{"id":6173,"date":"2025-01-24T20:21:45","date_gmt":"2025-01-24T20:21:45","guid":{"rendered":"https:\/\/cyberassurancenow.com\/?page_id=6173"},"modified":"2026-06-11T12:31:34","modified_gmt":"2026-06-11T17:31:34","slug":"virtual-ciso","status":"publish","type":"page","link":"https:\/\/cyberassurancenow.com\/index.php\/virtual-ciso\/","title":{"rendered":"Virtual CISO"},"content":{"rendered":"\n<div style=\"height:100px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-constrained wp-block-group-is-layout-constrained\">\n<p class=\"wp-block-paragraph\">A virtual CISO is an experienced cybersecurity executive who serves your organization on a part-time or retainer basis,&nbsp;providing&nbsp;the strategic&nbsp;leadership, program oversight, and regulatory guidance of a full-time CISO without the overhead of a permanent hire.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">CyberAssurance&#8217;s&nbsp;vCISO&nbsp;services are built specifically for financial institutions and highly regulated organizations&nbsp;that need experienced security leadership they can count on.&nbsp;<\/p>\n\n\n\n<div class=\"wp-block-buttons is-layout-flex wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button\" style=\"margin-top: 30px; margin-bottom: 30px;\"><a class=\"wp-block-button__link wp-element-button\">Request a consultation<\/a><\/div>\n<\/div>\n<\/div><\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" style=\"margin-top: 30px; margin-bottom: 30px;\"\/>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-8f761849 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-vertically-aligned-center is-layout-flow wp-block-column-is-layout-flow\">\n<h2 class=\"wp-block-heading\">Is Your Security Program Built to Hold Up?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Most organizations start looking for a&nbsp;vCISO&nbsp;after something surfaces a gap: an&nbsp;examiner&nbsp;finding, a failed audit, or the recognition that no one internally truly owns the security program.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">CyberAssurance&nbsp;was built for exactly that moment. We bring experienced security leadership, proactive program management, and the regulatory depth that highly regulated organizations need.<strong>&nbsp;<\/strong><\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<figure class=\"wp-block-image size-large is-style-rounded\"><img fetchpriority=\"high\" decoding=\"async\" width=\"1024\" height=\"681\" src=\"https:\/\/cyberassurancenow.com\/wp-content\/uploads\/2026\/04\/it-team-1024x681.jpg\" alt=\"it team\" class=\"wp-image-6751\" srcset=\"https:\/\/cyberassurancenow.com\/wp-content\/uploads\/2026\/04\/it-team-1024x681.jpg 1024w, https:\/\/cyberassurancenow.com\/wp-content\/uploads\/2026\/04\/it-team-300x200.jpg 300w, https:\/\/cyberassurancenow.com\/wp-content\/uploads\/2026\/04\/it-team-768x511.jpg 768w, https:\/\/cyberassurancenow.com\/wp-content\/uploads\/2026\/04\/it-team.jpg 1222w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n<\/div>\n<\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" style=\"margin-top: 30px; margin-bottom: 30px;\"\/>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-8f761849 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<h2 class=\"wp-block-heading\">What We Do as Your vCISO Partner<\/h2>\n\n\n\n<style>\n.ca-table{width:100%;border-collapse:collapse}\n.ca-row{border-bottom:0.5px solid rgba(10,100,180,0.15)}\n.ca-row:first-child{border-top:0.5px solid rgba(10,100,180,0.15)}\n.ca-name{padding:14px 20px 14px 0;vertical-align:middle;width:220px;min-width:180px}\n.ca-name-inner{display:flex;align-items:center;gap:10px}\n.ca-icon{flex-shrink:0;width:34px;height:34px;border-radius:7px;background:#e8f3fb;display:flex;align-items:center;justify-content:center}\n.ca-icon i{font-size:18px;color:#0a7dc2}\n.ca-label{font-weight:500;font-size:14px;color:#1b2b4b}\n.ca-desc{padding:14px 0 14px 24px;font-size:13px;color:#4a5e72;line-height:1.5;border-left:0.5px solid rgba(10,100,180,0.15);max-width:0;overflow-wrap:break-word;}\n@media(max-width:600px){\n  .ca-table,.ca-table tbody,.ca-row,.ca-name,.ca-desc{display:block;width:100%;box-sizing:border-box;}\n  .ca-name{padding:14px 0 4px 0;width:100%;min-width:unset;}\n  .ca-desc{padding:0 0 14px 44px;border-left:none;max-width:100%;text-align:left !important;overflow-wrap:break-word;word-break:break-word;white-space:normal;}\n}\n<\/style>\n<link rel=\"stylesheet\" href=\"https:\/\/cdn.jsdelivr.net\/npm\/@tabler\/icons-webfont@latest\/tabler-icons.min.css\">\n<table class=\"ca-table\">\n  <tbody>\n    <tr class=\"ca-row\">\n      <td class=\"ca-name\">\n        <div class=\"ca-name-inner\">\n          <div class=\"ca-icon\"><i class=\"ti ti-compass\"><\/i><\/div>\n          <span class=\"ca-label\">Strategic Leadership<\/span>\n        <\/div>\n      <\/td>\n      <td class=\"ca-desc\">Cybersecurity strategy, priorities, and executive briefings<\/td>\n    <\/tr>\n    <tr class=\"ca-row\">\n      <td class=\"ca-name\">\n        <div class=\"ca-name-inner\">\n          <div class=\"ca-icon\"><i class=\"ti ti-shield-check\"><\/i><\/div>\n          <span class=\"ca-label\">Annual Security Program<\/span>\n        <\/div>\n      <\/td>\n      <td class=\"ca-desc\">Build and manage a documented, living information security program<\/td>\n    <\/tr>\n    <tr class=\"ca-row\">\n      <td class=\"ca-name\">\n        <div class=\"ca-name-inner\">\n          <div class=\"ca-icon\"><i class=\"ti ti-chart-bar\"><\/i><\/div>\n          <span class=\"ca-label\">Information Security Scorecard<\/span>\n        <\/div>\n      <\/td>\n      <td class=\"ca-desc\">Track program performance with clear, actionable metrics<\/td>\n    <\/tr>\n    <tr class=\"ca-row\">\n      <td class=\"ca-name\">\n        <div class=\"ca-name-inner\">\n          <div class=\"ca-icon\"><i class=\"ti ti-list-check\"><\/i><\/div>\n          <span class=\"ca-label\">Risk and Compliance Oversight<\/span>\n        <\/div>\n      <\/td>\n      <td class=\"ca-desc\">Control assessments aligned to NIST, CIS, FFIEC, and other frameworks<\/td>\n    <\/tr>\n    <tr class=\"ca-row\">\n      <td class=\"ca-name\">\n        <div class=\"ca-name-inner\">\n          <div class=\"ca-icon\"><i class=\"ti ti-presentation\"><\/i><\/div>\n          <span class=\"ca-label\">Board and Executive Reporting<\/span>\n        <\/div>\n      <\/td>\n      <td class=\"ca-desc\">Technical findings translated into plain language for leadership<\/td>\n    <\/tr>\n    <tr class=\"ca-row\">\n      <td class=\"ca-name\">\n        <div class=\"ca-name-inner\">\n          <div class=\"ca-icon\"><i class=\"ti ti-clipboard-check\"><\/i><\/div>\n          <span class=\"ca-label\">Exam and Audit Preparation<\/span>\n        <\/div>\n      <\/td>\n      <td class=\"ca-desc\">End-to-end support from documentation through examiner interface<\/td>\n    <\/tr>\n    <tr class=\"ca-row\">\n      <td class=\"ca-name\">\n        <div class=\"ca-name-inner\">\n          <div class=\"ca-icon\"><i class=\"ti