Free workplace tool

Cyber Attack Exposure Check

A calm, practical check for small business owners. Answer a few questions and get an operational exposure estimate for today's most common cyber threats. This is not a penetration test and not a compliance audit — it's a starting point for a sensible plan.

Answer the questions above and press Check my exposure to see your practical estimate.

Frequently asked questions

How exposed is my business?+

Most small businesses are more exposed than they realise, usually because of small habits — reusing passwords, no MFA on business email, no tested backups. The good news is that a handful of practical changes typically reduce most of that exposure without any technical project.

Do hackers target small businesses?+

Yes — and increasingly so. Small businesses are attractive because they usually have fewer defences than large organisations but still hold money, customer data and supplier relationships. Most attacks are automated and opportunistic rather than personal.

Is antivirus enough?+

No. Antivirus helps, but the majority of small business incidents start with a person being tricked — a fake invoice, a fake login page, a fake supplier email — not with malware that antivirus would catch. Training, MFA and payment verification matter as much as software.

Why is MFA important?+

Multi-Factor Authentication (MFA) means signing in needs more than a password — usually a code from a phone. Even if a password is stolen or guessed, MFA blocks most account takeovers. It is the single highest-impact change most small businesses can make.

How often should backups be tested?+

Ideally once a month, and at minimum quarterly. An untested backup is a hope, not a plan — you only find out it doesn't work when you actually need it. Testing means restoring a small sample of data and confirming it opens correctly.