help you future-
proof the organization against tomorrow’s threats.
You can simplify the work of ensuring compliance with many regulations, particularly those
regarding data retention, with a high-quality backup solution like Acronis Cyber Protect, which
is designed for even organizations with strict compliance regulations, e.g. GDPR, NIS Directive,
Telecom Framework Directive, or eIDAS regulation.
TIP: By using one trusted integrated solution that includes data compliance reporting, you
can eliminate complexity, improve security capabilities and uptime, all while reducing costs.