ti-building-store\"><\/i><\/div>\n          <span class=\"ca-label\">Vendor Risk Management<\/span>\n        <\/div>\n      <\/td>\n      <td class=\"ca-desc\">Third-party and supply chain risk oversight, fully integrated<\/td>\n    <\/tr>\n    <tr class=\"ca-row\">\n      <td class=\"ca-name\">\n        <div class=\"ca-name-inner\">\n          <div class=\"ca-icon\"><i class=\"ti ti-first-aid-kit\"><\/i><\/div>\n          <span class=\"ca-label\">Incident Response and Continuity<\/span>\n        <\/div>\n      <\/td>\n      <td class=\"ca-desc\">IR planning, tabletop exercises, and breach readiness<\/td>\n    <\/tr>\n  <\/tbody>\n<\/table>\n<\/div>\n<\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" style=\"margin-top: 30px; margin-bottom: 30px;\"\/>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-8f761849 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<h2 class=\"wp-block-heading\">Built for Regulated Organizations<\/h2>\n\n\n\n<style>\n.ca-audience{background:#f0f6fb;border-radius:12px;padding:28px;margin:1rem 0}\n.ca-audience-grid{display:grid;grid-template-columns:repeat(2,1fr);gap:12px}\n.ca-card{background:#fff;border:0.5px solid rgba(10,100,180,0.18);border-radius:10px;padding:18px 20px;transition:transform 0.2s ease,box-shadow 0.2s ease}\n.ca-card:hover{transform:scale(1.03);box-shadow:0 6px 20px rgba(10,100,180,0.12)}\n.ca-card-label{font-weight:500;font-size:14px;color:#1b2b4b;margin:0 0 6px;display:flex;align-items:center;gap:8px}\n.ca-card-label i{font-size:18px;color:#0a7dc2}\n.ca-card-desc{font-size:13px;color:#4a5e72;line-height:1.5;margin:0}\n@media(max-width:480px){.ca-audience-grid{grid-template-columns:1fr}}\n<\/style>\n\n<link rel=\"stylesheet\" href=\"https:\/\/cdn.jsdelivr.net\/npm\/@tabler\/icons-webfont@latest\/tabler-icons.min.css\">\n\n<div class=\"ca-audience\">\n  <div class=\"ca-audience-grid\">\n\n    <div class=\"ca-card\">\n      <p class=\"ca-card-label\"><i class=\"ti ti-building-bank\"><\/i>Financial Institutions<\/p>\n      <p class=\"ca-card-desc\">Financial institutions navigating FFIEC, FDIC, and NCUA expectations<\/p>\n    <\/div>\n\n    <div class=\"ca-card\">\n      <p class=\"ca-card-label\"><i class=\"ti ti-heart-rate-monitor\"><\/i>Healthcare Organizations<\/p>\n      <p class=\"ca-card-desc\">Healthcare organizations managing HIPAA obligations and program maturity<\/p>\n    <\/div>\n\n    <div class=\"ca-card\">\n      <p class=\"ca-card-label\"><i class=\"ti ti-trending-up\"><\/i>Growing Businesses<\/p>\n      <p class=\"ca-card-desc\">Growing organizations that have outpaced their internal security capabilities<\/p>\n    <\/div>\n\n    <div class=\"ca-card\">\n      <p class=\"ca-card-label\"><i class=\"ti ti-rotate-clockwise\"><\/i>Post-Exam Recovery<\/p>\n      <p class=\"ca-card-desc\">Organizations with recent exam or audit findings that need program ownership, not just remediation<\/p>\n    <\/div>\n\n  <\/div>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" style=\"margin-top: 30px; margin-bottom: 30px;\"\/>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-8f761849 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<h2 class=\"wp-block-heading\">Introducing the Enhanced CISO Program<\/h2>\n\n\n\n<style>\n.ca-section{margin:1rem 0}\n.ca-thesis{display:grid;grid-template-columns:1fr 1fr;gap:24px;align-items:center;background:#fff;border:0.5px solid rgba(10,100,180,0.18);border-radius:12px;padding:28px}\n.ca-thesis-copy p.ca-eyebrow{font-size:11px;font-weight:500;color:#0a7dc2;text-transform:uppercase;letter-spacing:0.08em;margin:0 0 10px}\n.ca-thesis-copy p.ca-body{font-size:13px;color:#4a5e72;line-height:1.65;margin:0}\n.ca-thesis-visual{background:#f0f6fb;border-radius:8px;border:0.5px solid rgba(10,100,180,0.15);display:flex;flex-direction:column;align-items:center;justify-content:center;padding:24px;gap:10px;min-height:140px}\n.ca-lockup{display:flex;align-items:center;gap:12px;flex-wrap:nowrap;justify-content:center}\n.ca-logo{max-width:200px;width:100%;height:auto;display:block}\n.ca-logo-sm{max-width:115px;width:100%;height:auto;display:block}\n.ca-x{font-size:14px;color:#a0b4c4;font-weight:400}\n.ca-lockup-name{font-size:18px;font-weight:500;color:#1b2b4b;letter-spacing:-0.01em}\n.ca-lockup-sub{font-size:11px;color:#6a8aa0;text-align:center;margin:0}\n.ca-divider{height:0.5px;background:rgba(10,100,180,0.12);margin:16px 0}\n.ca-diff-bar{display:grid;grid-template-columns:repeat(4,1fr);gap:12px;margin-top:12px}\n.ca-diff-item{background:#f0f6fb;border-radius:10px;padding:16px;text-align:center}\n.ca-diff-item i{font-size:22px;color:#0a7dc2;display:block;margin-bottom:8px}\n.ca-diff-label{font-size:13px;font-weight:500;color:#1b2b4b;margin:0 0 4px}\n.ca-diff-desc{font-size:12px;color:#4a5e72;line-height:1.4;margin:0}\n.ca-downloads{display:flex;gap:12px;margin-top:16px;flex-wrap:wrap}\n.ca-dl-btn{font-size:13px;color:#0a7dc2;border:0.5px solid rgba(10,100,180,0.35);border-radius:6px;padding:7px 14px;text-decoration:none;display:inline-flex;align-items:center;gap:6px;transition:background 0.15s ease,border-color 0.15s ease}\n.ca-dl-btn:hover{background:#e8f3fb;border-color:rgba(10,100,180,0.5)}\n.ca-dl-btn i{font-size:15px}\n@media(max-width:560px){.ca-thesis{grid-template-columns:1fr}.ca-diff-bar{grid-template-columns:repeat(2,1fr)}}\n<\/style>\n \n<link rel=\"stylesheet\" href=\"https:\/\/cdn.jsdelivr.net\/npm\/@tabler\/icons-webfont@latest\/tabler-icons.min.css\">\n \n<div class=\"ca-section\">\n \n  <div class=\"ca-thesis\">\n    <div class=\"ca-thesis-copy\">\n      <p class=\"ca-eyebrow\">Enhanced CISO Program<\/p>\n      <p class=\"ca-body\">CyberAssurance&#8217;s Enhanced CISO Program goes beyond traditional vCISO services by combining senior cybersecurity leadership with the power of <a href=\"https:\/\/www.rivialsecurity.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">Rivial&#8217;s enterprise GRC platform<\/a> \u2014 purpose-built for financial institutions and designed to deliver measurable results, not just advice.<\/p>\n    <\/div>\n    <div class=\"ca-thesis-visual\">\n      <div class=\"ca-lockup\">\n        <a href=\"https:\/\/cyberassurancenow.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">\n          <img decoding=\"async\" src=\"https:\/\/cyberassurancenow.com\/wp-content\/uploads\/2026\/05\/CyberAssurance_logo_color_2400.png\" alt=\"CyberAssurance\" class=\"ca-logo\">\n        <\/a>\n        <span class=\"ca-x\">\u00d7<\/span>\n        <a href=\"https:\/\/www.rivialsecurity.