Echo Hill Security

Small Business Cybersecurity & Security Awareness Assessment

15-minute self-assessment mapped to NIST, ISO 27001, SANS, ISACA, Microsoft Secure Score, and (ISC)² — auto-scored with a COSO-aligned maturity rating and a prioritized action plan.

🔒 TLS/HTTPS Secured⏱ ~15 minutes📄 PDF Report Included

Start your assessment → How it works

Mapped to: NIST CSF · ISO 27001 · SANS · ISACA · Microsoft Secure Score · (ISC)² · NY SHIELD · CPRA

1) Complete assessment

Answer Yes / Partially / No — plain language, ~15 minutes.

2) Auto-scored

Backend converts answers into COSO maturity (1–5) per domain.

3) Action plan PDF

Receive a branded report with prioritized 30/60/90-day steps.

Start Your Assessment

Privacy & data use

Having trouble viewing? Open in a new tab. Open form

Is this compliant with state data protection laws?

Yes. It aligns to recognized frameworks and the “reasonable security” standard. The PDF includes a compliance crosswalk for regulators and insurers.

How is my data used?

We use your responses solely to generate your report and recommended actions. Responses are deleted immediately after report delivery.

How quickly do I get the report?

Immediately if automated, or within one business day if human review is included.

Can you help implement fixes?

Yes — from MFA rollouts to policy creation and phishing training. Ask about our Basic/Pro/Elite plans.

Privacy & Data Use

Echo Hill Security collects only the information necessary to assess your cybersecurity posture and generate your report. We do not sell your data. Your detailed responses are deleted immediately after report delivery. You may request deletion by emailing [email protected].

Quarterly check-ups recommended

See your improvement over time

Retake the assessment every 90 days to track COSO maturity and close gaps faster.

Retake now Share link