GLOBAL TECH HUB

Capacity
Assessment

COUNTRY S

Get Started
About the This assessment aims to assess the capacity of
Assessment your organization from a strong digital security
perspective. It will help identify gaps and
remedy them in a timely manner.
 Number Of Staff
CAPACITY ASSESSMENT

10 organisations
having less not more 6.3%

than 10 staff
members.

5 organisations
having 10-20 staff
members. 31.3%
Most of the organisations we are
assisting are small organisations
with limited staff capacity and
1 organisation generally no IT support.

having more than

20 members 62.5%

Next Page
 Section 1 : Policies
CAPACITY ASSESSMENT

Onboarding
High High - Med
Do not have any onboarding/off-boarding policies which
6% 5.9%
represent a risk over accessing organisation/s assets. The
country S organisations need to write down procedures
Low -Med
+95% when they get new staff members or consultants working
23.5% with the organisation, and control access to the
Low - Med
29% organisational resources.

Have knowledge about what to do in case there is an

Low emergent threat, or natural disaster. This shows their
65% unpreparedness to deal with unwanted events, which might
None
Low
70.6%
impact individuals, their institution as well as the work they
have been doing.
Low -Med
6%

Need to map their activities, the tools they use and start
drafting policies taking into consideration security
All components.

Low
Next Page
94%

Contingency
 Practices - Secure browsing
CAPACITY ASSESSMENT

With No knowledge about what

secure browsing meaning (HTTPS,
High - Med 35% browsers, security plugins,
6% phishing, malicious websites).

Has Some knowledge about what

Low secure browsing means - some
35% 59% staff use browsing practices for
sensitive work.

Has No understanding or
24% misunderstanding of VPNs role

Low - Med
59%

2020 Does not know why VPN used!

65%

Next Page
Session on secure browsing
Provide VPN licenses
 Account security
CAPACITY ASSESSMENT

2FA
Low

35% using Weak passwords changed

infrequently - not stored in secure Low - Med

password storage High - Med

65% of partners reported that respondents High Recovery

do not set systematically recovery options 0 10 20 30 40 50 Low

for their accounts Low - Med

Low High - Med

18% with No knowledge about 2FA and/or
is not setup High

Low - Med 0 10 20 30 40 50

47% 2FA partially used by staff and

High - Med
partially set up, although not entirely or
consistently which puts them on high risk 0 20 40 60

Secure Password Next Page

 Encrypted Communications
CAPACITY ASSESSMENT

Encrypted Communications
50

40

Weak knowledge about encrypted communications and

30 limited use for few tools as we see 41% of the partners
without any knowledge about the encrypted
20
communications.

10
Most of the partners don't have any knowledge about FDE.
FDE
0
Low Low - Med High - Med 100

75 Demo and explain encrypted communication tools (Get

participation).
Present FDE and how to enable it.
50

25
Next Page

0
Low Low - Med
 Operating Systems
CAPACITY ASSESSMENT
High - Med
6%

Most of partners using Unlicensed Software

01 software / Cracked / Not up to date High - Med

which put them in high risk. Low - Med 6%

29%

Low understanding about trusted Low - Med

19%
applications and software, use of
02 random applications and cracked
software, download software from Low
65%
untrusted sources.

Highlight the risk of using cracked software.

OS Low
75%

Provide alternatives - TechSoup registration to get

cheaper licenses.

Next Page
 Practices
CAPACITY ASSESSMENT

Work Devices

100
75
50
Most Of the partners using

25
personal and work devices
for personal and work
Backup

0
purposes.

Low

Low - Med

High - Med
60

59% Of the partners never doing

40

back-up! (some staff / IT are

implementing offline backup
informally).
20
0

No One
Low

Low - Med

High - Med

Implementing Online and

offline backups with clear
organisational procedure.
Next Page

Provide a list of best practices.

 Other Findings
CAPACITY ASSESSMENT

01 - Electricity & Internet 03 - Digital literacy

There are accessibility Digital literacy is one of
difficulties for Electricity the main challenges
and internet across most of partners are experiencing.
the partners.

02 - knowledge
Infrastructure and services
knowledge and ownership
need to be increased.
 Main Findings / Remediation
CAPACITY ASSESSMENT

P0 P0 P0

Losing accounts is a Widespread use of Backup is not

high risk cracked software/ OS implemented

Highlight the risk of using cracked

Showcase haveibeenpwned, Focus software, Provide alternatives - Showcase backup possibilities.
on recovery options, Demo 2FA. Techsoup registration to get
cheaper licenses.

Next Page
 Main Findings / Remediation - 2
CAPACITY ASSESSMENT

P1 P1 P1

Low knowledge about Infrastructure and

secure communication / Secure communication
services knowledge and
surveillance / VPNs is not implemented
ownership is low

Demo and explain encrypted Work on improving accessibility

Session on secure browsing, communication tools (Get and ownership of partners
Provide VPN licenses. participation). infrastructure/subscriptions.

Next Page
 Main Findings / Remediation - 3
CAPACITY ASSESSMENT

P2 P2 P2

Use of practices
Lack of existing security Low knowledge about
increasing their risk,
policies encryption
such as sharing devices

Need to map their activities, the

tools they use and start drafting Present FDE and how to enable it. List best practices.
policies taking into consideration
security components.

Next Page
 Main Findings / Remediation - 4
CAPACITY ASSESSMENT

P5 P5
Digital literacy is one of
Issues with internet and the main challenges
power supply partners are
experiencing

Work on improving accessibility

and ownership of partners Train on topics such as
infrastructure/subscriptions. collaboration tools , etc

Next Page
CAPACITY ASSESSMENT

THANK INTERNEWS

YOU
GLOBAL TECH HUB