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">\n          <img decoding=\"async\" src=\"https:\/\/cyberassurancenow.com\/wp-content\/uploads\/2026\/05\/0ea577ba-c965-4087-bded-448d9469046a.png\" alt=\"Rivial\" class=\"ca-logo-sm\">\n        <\/a>\n      <\/div>\n      <p class=\"ca-lockup-sub\">Enterprise GRC Platform \u00b7 Built for Financial Institutions<\/p>\n    <\/div>\n  <\/div>\n \n  <div class=\"ca-divider\"><\/div>\n \n  <div class=\"ca-diff-bar\">\n \n    <div class=\"ca-diff-item\">\n      <i class=\"ti ti-award\" aria-hidden=\"true\"><\/i>\n      <p class=\"ca-diff-label\">Experienced Team<\/p>\n      <p class=\"ca-diff-desc\">Senior advisors with 15+ years in FI cybersecurity, CISSP, CISA, CISM, and CRISC certified<\/p>\n    <\/div>\n \n    <div class=\"ca-diff-item\">\n      <i class=\"ti ti-radar\" aria-hidden=\"true\"><\/i>\n      <p class=\"ca-diff-label\">Proactive by Design<\/p>\n      <p class=\"ca-diff-desc\">Continuous program monitoring with risks surfaced before they become findings<\/p>\n    <\/div>\n \n    <div class=\"ca-diff-item\">\n      <i class=\"ti ti-users\" aria-hidden=\"true\"><\/i>\n      <p class=\"ca-diff-label\">Embedded Partnership<\/p>\n      <p class=\"ca-diff-desc\">Active integration with your IT, audit, and risk teams, with shared ownership of outcomes<\/p>\n    <\/div>\n \n    <div class=\"ca-diff-item\">\n      <i class=\"ti ti-layout-dashboard\" aria-hidden=\"true\"><\/i>\n      <p class=\"ca-diff-label\">Powered by Rivial<\/p>\n      <p class=\"ca-diff-desc\">Live dashboards, automated compliance tracking, and board-ready reporting built in<\/p>\n    <\/div>\n \n  <\/div>\n \n<\/div>\n<\/div>\n<\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" style=\"margin-top: 30px; margin-bottom: 30px;\"\/>\n\n\n\n<!-- Information Security Scorecard Widget -->\n<link href=\"https:\/\/fonts.googleapis.com\/css2?family=Raleway:wght@400;700&#038;display=swap\" rel=\"stylesheet\">\n\n<div class=\"security-scorecard-widget\">\n  <style>\n    .security-scorecard-widget {\n      font-family: 'Raleway', system-ui, -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;\n      display: flex;\n      justify-content: center;\n      padding: 40px 15px;\n      box-sizing: border-box;\n    }\n\n    .security-scorecard-widget * {\n      box-sizing: border-box;\n    }\n\n    .security-scorecard-widget .ss-card {\n      width: 100%;\n      max-width: 750px;\n      background: #ffffff;\n      border-radius: 16px;\n      box-shadow: 0 14px 35px rgba(15, 23, 42, 0.12);\n      padding: 28px 24px 24px;\n      position: relative;\n      overflow: hidden;\n    }\n\n    @media (min-width: 768px) {\n      .security-scorecard-widget .ss-card {\n        padding: 32px 36px 32px;\n      }\n    }\n\n    .security-scorecard-widget .ss-progress {\n      width: 100%;\n      height: 8px;\n      background: #e5e7eb;\n      border-radius: 999px;\n      overflow: hidden;\n      margin-bottom: 24px;\n    }\n\n    .security-scorecard-widget .ss-progress-bar {\n      height: 100%;\n      width: 0%;\n      background: #1289d5;\n      border-radius: 999px;\n      transition: width 0.35s ease;\n    }\n\n    .security-scorecard-widget .ss-step {\n      display: none;\n      animation: ss-fade-in 0.25s ease;\n    }\n\n    .security-scorecard-widget .ss-step.ss-step-active {\n      display: block;\n    }\n\n    @keyframes ss-fade-in {\n      from { opacity: 0; transform: translateY(4px); }\n      to { opacity: 1; transform: translateY(0); }\n    }\n\n    .security-scorecard-widget .ss-heading {\n      font-weight: 700;\n      font-size: 1.35rem;\n      line-height: 1.3;\n      color: #0f172a;\n      margin-bottom: 8px;\n    }\n\n    @media (min-width: 768px) {\n      .security-scorecard-widget .ss-heading {\n        font-size: 1.6rem;\n      }\n    }\n\n    .security-scorecard-widget .ss-body-text {\n      font-weight: 400;\n      font-size: 0.98rem;\n      line-height: 1.5;\n      color: #4b5563;\n      margin-bottom: 20px;\n    }\n\n    .security-scorecard-widget .ss-intro-footer {\n      display: flex;\n      justify-content: flex-start;\n      margin-top: 16px;\n    }\n\n    .security-scorecard-widget .ss-btn {\n      display: inline-flex;\n      align-items: center;\n      justify-content: center;\n      border-radius: 999px;\n      border: none;\n      cursor: pointer;\n      padding: 10px 22px;\n      font-size: 0.95rem;\n      font-weight: 700;\n      font-family: 'Raleway', system-ui, -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;\n      transition: background-color 0.18s ease, color 0.18s ease, box-shadow 0.18s ease, transform 0.05s ease;\n      white-space: nowrap;\n    }\n\n    .security-scorecard-widget .ss-btn-primary {\n      background-color: #1289d5;\n      color: #ffffff;\n      box-shadow: 0 8px 18px rgba(18, 137, 213, 0.35);\n    }\n\n    .security-scorecard-widget .ss-btn-primary:hover:not(:disabled) {\n      background-color: #0f74b5;\n      box-shadow: 0 10px 22px rgba(18, 137, 213, 0.45);\n      transform: translateY(-1px);\n    }\n\n    .security-scorecard-widget .ss-btn-primary:disabled {\n      background-color: #93c5fd;\n      box-shadow: none;\n      cursor: not-allowed;\n    }\n\n    .security-scorecard-widget .ss-btn-secondary {\n      background-color: #f3f4f6;\n      color: #111827;\n      border: 1px solid #e5e7eb;\n      box-shadow: none;\n    }\n\n    .security-scorecard-widget .ss-btn-secondary:hover {\n      background-color: #e5e7eb;\n    }\n\n    .security-scorecard-widget .ss-nav {\n      display: flex;\n      justify-content: space-between;\n      align-items: center;\n      gap: 10px;\n      margin-top: 22px;\n    }\n\n    .security-scorecard-widget .ss-nav-right {\n      display: flex;\n      gap: 10px;\n      margin-left: auto;\n    }\n\n    .security-scorecard-widget .ss-kpi-label {\n      font-size: 0.78rem;\n      font-weight: 700;\n      letter-spacing: 0.08em;\n      text-transform: uppercase;\n      color: #6b7280;\n      margin-bottom: 6px;\n    }\n\n    .security-scorecard-widget .ss-question-meta {\n      display: flex;\n      justify-content: space-between;\n      align-items: baseline;\n      margin-bottom: 4px;\n    }\n\n    .security-scorecard-widget .ss-question-count {\n      font-size: 0.85rem;\n      font-weight: 700;\n      color: #6b7280;\n      display: none;\n    }\n\n    .security-scorecard-widget .ss-question-title {\n      font-weight: 700;\n      font-size: 1.1rem;\n      line-height: 1.35;\n      color: #111827;\n      margin-bottom: 14px;\n    }\n\n    @media (min-width: 768px) {\n      .security-scorecard-widget .ss-question-title {\n        font-size: 1.2rem;\n      }\n    }\n\n    .security-scorecard-widget .ss-answers {\n      display: grid;\n      grid-template-columns: 1fr;\n      gap: 10px;\n    }\n\n    @media (min-width: 640px) {\n      .security-scorecard-widget .ss-answers {\n        gap: 12px;\n      }\n    }\n\n    .security-scorecard-widget .ss-answer-option {\n      width: 100%;\n      text-align: left;\n      border-radius: 10px;\n      border: 1px solid #e5e7eb;\n      padding: 11px 13px;\n      background-color: #ffffff;\n      cursor: pointer;\n      font-size: 0.95rem;\n      font-weight: 400;\n      color: #111827;\n      display: flex;\n      align-items: center;\n      gap: 10px;\n      transition: border-color 0.12s ease, background-color 0.12s ease, box-shadow 0.12s ease, transform 0.04s ease;\n    }\n\n    .security-scorecard-widget .ss-answer-option:hover {\n      border-color: #93c5fd;\n      background-color: #f9fafb;\n    }\n\n    .security-scorecard-widget .ss-answer-option.ss-selected {\n      border-color: #1289d5;\n      background-color: #eff6ff;\n      box-shadow: 0 0 0 1px #1289d5;\n    }\n\n    .security-scorecard-widget .ss-answer-bullet {\n      width: 18px;\n      height: 18px;\n      border-radius: 999px;\n      border: 2px solid #cbd5f5;\n      flex-shrink: 0;\n      position: relative;\n    }\n\n    .security-scorecard-widget .ss-answer-option.ss-selected .ss-answer-bullet {\n      border-color: #1289d5;\n    }\n\n    .security-scorecard-widget .ss-answer-bullet-inner {\n      position: absolute;\n      inset: 3px;\n      border-radius: 999px;\n      background-color: #1289d5;\n      opacity: 0;\n      transform: scale(0.6);\n      transition: opacity 0.12s ease, transform 0.12s ease;\n    }\n\n    .security-scorecard-widget .ss-answer-option.ss-selected .ss-answer-bullet-inner {\n      opacity: 1;\n      transform: scale(1);\n    }\n\n    .security-scorecard-widget .ss-answer-label {\n      flex: 1;\n      word-break: break-word;\n    }\n\n    .security-scorecard-widget .ss-email-group {\n      margin-top: 10px;\n      margin-bottom: 8px;\n    }\n\n    .security-scorecard-widget .ss-label {\n      display: block;\n      margin-bottom: 6px;\n      font-weight: 700;\n      font-size: 0.9rem;\n      color: #111827;\n    }\n\n    .security-scorecard-widget .ss-input {\n      width: 100%;\n      border-radius: 10px;\n      border: 1px solid #d1d5db;\n      padding: 10px 12px;\n      font-size: 0.95rem;\n      font-family: inherit;\n      outline: none;\n      transition: border-color 0.14s ease, box-shadow 0.14s ease, background-color 0.14s ease;\n    }\n\n    .security-scorecard-widget .ss-input:focus {\n      border-color: #1289d5;\n      box-shadow: 0 0 0 1px #1289d522;\n      background-color: #f9fafb;\n    }\n\n    .security-scorecard-widget .ss-input-error {\n      border-color: #b91c1c;\n      box-shadow: 0 0 0 1px #b91c1c22;\n    }\n\n    .security-scorecard-widget .ss-error-text {\n      margin-top: 4px;\n      font-size: 0.8rem;\n      color: #b91c1c;\n      min-height: 1.1em;\n    }\n\n    .security-scorecard-widget .ss-note {\n      font-size: 0.8rem;\n      color: #6b7280;\n      margin-top: 6px;\n    }\n\n    .security-scorecard-widget .ss-results-grade {\n      font-weight: 700;\n      font-size: 3rem;\n      line-height: 1;\n      color: #1289d5;\n      margin-bottom: 6px;\n    }\n\n    @media (min-width: 768px) {\n      .security-scorecard-widget .ss-results-grade {\n        font-size: 3.4rem;\n      }\n    }\n\n    .security-scorecard-widget .ss-results-subheading {\n      font-weight: 700;\n      font-size: 1.05rem;\n      color: #111827;\n      margin-bottom: 8px;\n    }\n\n    .security-scorecard-widget .ss-list {\n      margin: 8px 0 0;\n      padding-left: 18px;\n      font-size: 0.94rem;\n      color: #111827;\n    }\n\n    .security-scorecard-widget .ss-list li {\n      margin-bottom: 4px;\n    }\n\n    .security-scorecard-widget .ss-list-empty {\n      margin-top: 6px;\n      font-size: 0.94rem;\n      color: #15803d;\n      font-weight: 700;\n    }\n\n    .security-scorecard-widget .ss-cta-box {\n      margin-top: 18px;\n      padding: 14px 14px 14px;\n      border-radius: 12px;\n      background: #eff6ff;\n      border: 1px solid #bfdbfe;\n    }\n\n    .security-scorecard-widget .ss-cta-text {\n      font-size: 0.95rem;\n      color: #1f2937;\n      margin-bottom: 10px;\n      font-weight: 400;\n    }\n\n    .security-scorecard-widget .ss-cta-btn-wrapper {\n      display: flex;\n      flex-wrap: wrap;\n      gap: 8px;\n      justify-content: center;\n    }\n\n    .security-scorecard-widget .ss-cta-link {\n      text-decoration: none;\n    }\n\n    .security-scorecard-widget .ss-cta-btn {\n      white-space: normal;\n      text-align: center;\n      line-height: 1.3;\n      max-width: 320px;\n      min-height: 3.2em;\n      padding: 12px 20px;\n    }\n\n    .security-scorecard-widget .ss-small-muted {\n      font-size: 0.8rem;\n      color: #6b7280;\n      margin-top: 6px;\n    }\n\n    .security-scorecard-widget .ss-sending {\n      font-size: 0.8rem;\n      color: #6b7280;\n      margin-left: 10px;\n    }\n\n    .security-scorecard-widget .ss-hidden {\n      display: none !important;\n    }\n\n    .security-scorecard-widget .ss-download-row {\n      margin-top: 16px;\n      margin-bottom: 8px;\n    }\n\n    .security-scorecard-widget .ss-btn-outline {\n      background: transparent;\n      color: #1289d5;\n      border: 2px solid #1289d5;\n      box-shadow: none;\n    }\n\n    .security-scorecard-widget .ss-btn-outline:hover {\n      background: #eff6ff;\n    }\n\n    @media print {\n      body * { visibility: hidden; }\n      .security-scorecard-widget,\n      .security-scorecard-widget .ss-card,\n      .security-scorecard-widget .ss-card * { visibility: visible; }\n      .security-scorecard-widget {\n        position: absolute;\n        left: 0;\n        top: 0;\n        width: 100%;\n        padding: 0;\n        background: #fff;\n      }\n      .security-scorecard-widget .ss-card {\n        position: static;\n        max-width: none;\n        box-shadow: none;\n        padding: 24px;\n      }\n      .security-scorecard-widget .ss-step:not(.ss-step-results) { display: none !important; }\n      .security-scorecard-widget .ss-progress,\n      .security-scorecard-widget .ss-cta-box,\n      .security-scorecard-widget .ss-download-row,\n      .security-scorecard-widget .ss-btn { display: none !important; }\n    }\n  <\/style>\n\n  <div class=\"ss-card\">\n    <div class=\"ss-progress\">\n      <div class=\"ss-progress-bar\"><\/div>\n    <\/div>\n\n    <!-- Intro Screen -->\n    <div class=\"ss-step ss-step-intro ss-step-active\">\n      <div class=\"ss-heading\">Information Security Scorecard<\/div>\n      <div class=\"ss-body-text\">\n        This assessment evaluates your institution&#8217;s overall Information Security Program across 8 Key Performance Indicators. Answer each question to receive your resilience grade.\n      <\/div>\n      <div class=\"ss-intro-footer\">\n        <button type=\"button\" class=\"ss-btn ss-btn-primary ss-start-btn\">\n          Start Assessment\n        <\/button>\n      <\/div>\n    <\/div>\n\n    <!-- Question Screen -->\n    <div class=\"ss-step ss-step-question\">\n      <div class=\"ss-question-meta\">\n        <div class=\"ss-kpi-label\"><\/div>\n        <div class=\"ss-question-count\"><\/div>\n      <\/div>\n      <div class=\"ss-question-title\"><\/div>\n      <div class=\"ss-answers\"><\/div>\n\n      <div class=\"ss-nav\">\n        <button type=\"button\" class=\"ss-btn ss-btn-secondary ss-btn-back\">Back<\/button>\n        <div class=\"ss-nav-right\">\n          <button type=\"button\" class=\"ss-btn ss-btn-primary ss-btn-next\" disabled>Next<\/button>\n        <\/div>\n      <\/div>\n    <\/div>\n\n    <!-- Email Capture Screen -->\n    <div class=\"ss-step ss-step-email\">\n      <div class=\"ss-heading\">Almost There!<\/div>\n      <div class=\"ss-body-text\">\n        Enter your email below to reveal your final cybersecurity resilience grade.