Cyber One Solutions logo.
Get Support
Free Assessment

What Is Your Business Cybersecurity Risk Score?

Answer ten yes-or-no questions about the controls that stop the most common attacks, and get an instant risk score. Everything runs in your browser: nothing is submitted, stored, or shared. This is a general risk indicator, not a formal security audit.

Self-Assessment

Ten Questions on the Controls That Matter Most.

Answer honestly. If you are not sure whether a control is in place, that usually means it is not.

1Is multi-factor authentication enforced on email, remote access, and administrative accounts?Passwords alone are the most common way attackers get in.
2Is modern, monitored endpoint protection installed on every computer and server?Managed detection and response goes beyond traditional antivirus.
3Are operating systems and applications patched on a regular, managed schedule?Most exploited vulnerabilities already had a fix available.
4Do you have backups that are restore-tested and include an offline or immutable copy?A backup you have never restored is an assumption, not a safeguard.
5Do you filter email for phishing, malware, and business email compromise?Email is the starting point for most incidents.
6Do your staff receive regular security awareness training?People are the most targeted part of any organization.
7Do you have a written incident response plan your team could follow under pressure?A plan made during an incident is made too late.
8Is everyday access limited to what each role needs, without standing local administrator rights?Least privilege limits how far a single compromise can spread.
9Is your firewall managed and updated, with no remote desktop or admin services exposed to the open internet?Exposed remote access is a frequent entry point.
10Do you maintain an inventory of devices and data, and revoke access promptly when someone leaves?You cannot protect or disable what you have not accounted for.
What Comes Next

From a Score to a Managed Program.

However you scored, the path forward is the same shape: close the highest-impact gaps first, then keep the controls consistent, monitored, and tested so they hold up when something goes wrong.

  • Multi-factor authentication and least-privilege access across your accounts.
  • Monitored endpoints, managed patching, and email security working together.
  • Backups that are restore-tested, with an offline or immutable copy.
  • A written incident response plan and staff who know how to use it.