Services Cloud ServicesCyber SecurityModern WorkplaceNetworking & InfrastructureData & AIAI EnablementAI Readiness Industries EducationHealthcareConstructionBioTech & Life SciencesFinanceInvestments Partners AWSMicrosoftNutanixHYCUOVHcloud About Tools Passphrase GeneratorCyber Security ScoreIT Cost CalculatorEmail Security CheckerSubnet CalculatorQR Code GeneratorDowntime Cost CalculatorAI Readiness Assessment Store Customer Portal Contact Book a Free IT Review
Free Tool

Cyber Security Score

Answer 15 quick questions to assess your business's security posture. Get your score and personalised recommendations in seconds.

0 of 15 answered 0%
01

Is Multi-Factor Authentication (MFA) enabled on all accounts?

MFA adds an extra layer of security beyond passwords, significantly reducing the risk of unauthorised access.

02

Do you perform regular data backups with tested recovery procedures?

Reliable backups are your last line of defence against ransomware. Regular recovery testing ensures they actually work when needed.

03

Is endpoint protection (antivirus/EDR) deployed on all devices?

Every laptop, desktop, and server is a potential entry point. Modern EDR solutions detect and respond to threats in real time.

04

Do your staff receive regular security awareness training?

Human error accounts for the majority of breaches. Ongoing training helps staff recognise phishing, social engineering, and other threats.

05

Are firewall and network segmentation measures in place?

Firewalls control traffic flow, while segmentation limits lateral movement if an attacker gains a foothold in your network.

06

Are your software and systems regularly patched and updated?

Unpatched software is one of the most exploited attack vectors. A disciplined patching schedule closes known vulnerabilities quickly.

07

Do you have email filtering and anti-phishing protection?

Email remains the number one attack vector. Advanced filtering blocks malicious attachments, links, and spoofed senders before they reach inboxes.

08

Is your incident response plan documented and tested?

When a breach occurs, a rehearsed plan reduces response time, limits damage, and helps you meet regulatory notification requirements.

09

Do your access controls follow the least-privilege principle?

Users should only have the minimum access needed for their role. This limits the blast radius if any single account is compromised.

10

Do you hold Cyber Essentials or a similar security certification?

Certifications like Cyber Essentials provide a baseline framework and demonstrate your commitment to security to clients and partners.

11

Do you have continuous threat monitoring or a SIEM/SOC in place?

24/7 threat monitoring detects suspicious activity in real time, allowing rapid response before attackers can cause significant damage.

12

Has your business had a penetration test in the last 12 months?

Regular pen testing simulates real-world attacks to uncover vulnerabilities before criminals do. Annual testing is considered best practice.

13

Are you implementing a Zero Trust security model?

Zero Trust assumes no user or device is trusted by default — even inside the network. It verifies every access request based on identity, device health, and context.

14

Do you use a business password manager across the organisation?

Password managers eliminate weak and reused passwords. They generate unique, strong credentials for every account and make credential sharing secure.

15

Are your SaaS applications protected with backup and access controls?

SaaS platforms like M365, Google Workspace, and Salesforce often lack built-in backup. Dedicated SaaS protection ensures data recovery and prevents unauthorised access.

Your Cyber Security Score

0 out of 100
--

Recommendations

Want help improving your score?

Book a Free Cyber Security Review