\n      <\/div>\n\n      <div class=\"ss-email-group\">\n        <label class=\"ss-label\" for=\"ss-email-input\">Business Email Address<\/label>\n        <input id=\"ss-email-input\" type=\"email\" class=\"ss-input ss-email-input\" placeholder=\"you@example.com\" required>\n        <div class=\"ss-error-text ss-email-error\"><\/div>\n        <div class=\"ss-note\">\n          Your results will appear instantly on this page. A copy will also be sent to our team so we can better understand your security posture.\n        <\/div>\n      <\/div>\n\n      <div class=\"ss-nav\">\n        <button type=\"button\" class=\"ss-btn ss-btn-secondary ss-email-back\">Back<\/button>\n        <div class=\"ss-nav-right\">\n          <button type=\"button\" class=\"ss-btn ss-btn-primary ss-email-submit\">Get My Score<\/button>\n          <span class=\"ss-sending ss-hidden\">Sending&#8230;<\/span>\n        <\/div>\n      <\/div>\n    <\/div>\n\n    <!-- Results Screen -->\n    <div class=\"ss-step ss-step-results\">\n      <div class=\"ss-results-grade\"><\/div>\n      <div class=\"ss-heading ss-results-heading\"><\/div>\n      <div class=\"ss-body-text ss-results-body\"><\/div>\n\n      <div class=\"ss-results-subheading\">\n        Areas with opportunity to strengthen:\n      <\/div>\n      <ul class=\"ss-list ss-improvement-list\"><\/ul>\n      <div class=\"ss-list-empty ss-hidden\">\n        Excellent work \u2014 all KPI categories are currently at a B or better.\n      <\/div>\n\n      <div class=\"ss-download-row\">\n        <button type=\"button\" class=\"ss-btn ss-btn-outline ss-download-pdf-btn\">\n          Download your results as PDF\n        <\/button>\n      <\/div>\n\n      <div class=\"ss-cta-box\">\n        <div class=\"ss-cta-text\">\n          Ready to turn these gaps into strengths before your next exam?\n        <\/div>\n        <div class=\"ss-cta-btn-wrapper\">\n          <a class=\"ss-cta-link\" href=\"https:\/\/cal.com\/team\/cyberassurancenow\/scorecard-review\" target=\"_blank\" rel=\"noopener\">\n            <button type=\"button\" class=\"ss-btn ss-btn-primary ss-cta-btn\">\n              Review Your Gaps with a Senior Expert\n            <\/button>\n          <\/a>\n        <\/div>\n        <div class=\"ss-small-muted\">\n          You&#8217;ll be able to review these results during your roadmap session.\n        <\/div>\n      <\/div>\n    <\/div>\n  <\/div>\n<\/div>\n\n<script>\n  document.addEventListener('DOMContentLoaded', function () {\n    (function () {\n      var widget = document.querySelector('.security-scorecard-widget');\n      if (!widget) return;\n\n      var card = widget.querySelector('.ss-card');\n      var progressBar = widget.querySelector('.ss-progress-bar');\n\n      var introStep = widget.querySelector('.ss-step-intro');\n      var questionStep = widget.querySelector('.ss-step-question');\n      var emailStep = widget.querySelector('.ss-step-email');\n      var resultsStep = widget.querySelector('.ss-step-results');\n\n      var startBtn = widget.querySelector('.ss-start-btn');\n      var backBtn = widget.querySelector('.ss-btn-back');\n      var nextBtn = widget.querySelector('.ss-btn-next');\n\n      var emailBackBtn = widget.querySelector('.ss-email-back');\n      var emailSubmitBtn = widget.querySelector('.ss-email-submit');\n      var emailInput = widget.querySelector('.ss-email-input');\n      var emailError = widget.querySelector('.ss-email-error');\n      var sendingIndicator = widget.querySelector('.ss-sending');\n\n      var kpiLabelEl = widget.querySelector('.ss-kpi-label');\n      var questionCountEl = widget.querySelector('.ss-question-count');\n      var questionTitleEl = widget.querySelector('.ss-question-title');\n      var answersContainer = widget.querySelector('.ss-answers');\n\n      var resultsGradeEl = widget.querySelector('.ss-results-grade');\n      var resultsHeadingEl = widget.querySelector('.ss-results-heading');\n      var resultsBodyEl = widget.querySelector('.ss-results-body');\n      var improvementListEl = widget.querySelector('.ss-improvement-list');\n      var improvementEmptyEl = widget.querySelector('.ss-list-empty');\n      var downloadPdfBtn = widget.querySelector('.ss-download-pdf-btn');\n\n      var kpiMeta = {\n        1: { label: 'KPI 1 \u2013 Vulnerability Management', name: 'Vulnerability Management' },\n        2: { label: 'KPI 2 \u2013 Endpoint Detection & Response', name: 'Endpoint Detection & Response' },\n        3: { label: 'KPI 3 \u2013 Email Security & Phishing', name: 'Email Security & Phishing' },\n        4: { label: 'KPI 4 \u2013 Ransomware Resiliency', name: 'Ransomware Resiliency' },\n        5: { label: 'KPI 5 \u2013 IT Audit & Exam Remediation', name: 'IT Audit & Exam Remediation' },\n        6: { label: 'KPI 6 \u2013 Risk Assessment', name: 'Risk Assessment' },\n        7: { label: 'KPI 7 \u2013 Cybersecurity Framework', name: 'Cybersecurity Framework' },\n        8: { label: 'KPI 8 \u2013 Information Security Plan', name: 'Information Security Plan' }\n      };\n\n      var questions = [\n        { id: 1,  kpiId: 1, text: 'What percentage of systems have current, approved security patches installed within defined risk-based timeframes?', options: [\n          { label: '\u2265 95%', points: 4 },\n          { label: '90\u201394%', points: 3 },\n          { label: '80\u201389%', points: 2 },\n          { label: '60\u201379%', points: 1 },\n          { label: '< 60%', points: 0 }\n        ]},\n        { id: 2,  kpiId: 1, text: \"What is your institution's overall risk based on vulnerability severity, exploitability, and how long issues remain un-remediated?\", options: [\n          { label: 'Very Low', points: 4 },\n          { label: 'Low', points: 3 },\n          { label: 'Moderate', points: 2 },\n          { label: 'High', points: 1 },\n          { label: 'Critical', points: 0 }\n        ]},\n        { id: 3,  kpiId: 2, text: 'How would you rate the completeness of endpoints covered by antivirus or EDR agents?', options: [\n          { label: 'Full Coverage', points: 4 },\n          { label: 'Minor Gaps', points: 3 },\n          { label: 'Inconsistent', points: 2 },\n          { label: 'Limited', points: 1 },\n          { label: 'No Coverage', points: 0 }\n        ]},\n        { id: 4,  kpiId: 2, text: 'Within your enterprise, how many active malware alerts have there been in the last 30 days?', options: [\n          { label: '0', points: 4 },\n          { label: '1', points: 3 },\n          { label: '2', points: 2 },\n          { label: '3', points: 1 },\n          { label: '4 or more', points: 0 }\n        ]},\n        { id: 5,  kpiId: 3, text: \"What is your institution's current phish-prone percentage?