How exposed is your organizationto cyber risk, really?
12 plain-language questions, tailored to your industry. In about 3 minutes you'll see your composite cyber-risk score, a per-domain breakdown, and the three highest-leverage actions for your team.
No login required · Free
Under 3 minutes
No fluff. No long-form questionnaires. 12 scenario questions you can answer from memory.
Industry-aware
Healthcare gets HIPAA Security Rule questions. Everyone else gets NIST CSF 2.0 / I²SS-aligned questions. No generic checklist.
Your data is safe
We capture your contact details to share results — never sold, never spammed. Read our privacy posture below.
What you'll receive
Your composite cyber-risk score, 0–100, with a clear maturity band (Mature / Developing / Emerging / At Risk)
Per-domain breakdown — see exactly which areas pull your score down (Administrative? Technical? Detection? Recovery?)
Your three highest-leverage next actions, ranked. Not generic — based on your weakest domain.
How your responses compare to the framework your industry needs to align with (HIPAA Security Rule for healthcare, NIST CSF 2.0 elsewhere).
A sales-team follow-up offer to walk through your results live (totally optional, easy to decline).
Built on public frameworks
Questions are derived from the HIPAA Security Rule (45 CFR §164.302–318) and NIST CSF 2.0 (the same framework backing PortfolioShield's I²SS scoring engine). Maturity scoring uses a 0–100 scale on five levels per question — the same shape professional auditors use, written in plain language so you don't need a CISO sitting next to you to answer.
Why we ask for contact info
You see the score the moment we have your details. We do this so the scorecard delivers real value — interpreted insight, not a popup score. We'll only follow up to share context on your results and offer a walkthrough; no marketing automation drip, no list rentals.