Frequently Asked Questions

Common questions about CyberCaution™, ransomware readiness assessments, threat context, and how we help organizations build readiness before an incident takes control.

CyberCaution™ offers four platform surfaces — Risk Review (free website tools), Assessment Hub (structured questionnaires), Intelligence (sector threat context), and the Risk Intelligence Workspace (program execution) — plus client-hosted deployment when data must stay in your environment.

What is CyberCaution™?

CyberCaution™ is a privacy-first ransomware readiness platform with four surfaces: Risk Review on the website for fast exposure signals; the Assessment Hub for structured sector and framework questionnaires; CyberCaution Intelligence for sector profiles and public security advisories; and the Risk Intelligence Workspace to import results, track remediation, and generate reports. Client-hosted deployment is available when data must stay in your environment. Unlike generic compliance checklists, CyberCaution™ focuses on ransomware-relevant conditions, operational readiness, and decision-grade outputs.

How does CyberCaution™ work?

CyberCaution™ follows a three-stage journey to threat readiness:

  1. 1. Discover Threat Exposure: Identify which threats and attack paths pose the greatest risk. Start with Risk Review on the website, then add sector and advisory context in CyberCaution Intelligence (profiles, actors, CISA KEV and NVD feeds).
  2. 2. Assess Readiness Gaps: Evaluate ransomware-relevant conditions across identity, access, backups, segmentation, monitoring, and response readiness. Run structured questionnaires in the Assessment Hub for NIST-aligned depth and scored gap analysis.
  3. 3. Close the Gaps: Implement prioritized controls, collect evidence of operational readiness, and generate executive-ready reports. Import Risk Review, Assessment Hub, and Intelligence outputs into the Workspace to sequence remediation, track progress, and maintain evidence over time.

Start with a free Risk Review, add context in Intelligence, run your industry assessment in the Assessment Hub, then use the Workspace when you need ongoing tracking and reporting.

Do I need to create an account?

No, you don't need to create an account. CyberCaution™ is designed with privacy-first principles, allowing you to start your assessment immediately without any registration. All data is stored locally in your browser and never leaves your device.

Is my data secure and private?

Yes, absolutely. CyberCaution™ is built with privacy-first architecture:

  • All processing happens locally in your browser by default
  • Your assessment data stays on your device unless you choose optional cloud sync (Workspace paid tiers)
  • Intelligence fetches public advisory feeds (cached locally); no mandatory central processing
  • You maintain complete control over your information

Under what conditions are the Workspace and website reviews offered?

The CyberCaution™ Risk Intelligence Workspace and website reviews are offered only under privacy-preserving conditions so that your data stays under your control by design:

  • Local-first by default: Assessment and workflow data stay on your device unless you explicitly opt in to sync or cloud.
  • Same-origin or client-hosted: When website reviews and the Workspace are used together, they can be deployed on a single origin or inside your environment so sensitive assessment data does not need to leave your control.
  • Optional sync only when you choose: Cloud or backend sync is opt-in; with client hosting or local-only, we do not access your assessment or workflow data.

What does the assessment cover?

The CyberCaution™ assessment evaluates ransomware-relevant conditions that influence exposure, blast radius, and recovery blockers:

  • Identity & Access Management: Authentication, authorization, and privilege management
  • Backup & Recovery: Data protection, backup strategies, and recovery capabilities
  • Network Segmentation: Isolation strategies and lateral movement prevention
  • Monitoring & Detection: Security monitoring, threat detection, and alerting
  • Incident Response: Response planning, procedures, and readiness
  • Threat Context: Risk Review for fast posture signals; CyberCaution Intelligence for sector profiles and public advisories; Workspace imports for tracked follow-through

Prioritization is based on risk reduction logic and real attack paths — not generic maturity scores or compliance checklists.

Is CyberCaution™ a vulnerability scanner?

No, CyberCaution™ is not a vulnerability scanner. It does not scan your systems or attempt to exploit vulnerabilities. Instead, it is a structured workflow that helps you evaluate ransomware-relevant conditions and understand how attackers would likely operate against your organization. CyberCaution™ focuses on exposure, blast radius, and recovery blockers rather than individual vulnerabilities.

How long does an assessment take?

The website reviews are intentionally fast. RansomScore can be completed in about a minute, while the broader risk posture review takes longer depending on the depth of input. Run your industry assessment in the Assessment Hub when you need NIST-aligned depth, scored findings, and remediation priorities.

What do I get from the assessment?

After completing your assessment, you receive:

  • Exposure Analysis: Detailed evaluation of your ransomware readiness — focused on blast radius, dwell time, and recovery impact
  • Threat Context: Risk Review for fast posture signals; CyberCaution Intelligence for sector profiles and public advisories; Workspace imports for tracked follow-through
  • Risk-Driven Remediation Roadmap: Prioritized controls organized by risk reduction logic, not generic maturity scores
  • Executive-Ready Reports: Clear outputs for leadership, boards, and insurers
  • Workspace continuity: Track remediation work, risk posture changes, and reporting over time inside the Risk Intelligence Workspace

Can I export my assessment results?

Website reviews are designed for fast diagnostic value. Full report output and structured export are part of the paid report or the Workspace experience, where reporting and continuity matter more.

What makes CyberCaution™ different from other security assessment tools?

CyberCaution™ is different in several key ways:

  • Privacy-First: All processing happens locally; your data never leaves your device
  • Ransomware-Focused: Specifically designed for ransomware readiness — evaluates exposure, blast radius, and recovery blockers
  • Threat-Informed: Uses Risk Review, CyberCaution Intelligence, and Assessment Hub findings to prioritize based on real attack paths, not generic scores
  • Threat-informed assessment model: Website reviews deliver fast visibility, while the Workspace supports deeper NIST-aligned assessment and reporting
  • Website reviews: Fast, free entry points for RansomScore, Risk Posture, and Threat Radar — designed to lead into your industry assessment
  • Risk Posture: Map sector, assets, and third parties in one posture view
  • No Account Required: Start immediately without registration or setup

Is there a cost to use CyberCaution™?

CyberCaution™ offers a free assessment tier — no credit card required. Start your ransomware readiness evaluation immediately at no cost. For organizations needing advanced capabilities, additional license tiers (Starter Kit, Risk Workspace, Workspace Pro, Enterprise) are available. Visit our pricing page for details.

What if I need help or have questions?

We're here to help! If you have questions about CyberCaution™, need assistance with your assessment, or want to learn more about how it can benefit your organization, please don't hesitate to reach out.

Understand your risk posture, before it's tested under pressure.

Build readiness now, before an incident takes control. Start with a free assessment or explore the Threat Radar.

Prefer to run locally? Risk Review or request client-hosted deployment.