Epitechnic Ransomware Defence Maturity Assessment Questionnaire

Can you recover from ransomware?

Ransomware remains one of the most disruptive and costly cyber threats for modern organisations. This 12 minute assessment uses eight targeted questions, aligned with the NIST Cybersecurity Framework and proven cloud security practices, to provide a fast view of your current readiness and resilience.

Select the responses that best reflect your environment today. Your results will highlight strengths, surface the most important gaps, and point to practical actions that improve protection, recovery and operational continuity.

Use the output to prioritise investment, align stakeholders, and strengthen defences against ransomware and other evolving cyber risks.

Question 1: How does your organisation manage inventory and classification of cloud resources to ensure visibility and effective security governance?* This field is required.

We do not have a clear process for inventory management or classification of cloud resources.

We manually document cloud resources in spreadsheets without regular updates or classification based on criticality.

We primarily rely on tagging for classification, but without a consistent approach across the organisation.

We use third party tools exclusively for inventory management without integrating native cloud services.

We use native cloud inventory capabilities to dynamically manage and classify resources based on criticality.

Question 2: How does your organisation ensure secure configurations for its cloud resources and workloads?* This field is required.

We have not implemented a consistent strategy for securing configurations across our cloud resources.

We manually configure each cloud resource and periodically review configurations against recommended best practices without using any management services.

We use configuration monitoring tools to evaluate cloud resource settings against desired baselines, but do not automate response actions.

We rely on third party tools exclusively for configuration management and do not use native cloud services.

We use native cloud services to establish and govern secure environments with automated enforcement of configuration standards based on best practices.

Question 3: How does your organisation implement identity and access management practices in the cloud?* This field is required.

We follow an informal approach to access management, often relying on shared access to privileged accounts without using formal identity and access controls.

We manually create users and groups within each cloud account without integrating with an external identity provider or central access service.

We use native identity and access tools to manage users and roles but have not fully adopted least privilege principles or centralised access management.

We rely on a third-party identity management solution without integrating it with native access control services.

We use a centralised identity and access service federated with our existing identity provider, allowing consistent access governance across all cloud accounts.

Question 4: How does your organisation approach vulnerability management for cloud resources?* This field is required.

We follow an informal approach with limited use of automated tools and no integration between cloud services and our security operations.

We conduct vulnerability assessments manually on a periodic basis without using cloud-specific tools for continuous monitoring or automated remediation.

We use native cloud tools for continuous scanning of virtual machines, serverless workloads, and containers, but do not integrate findings with other security services.

We rely solely on third party vulnerability management tools without integrating them with cloud-native services.

We use a cloud native centralised security platform to aggregate vulnerability findings, integrate with real time detection and automate prioritised remediation.

Question 5: How does your organisation prepare for data recovery and manage incident response in the cloud?* This field is required.

We rely on manual backups and have no formal incident response plan in place.

We use automated backup services for data protection across cloud platforms but have not yet implemented a formal incident response plan.

We use third party backup and disaster recovery solutions without integrating them with cloud-native services.

We use cloud-based disaster recovery solutions to support resilience but do not conduct regular testing of our incident response procedures.

We perform regular recovery exercises using cloud-native backup and disaster recovery tools and test our incident response plan to ensure fast and reliable recovery.

Question 6: How does your organisation implement malware defence strategies in the cloud?* This field is required.

We perform manual scans of virtual machines and container workloads for malware on an irregular basis and do not use domain-level traffic filtering.

We rely only on network level defences and do not use dedicated malware protection tools or integrate with cloud-native services.

We have an automated response process that integrates malware threat detection findings with automated mitigation actions, but we do not implement domain-level traffic filtering.

We use third party malware protection tools without integrating cloud-native threat detection or domain traffic filtering services.

We use cloud-native malware protection services to perform automated scans triggered by suspicious activity and apply domain-level traffic filtering to block access to malicious domains.

Question 7: How does your organisation implement security awareness and skills training to address cybersecurity risks?* This field is required.

We do not have a formal security awareness or skills training programme and rely only on external resources when necessary.

We offer occasional training in response to new threats, without a structured programme or use of cloud-specific training resources.

Security training is included during onboarding for new employees, but there is no ongoing programme and no use of cloud-specific training content.

We conduct annual security awareness training for all staff and use cloud training platforms and practical workshops to strengthen understanding of cloud security.

We provide continuous security training that combines hands-on workshops, learning platforms, and architecture review tools to support secure design and operations across the organisation.

Question 8: What strategy does your organisation employ for log management and analysis to support data recovery and incident response in the cloud?* This field is required.

We follow an informal approach to log management with inconsistent practices across services and no formal incident response process that uses log data for recovery or analysis.

We monitor and analyse logs manually using local scripts and tools without centralised log management or defined retention policies.

We have implemented centralised log management using cloud services with defined lifecycle policies and also use a security dashboard for consolidated insights.

We rely entirely on third party log management tools and do not integrate them with cloud-native logging services.

We use advanced log management platforms with immutable storage and querying capabilities to support detailed forensic analysis and recovery.

What email address would you like us to send your report to?* This field is required.

example@example.com

What is your company name?* This field is required.

What is your title

Would you like to receive occasional emails with useful tips and tools?* This field is required.You can opt out at any time.

Opt in

Opt out

Form TitleThis is used to store the form title