Free Cybersecurity Resources (small & medium businesses)

Updated: Sep 6

[Updated: 8/8/2022] After putting together so much information about cybersecurity and cyber insurance, I thought it would be a good idea to put some of my favorite free resources on one page.

These are all free resources and tools that are for business owners and decision-makers. These are tools that are very easy to use or require no technical knowledge. There are many other cyber security tools out there but they require a bit more technical expertise to run. Everything listed below is very user-friendly!


This page will periodically be updated as I find more resources.

 

Related Articles:

 

Get a dark web scan (email required)

A dark web scan looks for email addresses, passwords, and other info that is available on the dark web (that means it is in the hands of cyber criminals!) With a dark web report in hand, you know exactly which of your accounts needs attention.


Here is a link to Kosh's dark web scan. It is free, just fill out the form and we will run the scan and send you the results!




Check your email for a breach (no email needed)

Use this website (https://haveibeenpwned.com/) to see if your email has been involved in a data breach. I checked one of my old email addresses and found it was involved in 3 data breaches! Time to change that password.




Cybersecurity Checklist (email required)

This is our in-house security checklist. We use this checklist with our customers and to evaluate the cyber security readiness of prospective customers. It is a comprehensive list of 52+ questions that cover all areas of cyber security. To get this value checklist sent to you, enter your name, email, and company name below!




Data breach calculator (no email needed)

I really like this tool because it is instant and does NOT require an email address. It's an easy-to-use calculator to give ballpark figures if your organization experiences a data breach. Just make sure to select the correct type of data that was breached (credit card, health, personally identifiable information) and enter an estimated number of exposed records.




How cybersecurity aware are your employees? (email required)

This free resource is a little bit more involved but it is free and can be very valuable. This is a cybersecurity quiz or test that measures how well prepared your staff is and what areas are the most vulnerable. The quiz will also identify who in your organization is the least aware of cyber threats.


To get started, the simple steps are:

  1. Go to the website and fill out your info.

  2. Kosh will then email you back with a testing link to distribute to all your staff.

  3. Your staff completes the cybersecurity test and a report is compiled.

  4. The compiled report is emailed to you.




Short Backups and Disaster Recovery Quiz (email required)

This short 11-question quiz will be sent to Kosh and one of our technicians will respond with suggestions or comments on the state of your backups preparedness. Backups are a critical part of cyber security, so it's imperative they are part of your security solution. Getting expert feedback for free is pretty much always a good thing!





Phishing simulator (no email required)

I looked around for some free phishing simulators and I found a couple that are free but take a bit more setup from you. The first one is using Microsoft Defender. But it looks like a lot of setup effort. Here is the link to the document that details how to do it.






Then there is Gophish, and this one also looked like quite a bit of setup.





Those two options will work if you have the time to set up the campaigns. One of the reasons it is more difficult to find free or simple phishing simulators is because servers and IP addresses usually have to be whitelisted in your system. If the servers and IP addresses that the phishing emails are coming from are not whitelisted, all the phishing emails will either not be delivered or end up in spam folders which would not give you an accurate read.


 
Disclaimer

The information contained in this communication is intended for limited use for informational purposes only. It is not considered professional advice, and instead, is general information that may or may not apply to specific situations. Each case is unique and should be evaluated on its own by a professional qualified to provide advice specifically intended to protect your individual situation. Kosh is not liable for improper use of this information.