top of page

5 Question Hack Assessment

This assessment was built for MSPs to use as an evaluation tool for clients. By asking your clients these five questions, you can quickly understand their current cybersecurity standing and begin working with them to create a cybersecurity education plan for their organization.

Assign one point for every "yes" response.

1. Do your employees use multi-factor authentication or two-factor authentication (MFA, 2FA)?

2. Do you have a process for employees to report a phishing incident?

3. Do you have a remote work policy for employee-owned devices that are used for company purposes?

4. Do you have a process for storing and securing company and customer data?

5. Are you aware of the process for backing up your company's data and systems?

Scoring: share these responses with your client

5 points

You’re doing great — but there’s always room to grow! Here are a few suggestions on what you can do to increase your security.

  • Consider cyber insurance: Start by understanding how cyber insurance works, and what you need to implement in order to get a policy. This may include things like 2FA or the framework of your security awareness training. Learn more.

  • Give your team their time back: Choose automated cybersecurity products that will simplify important tasks like security awareness training. Learn more.

4 points

You’re on the way to securing your organization. We just have a few suggestions:

  • Understand the psychology behind social engineering attacks. Thinking like a hacker can help you and your organization avoid potential breaches. Learn more.

  • Learn how to secure your valuable digital assets. Understanding the basics of how to keep your private personal information and company data secure to keep the hackers out. Learn more.

3 points

You understand the importance of cybersecurity, we can tell. Try the tips below to improve your score fast.

  • Understand the importance of cybersecurity. Creating a culture of cybersecurity in your organization has benefits beyond building your first line of defense against cyber attacks. Read more.

  • Do a dark web scan of your business (Or ask your IT team). Find vulnerabilities that may have been missed otherwise by scanning your organization for potential attack points. Read more.

2 points

You’re on track but it’s time to close the gaps. Here are a few ways to get started.

  • Use a password manager and a password policy. Having both of these tools in place will improve your password security and decrease your susceptibility overall. Read more.

  • Learn how to recognize signs of malware. Knowing what to look for and educating your team could be the reason an attack is stopped or reported. Read more.

1 point

Your cybersecurity journey is beginning and you’re off to a great start. The next steps we recommend are:

  • Educate your entire company about the threat of phishing attacks. 90% of data breaches start with a phishing attack. Let your team know what to be on the lookout for. Read more.

  • Protect your computer from malware. Start by taking a few simple precautions to protect your organization from ransomware, spyware, and keyloggers. Read more.

0 points

You’re making the right move by asking for help. Reach out to your IT team and ask to discuss strategies to start building your cybersecurity program. Get started:

  • Educate your entire company about common types of phishing. Let your team know what to avoid in their inboxes. Read more.

  • Create secure passwords. Advise your team about the risks of weak passwords and give them tips on how to update their current passwords to increase their strength. Read more.


Learn more about HacWare: MSP partners can decrease the likelihood their end users will click on a phishing email by 60%. Let us educate your end users with automated, AI-driven phishing simulations and under three-minute micro-trainings to keep user attention and improve learning outcomes.

Learn more about our partner program and how we can support your MSP's growth!

bottom of page