Find your 3 biggest cyber security risks
A FREE 30-minute Cyber Security Risk Assessment (CSRA). We review your Microsoft 365 tenant, check for breached credentials and scan your external footprint, you get a plain-English report with your 3 highest-priority actions.
Free. No obligation. You keep the report.
What’s checked, and what sits behind it
Included in your free Cyber Security Risk Assessment
- Microsoft 365 tenant security review, MFA coverage, admin roles, legacy authentication, mail forwarding rules, external sharing, conditional access
- Breached credential and dark web exposure check
- Summary external vulnerability scan
- Plain-English report with your 3 highest-priority actions
The optional next step (paid)
- Full external vulnerability assessment
- CREST-accredited penetration testing
- Endpoint/EDR posture review
- Firewall and network security review
- Backup and recovery resilience check
- Cyber Essentials / Cyber Essentials Plus readiness
- ISO 27001:2022 gap analysis (consultancy-led)
- DSAR / data protection exposure review
Includes a Microsoft 365 security review
Your Microsoft 365 environment holds some of your most valuable data, from email and documents to SharePoint and Teams. Many businesses assume it is secure by default. It is not. As part of your assessment we review your tenant for the misconfigurations and gaps that leave businesses open to phishing, data leaks and compliance breaches.
- Admin roles and permissions
- MFA usage and enforcement
- Mail forwarding risks
- Legacy authentication exposure
- External sharing controls
- Conditional access configuration
- Tenant-level risk summary
You get a clear, plain-English summary of what is secure, what is not, and what to do about it, with prioritised recommendations based on real risk and impact.
What this isn’t
- Not a sales pitch, the 30 minutes is spent on your environment, not our brochure
- No obligation, fix the findings yourself, hand them to your current provider, or ask us to quote
- Nothing changes in your systems, read-only access, removed when the review is done
If the CSRA finds deeper issues
Most businesses fix the three priority actions and stop there. If the review surfaces something that needs a deeper look, the optional next steps are a full vulnerability assessment, CREST-accredited penetration testing, or Cyber Essentials Plus / ISO 27001 readiness work, scoped and priced before anything starts.
Common questions
Who is the free Cyber Security Risk Assessment for?
UK businesses with roughly 50 or more users, fully managed, or with an internal IT team. If you’re smaller but worried about a specific risk, get in touch anyway.
How long does it take?
30 minutes of your time to book and grant access. We do the review work offline and send you the report.
What access do you need?
Read-only access to your Microsoft 365 tenant. We don’t change anything, and access is removed when the review is done.
What happens after the report?
That’s up to you. The report and its 3 priority actions are yours to keep, fix them yourself, give them to your current provider, or ask us to quote for the work.