Contact Get In Touch Form Type Form TypeRemediation Request Full Name Email Address Phone Number Name of Legal Entity VAT Number Warranty Policy No Cyber Event: Which event has occurred (IN YOUR OPINION) Cyber Event: Which event has occurred (IN YOUR OPINION) Internet of Things Event Network Security Breach Cyber Extortion Event Date of Cyber Event (DD/MM/YYYY) Nature of Cyber Event When and how did you first learn about the Cyber Event? What do you think caused the breach? What steps did you take to prevent the breach? Was the breach reported to the Police? Was the breach reported to the Police? Yes No If not, please provide the reason. If yes, by whom? Please share details. (Case No) 1. Did you have anti-virus and/or anti-malware software implemented on all desktops, laptops, and Sensitive Systems (all systems (including all hardware, software and physical components thereof and the data stored thereon) visible to external networks and/or used to store/process nonpublic, confidential, proprietary, or POPIA related information) running a Microsoft operating system and up to date as per the software providers’ recommendations? 1. Did you have anti-virus and/or anti-malware software implemented on all desktops, laptops, and Sensitive Systems (all systems (including all hardware, software and physical components thereof and the data stored thereon) visible to external networks and/or used to store/process nonpublic, confidential, proprietary, or POPIA related information) running a Microsoft operating system and up to date as per the software providers’ recommendations? Yes No 2. Did you have Critical, Common Vulnerability Scoring System (CVSS) severity 9.0-10.0, security related patches and updates applied on Sensitive Systems within 1 months of release by the provider? 2. Did you have Critical, Common Vulnerability Scoring System (CVSS) severity 9.0-10.0, security related patches and updates applied on Sensitive Systems within 1 months of release by the provider? Yes No 3. Did you have the following password controls implemented on Sensitive Systems? 3. Did you have the following password controls implemented on Sensitive Systems? Password length of at least 8 characters. User account password configured to be changed at least every 120 days unless passwords are at least 14 characters in length or multi factor authentication is implemented. Passwords configured which cannot within reason be deemed widely used or easily guessable e.g., including the Client’s name or P@ssword1. User accounts configured to lockout because of at most 10 failed authentication attempts. 4. Did you have the following recovery controls in place at the time of the cyber event? 4. Did you have the following recovery controls in place at the time of the cyber event? Backups generated at least weekly or have replication implemented. At any point in time have a backup or replicated copy which is disconnected, offline or cannot be overwritten from the production environment. Testing of the ability to restore data from backups or read from replicated copies at least every six months. 5. If your computer system includes a company network, did you have the following in place at the time of the cyber event? 5. If your computer system includes a company network, did you have the following in place at the time of the cyber event? Firewalls configured to restrict access to digitally stored sensitive Information. Administrative/remote access interfaces such as Remote Desktop Protocol (RDP) are not accessible via the open internet. Where such interfaces are required these are accessible exclusively over secured channels such as Zero Trust Network Access (ZTNA) or Virtual Private Network (VPN) connections. The system and/or activity logs for all Sensitive Systems including firewalls and Active Directory as implemented in the Client’s environment stored for a minimum period of 3 months. Account Holder Bank Name Account Type Branch Code Account Number Submit
