FFIEC CAT Peer Comparison Tool

About the Tool

Every Director and Corporate officer wants an answer to the basic question, How do we compare against our peers? as it relates to Cybersecurity challenges, solutions, and maturity. We implemented the FFIEC Cybersecurity Assessment Tool published in July 2015 into an Excel spreadsheet that has helped hundreds of organizations accelerate their assessments, quantify Inherent Risk and Cyber Maturity, and solidify cybersecurity improvement plans. Recognizing the lurking benchmark opportunity and possibilities of getting closwer to answering the How do we compare?, we've created an online FFIEC CAT Peer Comparison Tool that allows you to upload and compare your FFIEC Cybersecurity Assessment Tool Results.
How it Works
First and foremost, confidentiality of results was and remains a primary design objective. Following our Threat Modeling processes, we've designed a set of complimentary controls that protect the confidentiality of your results and provide anonymity. Yes, that is right, ANONYMITY! Our system only stores Inherent Risk Scores, Inherent Risk Values, and Cyber Maturity Values completely disregarding comments, narratives, or other components of the workbook and does not establish a link between results and the uploading user or organization.
Registration Process
The upload process does require user registration. The user registration from does collect contact and organization details. Following registration, the user is emailed a unique URL to generate their Upload Token. During the process, the user is requested to create an Upload Password and an Upload Token is randomly generated. Neither the Upload Token or Upload password are stored by our systems, ,rather the hashed representation of the Upload Password combined with the Upload Token is stored with no link or referenced established to the user.
Upload Process
The upload process requires the registered user to enter their Upload Token, Upload Password, and completed FFIEC CAT using our Workbook Template. Note, again there are no details linking the user or organization to the Upload Token or Upload Password. If the upload is authenticated, the Workbook is processed to identify the Risk Score, Inherent Risk Answers,and Cyber Maturity Answers. Narratives, comments, or other details are ignored and the workbook is destroyed immediately following processing.

Ready to begin? Register now!

Contact us for additional detail information regarding our security measures and to request any artifacts you may require for due diligence.