Free Tool · 30-Item NIST CSF Aligned

Ransomware Readiness Score — Free 3-Minute Test

Thirty yes/no questions across the five NIST CSF functions — Identify, Protect, Detect, Respond, Recover. Get a 0-100 score, a recommendation tier and a written report by email.

Why this tool exists

Ransomware is the most common cause of materially business-impacting cyber incidents globally. The compressed timeline of a modern ransomware incident — from initial access to data exfiltration to encryption can be measured in days for human-operated ransomware and in hours for the most accelerated campaigns — means the difference between a recoverable incident and an existential one is determined almost entirely by the readiness posture in place before the attack starts.

This tool gives you a directional read on that readiness posture in three minutes. Thirty yes/no questions, mapped to the five NIST CSF functions, weighted to reflect ransomware-specific operational impact. The output is a 0-100 score, a recommendation tier, and a written report sent to your email.

This is a free educational tool. The output is not a substitute for a tabletop exercise or a formal ransomware readiness assessment. nCrypt delivers both in our own right.

Before you start

Thirty yes/no questions, three minutes. Aligned to NIST CSF — Identify, Protect, Detect, Respond, Recover. Weighted to reflect ransomware-specific operational impact.

This is a free educational tool. The output is not a substitute for a tabletop exercise or formal ransomware readiness assessment. nCrypt delivers both in our own right.

A short refresher on the NIST CSF five functions

The NIST Cybersecurity Framework structures cybersecurity capability into five operational functions, each answering a distinct question about your posture. Identify answers “what do we have, what matters, who owns it” — asset inventory, business-criticality, risk assessment, governance. Protect answers “how do we prevent the bad thing” — identity and access, awareness, data protection, baseline configuration, maintenance, protective technology. Detect answers “how do we know when something has gone wrong” — anomaly detection, continuous monitoring, detection processes.

Respond answers “what do we do once we know” — response planning, communications, analysis, mitigation, improvement. Recover answers “how do we get back to operations” — recovery planning, improvements, communications. For ransomware specifically, the Respond and Recover functions carry disproportionate weight — the Identify and Protect work is necessary but the Recover capability is what determines whether the business survives.

This tool weights the 30 questions across the five functions to reflect the ransomware-specific operational reality. Recover and Respond carry slightly higher weight than the upstream functions.

Frequently asked questions

How is the score calculated?

Each of the 30 questions is a yes/no covering a control or capability that materially affects ransomware outcomes. Yes scores points; no scores zero. The 30 questions are weighted slightly across the five NIST CSF functions to reflect operational impact — Recover and Respond carry slightly higher weight than Identify because in a live ransomware incident the recovery and response posture determines whether the business survives. Your raw score is normalised to a 0-100 scale and mapped to one of five recommendation tiers.

Why NIST CSF specifically?

The NIST Cybersecurity Framework is the most widely adopted control framework globally for ransomware preparedness. Its five-function structure (Identify, Protect, Detect, Respond, Recover) maps cleanly to the operational reality of a ransomware incident timeline. Insurance carriers, supply-chain partners and regulators across multiple jurisdictions increasingly use NIST CSF as the default common language. For Malaysian organisations the framework also dovetails neatly with PDPA breach-notification readiness and BNM RMiT cyber resilience expectations.

Is this a substitute for a real ransomware tabletop exercise?

No. The score is a 30-question directional self-assessment that gives you a fast read on capability across the five NIST CSF functions. A real ransomware tabletop exercise involves scenario-driven simulation with executive, technology, communications and legal participation, evidence-based examination of decision quality under time pressure, and identification of decision gaps that only emerge under stress. The score is the precondition; the tabletop is the actual rehearsal.

What does the recommendation tier report contain?

Your overall 0-100 score, your tier (Critical, High Risk, Improving, Resilient, Optimized), the per-function breakdown (Identify, Protect, Detect, Respond, Recover), the specific questions where you scored zero ranked by operational impact, and the typical remediation sequence to lift your score by 20 points. The report is generated from your answers and emailed to the address you provide.

Can you help if my score is in the Critical or High Risk tier?

Yes. nCrypt offers a ransomware readiness uplift programme that combines tabletop exercise, gap remediation, IR retainer activation and — for the most exposed customers — a 30-day rapid-uplift programme that focuses on the five highest-impact controls before any deeper work. We are happy to scope on a 30-minute call.

Want a real ransomware tabletop?

The tool above is the directional version. For a scenario-driven tabletop with executive participation and IR retainer activation, we are happy to scope on a 30-minute call.

Tabletop Exercise Service