Professional-grade cybersecurity tools designed for the CFO, office manager, and firm partner who need answers, not another sales pitch.
Take a 20-minute industry-specific assessment and get a scored report your insurance broker will recognize. The assessment covers 8 security domains, maps to NIST CSF 2.0 and CIS Controls, and produces two downloadable PDFs: one formatted for your insurance application, one that tells your team exactly what to fix and in what order. The average small business scores a 62 out of 100 on their first assessment. Now you will know where you stand.
Coalition, one of the largest cyber insurers in the U.S., reported that 56% of small business claims in 2023 involved ransomware or funds transfer fraud. Knowing your gaps before a claim is filed changes the conversation with your broker.
Start Free AssessmentGenerate the nine cybersecurity policies your insurance provider wants to see, customized to your organization, in under an hour. Built from NIST CSF 2.0, SANS, and ISACA frameworks and translated into plain English. A law firm paying a consultant to draft these policies would spend between $4,500 and $18,000. The Documentation Pack includes all nine.
FTC amended the Safeguards Rule in 2021. Portions became effective in January 2022, and the compliance deadline for certain updated requirements was extended to June 9, 2023. The Rule requires covered financial services firms to maintain a written information security program. FTC's maximum civil penalty amount for certain FTC Act violations is $53,088 per violation (2025 adjustment). Citation: https://www.ftc.gov/business-guidance/privacy-security/safeguards-rule
Browse PoliciesBuild a personalized incident response plan, test it with interactive tabletop exercises, and generate timestamped documentation your insurance carrier and legal team can use during a real incident.
Ransomware, business email compromise, and vendor incidents move fast. A plan that is written, tested, and accessible outside your normal network gives your team a decision path before stress takes over.
Build Your PlanBefore your office manager renews the company's Dropbox subscription or your bookkeeper signs up for a new payroll platform, check our vendor scorecard. We score ten of the most common small business tools on encryption, access controls, compliance certifications, breach history, and SMB fit. Dropbox has experienced three distinct security incidents since 2012. QuickBooks cannot enforce MFA across its user base. Now you can make informed decisions about the tools your business already uses.
View ScorecardsEvery major cybersecurity control explained in plain English. What it means, why insurance underwriters care about it, and how it applies specifically to your industry. Thirty controls mapped to NIST CSF 2.0 and CIS Controls v8, with industry-specific notes for healthcare, legal, financial services, and government contractors. No account required.
Browse ControlsMore tools are on the way.
For IT providers, insurance brokers, and advisors who run assessments on behalf of clients. Manage a client workspace per seat, track scores across your book, and produce branded reports under your firm name. Billed at $29 per client per month starting at 5 clients. Built for the agency who wants to deliver more value without building the infrastructure from scratch.
The Cyber Audit and Controls Library are free to use. No credit card. No sales call. Start there and upgrade when you are ready.