\", options: [\n          { label: '\u2264 3%', points: 4 },\n          { label: '3\u20134.99%', points: 3 },\n          { label: '5\u20136.99%', points: 2 },\n          { label: '7\u20138.99%', points: 1 },\n          { label: '\u2265 9%', points: 0 }\n        ]},\n        { id: 6,  kpiId: 3, text: 'How many malicious emails have NOT been blocked in the past 30 days?', options: [\n          { label: '\u2264 2', points: 4 },\n          { label: '3\u20134', points: 3 },\n          { label: '5\u20136', points: 2 },\n          { label: '7\u20138', points: 1 },\n          { label: '\u2265 9', points: 0 }\n        ]},\n        { id: 7,  kpiId: 4, text: 'How often are air-gapped or immutable backups successfully restored or tested?', options: [\n          { label: 'Monthly', points: 4 },\n          { label: 'Every 1\u20132 Months', points: 3 },\n          { label: 'Quarterly', points: 2 },\n          { label: 'As Needed', points: 1 },\n          { label: 'Rarely', points: 0 }\n        ]},\n        { id: 8,  kpiId: 4, text: 'How many full disaster recovery site failover tests are performed annually?', options: [\n          { label: '1 Full Test \u2013 100% Successful', points: 4 },\n          { label: '1 Full Test \u2013 Partial Success', points: 3 },\n          { label: '1 Full Test \u2013 Mostly Failed', points: 2 },\n          { label: 'Partial Test', points: 1 },\n          { label: 'No Test', points: 0 }\n        ]},\n        { id: 9,  kpiId: 5, text: 'How many findings are currently open from IT audits and IT exams?', options: [\n          { label: '\u2264 5', points: 4 },\n          { label: '6\u201310', points: 3 },\n          { label: '11\u201315', points: 2 },\n          { label: '16\u201320', points: 1 },\n          { label: '\u2265 21', points: 0 }\n        ]},\n        { id: 10, kpiId: 5, text: 'How many findings are past due their remediation date?', options: [\n          { label: '1', points: 4 },\n          { label: '2', points: 3 },\n          { label: '3', points: 2 },\n          { label: '4', points: 1 },\n          { label: '\u2265 5', points: 0 }\n        ]},\n        { id: 11, kpiId: 6, text: \"How many information assets exceed the Board of Directors' risk appetite?\", options: [\n          { label: '0', points: 4 },\n          { label: '1', points: 3 },\n          { label: '2', points: 2 },\n          { label: '3', points: 1 },\n          { label: 'Risk Appetite is not defined', points: 0 }\n        ]},\n        { id: 12, kpiId: 6, text: 'How many risk controls are unresolved or not implemented?', options: [\n          { label: '0', points: 4 },\n          { label: '1', points: 3 },\n          { label: '2', points: 2 },\n          { label: '3', points: 1 },\n          { label: '\u2265 4', points: 0 }\n        ]},\n        { id: 13, kpiId: 7, text: \"What is the estimated compliance with your institution's cybersecurity framework?\", options: [\n          { label: '100%\u201395%', points: 4 },\n          { label: '94%\u201390%', points: 3 },\n          { label: '89%\u201380%', points: 2 },\n          { label: '79%\u201370%', points: 1 },\n          { label: '< 70%', points: 0 }\n        ]},\n        { id: 14, kpiId: 8, text: 'What percentage of milestones are completed on time?', options: [\n          { label: '\u2265 90%', points: 4 },\n          { label: '80\u201389%', points: 3 },\n          { label: '70\u201379%', points: 2 },\n          { label: '50\u201369%', points: 1 },\n          { label: '< 50%', points: 0 }\n        ]},\n        { id: 15, kpiId: 8, text: 'How many information security related projects are past due?', options: [\n          { label: '0', points: 4 },\n          { label: '1', points: 3 },\n          { label: '2', points: 2 },\n          { label: '3', points: 1 },\n          { label: '\u2265 4', points: 0 }\n        ]}\n      ];\n\n      var totalQuestions = questions.length;\n      var currentQuestionIndex = 0;\n      var currentView = 'intro';\n\n      var responses = new Array(totalQuestions).fill(null);\n\n      function setActiveStep(step) {\n        [introStep, questionStep, emailStep, resultsStep].forEach(function (el) {\n          if (el) el.classList.remove('ss-step-active');\n        });\n\n        if (step === 'intro') {\n          introStep.classList.add('ss-step-active');\n        } else if (step === 'question') {\n          questionStep.classList.add('ss-step-active');\n        } else if (step === 'email') {\n          emailStep.classList.add('ss-step-active');\n        } else if (step === 'results') {\n          resultsStep.classList.add('ss-step-active');\n        }\n\n        currentView = step;\n        updateProgress();\n      }\n\n      function updateProgress() {\n        var percent = 0;\n        if (currentView === 'question') {\n          percent = ((currentQuestionIndex + 1) \/ totalQuestions) * 100;\n        } else if (currentView === 'intro') {\n          percent = 0;\n        } else {\n          percent = 100;\n        }\n        progressBar.style.width = percent + '%';\n      }\n\n      function renderQuestion() {\n        var question = questions[currentQuestionIndex];\n        if (!question) return;\n\n        var kpiInfo = kpiMeta[question.kpiId];\n        kpiLabelEl.textContent = kpiInfo ? kpiInfo.label : '';\n\n        questionCountEl.textContent = 'Question ' + (currentQuestionIndex + 1) + ' of ' + totalQuestions;\n        questionTitleEl.textContent = question.text;\n\n        answersContainer.innerHTML = '';\n        question.options.forEach(function (opt, optIndex) {\n          var button = document.createElement('button');\n          button.type = 'button';\n          button.className = 'ss-answer-option';\n\n          var bullet = document.createElement('div');\n          bullet.className = 'ss-answer-bullet';\n\n          var bulletInner = document.createElement('div');\n          bulletInner.className = 'ss-answer-bullet-inner';\n          bullet.appendChild(bulletInner);\n\n          var label = document.createElement('div');\n          label.className = 'ss-answer-label';\n          label.textContent = opt.label;\n\n          button.appendChild(bullet);\n          button.appendChild(label);\n\n          button.addEventListener('click', function () {\n            onAnswerSelected(optIndex);\n          });\n\n          answersContainer.appendChild(button);\n        });\n\n        var existing = responses[currentQuestionIndex];\n        if (existing &#038;&#038; typeof existing.optionIndex === 'number') {\n          markAnswerSelected(existing.optionIndex);\n          nextBtn.disabled = false;\n        } else {\n          nextBtn.disabled = true;\n        }\n\n        backBtn.style.visibility = currentQuestionIndex === 0 ? 