Free Assessment · 3 Minutes · Instant Results

Your Cyber
Risk Score

Answer 5 questions about your business. Get a scored cybersecurity assessment with specific findings, risk prioritization, and recommended next steps — instantly, free, no strings attached.

2,400+ businesses nationwide scored
Results emailed instantly
No sales pitch
Question 1 of 5
Question 1 — Your Industry
WHAT INDUSTRY
IS YOUR BUSINESS IN?
A
Banking, Finance, or InsuranceGLBA/FFIEC compliance obligations, wire fraud exposure, examiner scrutiny
B
Healthcare or VeterinaryHIPAA breach notification, patient data, ransomware targeting clinical systems
C
Legal or Professional ServicesABA ethics, client confidentiality, IOLTA trust account exposure
D
Manufacturing or Defense ContractorCMMC 2.0 requirements, IT/OT convergence, ransomware targeting production
E
Government or Law EnforcementCJIS Security Policy, CJI data, FBI audit exposure
F
General Business (Retail, Real Estate, Services, etc.)Cyber insurance requirements, PCI-DSS, Ohio Safe Harbor
Question 2 — Identity Security
DOES YOUR BUSINESS
USE MFA EVERYWHERE?
A
Yes — MFA is enforced on all accountsEmail, cloud apps, VPN, and all remote access require MFA. We verify compliance.
B
Partially — some systems have it, some don'tMFA is enabled on some apps but not consistently enforced across all access points.
C
No — we rely on passwords onlyNo MFA currently in place. Users access systems with username and password only.
D
I'm not sureI don't have clear visibility into which systems have MFA enabled.
Question 3 — Backup & Recovery
WHEN DID YOU LAST
TEST YOUR BACKUPS?
A
Within the last 90 days — we have documented restore testsWe verified our backups restore successfully and documented the test results.
B
6–12 months agoWe've tested relatively recently but not on a quarterly schedule.
C
We have backups but have never tested themData is being backed up but we've never verified a restore actually works.
D
We don't have reliable backupsBackup status is unclear, inconsistent, or we know there are gaps.
Question 4 — Security Review History
WHEN WAS YOUR LAST
SECURITY ASSESSMENT?
A
Within the last 12 months — documented findings and remediationA qualified 3rd party assessed our environment and we addressed the findings.
B
1–3 years agoWe've had an assessment but it's been a while and things have changed since.
C
Never — we've never had a formal security assessmentNo outside party has ever formally reviewed our security posture.
D
Our IT provider reviews things internallyOur IT vendor reviews security but no independent 3rd party has assessed us.
Question 5 — Incident Preparedness
IF YOU WERE BREACHED
TODAY — WHAT HAPPENS?
A
We have a written, tested incident response planOur IRP is documented, staff are trained, and we've run at least one tabletop exercise.
B
We have some idea of what we'd do — but it's not documentedLeadership knows roughly who to call, but there's no formal written process.
C
We'd be improvising — no plan in placeIf we were breached tomorrow, we'd be figuring it out as we go.
Almost Done
WHERE SHOULD WE
SEND YOUR RESULTS?

Your personalized Cyber Risk Score, prioritized findings, and recommended next steps will be emailed to you instantly — with a summary you can share with your leadership team.

By submitting, you agree to receive your risk score and occasional cybersecurity tips from Securafy. Unsubscribe anytime.

Want a Deeper Look
Than 5 Questions?

The Risk Score gives you a starting point. A real Securafy assessment gives you a complete picture — mapped to your industry's compliance requirements, with a prioritized action plan and fixed pricing.

Schedule Free Assessment → See Client Results

FREE · 30 MINUTES · NO SALES PITCH

See Exactly Where You're Exposed.
Before an Attacker Does.

Our free 47-point network and security assessment gives you a prioritised remediation report in plain language — no obligation, no upsell.

Book a Free Strategy Call → (330) 906-8888

Soteria Award — Most Trusted MSP in North America 2024  ·  30-Day Risk-Free Trial  ·  10-Minute Response Guarantee

Frequently Asked

About the Cyber Risk Score Assessment

What is a cybersecurity risk score?
A cybersecurity risk score is a numeric summary of your current security posture across critical control areas — typically endpoint protection, email security, identity controls, backup and recovery, and incident response readiness. A lower score means more exposure to breach, ransomware, and compliance failure.
How is my cyber risk score calculated?
This score is calculated from your answers to five posture questions covering endpoint protection, email and phishing defenses, identity and access controls, backup and recovery readiness, and incident response capability. Each area is weighted by its breach-prevention impact based on published industry data and FBI IC3 findings.
What's a good cyber risk score?
A score of 80 or higher indicates mature controls and low breach risk. 60 to 79 means baseline protections but several gaps. Below 60 indicates significant exposure — most breaches happen to organizations in this band. Regulated industries like healthcare, financial services, and defense should target 85 or higher.
What should I do after getting my score?
Address the lowest-scoring control area first — that's usually where breaches enter. For a custom remediation plan, schedule a free 20-minute review with a Securafy engineer. We'll walk through each gap and show what a phased fix looks like for your environment.