'hidden' : 'visible';\n      }\n\n      function markAnswerSelected(optionIndex) {\n        var buttons = answersContainer.querySelectorAll('.ss-answer-option');\n        buttons.forEach(function (btn, idx) {\n          if (idx === optionIndex) {\n            btn.classList.add('ss-selected');\n          } else {\n            btn.classList.remove('ss-selected');\n          }\n        });\n      }\n\n      function onAnswerSelected(optionIndex) {\n        var question = questions[currentQuestionIndex];\n        var option = question.options[optionIndex];\n        responses[currentQuestionIndex] = {\n          optionIndex: optionIndex,\n          points: option.points\n        };\n        markAnswerSelected(optionIndex);\n        nextBtn.disabled = false;\n      }\n\n      function validateAllQuestionsAnswered() {\n        for (var i = 0; i < totalQuestions; i++) {\n          if (!responses[i]) return false;\n        }\n        return true;\n      }\n\n      function computeResults() {\n        var totalPoints = 0;\n        for (var i = 0; i < totalQuestions; i++) {\n          totalPoints += responses[i] ? responses[i].points : 0;\n        }\n        var avgScore = totalPoints \/ totalQuestions; \/\/ 0\u20134\n        var percent = (avgScore \/ 4) * 100; \/\/ 0\u2013100\n\n        var grade;\n        if (percent >= 88) {\n          grade = 'A';\n        } else if (percent >= 63) {\n          grade = 'B';\n        } else if (percent >= 38) {\n          grade = 'C';\n        } else if (percent >= 13) {\n          grade = 'D';\n        } else {\n          grade = 'F';\n        }\n\n        var kpiScores = {};\n        questions.forEach(function (q, idx) {\n          var resp = responses[idx];\n          if (!resp) return;\n          if (!kpiScores[q.kpiId]) {\n            kpiScores[q.kpiId] = { total: 0, count: 0 };\n          }\n          kpiScores[q.kpiId].total += resp.points;\n          kpiScores[q.kpiId].count += 1;\n        });\n\n        var improvementKpis = [];\n        Object.keys(kpiScores).forEach(function (kpiIdStr) {\n          var kpiId = parseInt(kpiIdStr, 10);\n          var scoreInfo = kpiScores[kpiId];\n          var avg = scoreInfo.total \/ scoreInfo.count;\n          var kpiPercent = (avg \/ 4) * 100;\n          if (kpiPercent < 63) {\n            var meta = kpiMeta[kpiId];\n            if (meta) {\n              improvementKpis.push(meta.name);\n            }\n          }\n        });\n\n        return {\n          avgScore: avgScore,\n          percent: percent,\n          grade: grade,\n          improvementKpis: improvementKpis\n        };\n      }\n\n      function renderResults(results) {\n        resultsGradeEl.textContent = results.grade;\n        resultsHeadingEl.textContent = 'Your Cybersecurity Resilience Score: ' + results.grade;\n        resultsBodyEl.textContent =\n          'Based on your responses, your institution is currently operating at a ' +\n          results.grade +\n          ' level. Below are the areas where your institution has room to strengthen its security posture.';\n\n        improvementListEl.innerHTML = '';\n        if (results.improvementKpis.length > 0) {\n          results.improvementKpis.forEach(function (name) {\n            var li = document.createElement('li');\n            li.textContent = name;\n            improvementListEl.appendChild(li);\n          });\n          improvementListEl.classList.remove('ss-hidden');\n          improvementEmptyEl.classList.add('ss-hidden');\n        } else {\n          improvementListEl.classList.add('ss-hidden');\n          improvementEmptyEl.classList.remove('ss-hidden');\n        }\n      }\n\n      function pointsToLetter(points) {\n        if (points >= 3.5) return 'A';\n        if (points >= 2.5) return 'B';\n        if (points >= 1.5) return 'C';\n        if (points >= 0.5) return 'D';\n        return 'F';\n      }\n\n      function buildDetailedAnswers() {\n        var detailed = [];\n        for (var i = 0; i < totalQuestions; i++) {\n          var q = questions[i];\n          var resp = responses[i];\n          if (!resp) continue;\n          var chosenOpt = q.options[resp.optionIndex];\n\n          var kpiInfo = kpiMeta[q.kpiId] || { name: 'KPI ' + q.kpiId };\n          var letter = pointsToLetter(chosenOpt.points);\n\n          detailed.push({\n            questionNumber: i + 1,\n            kpiId: q.kpiId,\n            kpi: kpiInfo.name,\n            question: q.text,\n            answer: chosenOpt.label,\n            points: chosenOpt.points,\n            letterGrade: letter\n          });\n        }\n        return detailed;\n      }\n\n      function sendResultsEmail(userEmail, results) {\n        var ajaxUrl = window.ajaxurl || '\/wp-admin\/admin-ajax.php';\n\n        var detailedAnswers = buildDetailedAnswers();\n\n        var payload = {\n          action: 'send_scorecard_email',\n          email: userEmail,\n          grade: results.grade,\n          average_score: results.avgScore.toFixed(2),\n          answers: JSON.stringify(detailedAnswers)\n        };\n\n        sendingIndicator.classList.remove('ss-hidden');\n\n        fetch(ajaxUrl, {\n          method: 'POST',\n          headers: {\n            'Content-Type': 'application\/x-www-form-urlencoded; charset=UTF-8'\n          },\n          body: new URLSearchParams(payload).toString()\n        })\n          .then(function () {\n            sendingIndicator.classList.add('ss-hidden');\n          })\n          .catch(function () {\n            sendingIndicator.classList.add('ss-hidden');\n          });\n      }\n\n      function isValidEmail(value) {\n        var email = value.trim();\n        if (!email) return false;\n        var re = \/^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$\/;\n        return re.test(email);\n      }\n\n      startBtn.addEventListener('click', function () {\n        currentQuestionIndex = 0;\n        setActiveStep('question');\n        renderQuestion();\n      });\n\n      backBtn.addEventListener('click', function () {\n        if (currentQuestionIndex > 0) {\n          currentQuestionIndex -= 1;\n          renderQuestion();\n          updateProgress();\n        }\n      });\n\n      nextBtn.addEventListener('click', function () {\n        if (!responses[currentQuestionIndex]) return;\n\n        if (currentQuestionIndex < totalQuestions - 1) {\n          currentQuestionIndex += 1;\n          renderQuestion();\n          updateProgress();\n        } else {\n          setActiveStep('email');\n        }\n      });\n\n      emailBackBtn.addEventListener('click', function () {\n        currentQuestionIndex = totalQuestions - 1;\n        setActiveStep('question');\n        renderQuestion();\n      });\n\n      emailSubmitBtn.addEventListener('click', function () {\n        var value = emailInput.value || '';\n        emailError.textContent = '';\n        emailInput.classList.remove('ss-input-error');\n\n        var trimmed = value.trim();\n\n        if (!isValidEmail(trimmed)) {\n          emailInput.classList.add('ss-input-error');\n          emailError.textContent = 'Please enter a valid email address.';\n          return;\n        }\n\n        if (\/@gmail\\.com$\/i.test(trimmed) || \/@hotmail\\.com$\/i.test(trimmed)) {\n          emailInput.classList.add('ss-input-error');\n          emailError.textContent = 'Please enter your business email. Gmail and Hotmail addresses are not allowed.';\n          return;\n        }\n\n        if (!validateAllQuestionsAnswered()) {\n          emailError.textContent = 'Please complete all questions before submitting.';\n          return;\n        }\n\n        var results = computeResults();\n\n        renderResults(results);\n        setActiveStep('results');\n\n        sendResultsEmail(trimmed, results);\n      });\n\n      if (downloadPdfBtn) {\n        downloadPdfBtn.addEventListener('click', function () {\n          function esc(s) {\n            if (!s) return '';\n            return String(s).replace(\/&#038;\/g, '&amp;')\n              .replace(\/<\/g, '&lt;')\n              .replace(\/>\/g, '&gt;')\n              .replace(\/\"\/g, '&quot;')\n              .replace(\/'\/g, '&#39;');\n          }\n\n          var currentResults = computeResults();\n          var percent = currentResults.percent || 0;\n          var percentDisplay = Math.round(percent);\n          var grade = currentResults.grade || '';\n\n          var heading = 'Your Cybersecurity Resilience Score';\n          var execSummary = \"The Cybersecurity Scorecard provides an assessment of your institution's overall Information Security Program by assigning a letter grade to its effectiveness using eight (8) Key Performance Indicators (KPIs). These KPIs measure the design, implementation, and operating effectiveness of key IT controls (technical and administrative) supporting data security, operational resilience, and compliance.\";\n\n          var listItems = improvementListEl ? improvementListEl.querySelectorAll('li') : [];\n          var improvementHtml = '';\n          for (var i = 0; i < listItems.length; i++) {\n            improvementHtml += '<li>' + esc(listItems[i].textContent) + '<\/li>';\n          }\n          var emptyMsg = improvementEmptyEl && !improvementEmptyEl.classList.contains('ss-hidden')\n            ? esc(improvementEmptyEl.textContent)\n            : 'All KPI categories are currently at a B or better.';\n\n          var detailed = buildDetailedAnswers();\n\n          function gradeColor(letter) {\n            switch (letter) {\n              case 'A': return '#16a34a';\n              case 'B': return '#22c55e';\n              case 'C': return '#eab308';\n              case 'D': return '#f97316';\n              case 'F': return '#ef4444';\n              default: return '#6b7280';\n            }\n          }\n\n          var rowsHtml = '';\n          detailed.forEach(function (row) {\n            var bg = gradeColor(row.letterGrade);\n            rowsHtml += '<tr><td>' + esc(row.kpi) + '<\/td><td>' + esc(row.question) + '<\/td><td>' + esc(row.answer) + '<\/td><td><span style=\"display:inline-block;min-width:32px;padding:3px 8px;border-radius:999px;background:' + bg + ';color:#fff;font-weight:700;text-align:center;\">' + esc(row.letterGrade) + '<\/span><\/td><\/tr>';\n          });\n\n          var title = 'Cybersecurity Scorecard \u2013 Results';\n          var html = '<!DOCTYPE html><html><head><title>' + title + '<\/title><link href=\"https:\/\/fonts.googleapis.com\/css2?family=Raleway:wght@400;700&#038;display=swap\" rel=\"stylesheet\"><style>body{font-family:Raleway,sans-serif;max-width:900px;margin:24px auto;padding:24px;color:#111;background:#fff;}h1{font-size:1.8rem;color:#1289d5;margin-bottom:6px;}h2{font-size:1.1rem;color:#111;margin:16px 0 4px;}p{line-height:1.55;color:#333;font-size:0.95rem;}.top-row{display:flex;flex-wrap:wrap;gap:16px;margin-top:16px;}.grade-box{flex:0 0 140px;border-radius:16px;border:1px solid #d1d5db;padding:16px;text-align:center;display:flex;flex-direction:column;justify-content:center;}.grade-letter{font-size:3rem;font-weight:700;color:#1289d5;margin-bottom:4px;}.grade-percent{font-size:0.9rem;color:#4b5563;}.improve-box{flex:1;border-radius:16px;border:1px solid #d1d5db;padding:14px 16px;background:#f9fafb;}.improve-box h2{margin-top:0;margin-bottom:6px;font-size:0.98rem;font-weight:700;}.improve-box ul{margin:4px 0 0;padding-left:18px;font-size:0.9rem;}.improve-box li{margin-bottom:3px;}table{width:100%;border-collapse:collapse;margin-top:18px;font-size:0.9rem;border:1px solid #cbd5e1;}th,td{border:1px solid #cbd5e1;padding:6px 8px;vertical-align:top;}th{background:#eff6ff;color:#111;text-align:left;font-weight:700;border-bottom:2px solid #1289d5;}tr:nth-child(even){background:#f9fafb;}@media print{body{-webkit-print-color-adjust:exact;print-color-adjust:exact;}}<\/style><\/head><body><h1>Cybersecurity Scorecard<\/h1><h2>Executive Summary<\/h2><p>' + esc(execSummary) + '<\/p><div class=\"top-row\"><div class=\"grade-box\"><div class=\"grade-letter\">' + esc(grade) + '<\/div><div class=\"grade-percent\">Overall Score: ' + percentDisplay + '%<\/div><\/div><div class=\"improve-box\"><h2>Areas with opportunity to strengthen<\/h2>' + (improvementHtml ? '<ul>' + improvementHtml + '<\/ul>' : '<p>' + emptyMsg + '<\/p>') + '<\/div><\/div><h2 style=\"margin-top:22px;\">Detailed Responses<\/h2><table><thead><tr><th>KPI Category<\/th><th>Question<\/th><th>Answer<\/th><th>Grade<\/th><\/tr><\/thead><tbody>' + rowsHtml + '<\/tbody><\/table><p style=\"margin-top:18px;font-size:0.9rem;\">Have questions or want to discuss these results? <a href=\"https:\/\/cyberassurancenow.com\/index.php\/contact\/\" target=\"_blank\" style=\"color:#1289d5;text-decoration:underline;\">Contact us<\/a>.<\/p><\/body><\/html>';\n\n          var w = window.open('', '_blank', 'width=900,height=900');\n          if (w) {\n            w.document.write(html);\n            w.document.close();\n            w.focus();\n            setTimeout(function () { w.print(); w.close(); }, 600);\n          } else {\n            window.print();\n          }\n        });\n      }\n\n      setActiveStep('intro');\n    })();\n  });\n<\/script>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img decoding=\"async\" width=\"792\" height=\"1024\" src=\"https:\/\/cyberassurancenow.com\/wp-content\/uploads\/2026\/05\/SCORECARD-792x1024.png\" alt=\"Information security scorecard\" class=\"wp-image-6977\" style=\"aspect-ratio:0.7734601693140686;width:611px;height:auto\" srcset=\"https:\/\/cyberassurancenow.com\/wp-content\/uploads\/2026\/05\/SCORECARD-792x1024.png 792w, https:\/\/cyberassurancenow.com\/wp-content\/uploads\/2026\/05\/SCORECARD-232x300.png 232w, https:\/\/cyberassurancenow.com\/wp-content\/uploads\/2026\/05\/SCORECARD-768x993.png 768w, https:\/\/cyberassurancenow.com\/wp-content\/uploads\/2026\/05\/SCORECARD.png 1103w\" sizes=\"(max-width: 792px) 100vw, 792px\" \/><\/figure>\n<\/div>\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" style=\"margin-top: 30px; margin-bottom: 30px;\"\/>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-8f761849 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<h2 class=\"wp-block-heading\">Let&#8217;s Build Your Security Program Together<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">CyberAssurance&nbsp;partners with financial institutions and regulated organizations to deliver the security leadership, program structure, and regulatory confidence your organization needs.&nbsp;<\/p>\n\n\n\n<div class=\"wp-block-buttons is-layout-flex wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button\" style=\"margin-top: 30px; margin-bottom: 30px;\"><a class=\"wp-block-button__link wp-element-button\">Request a consultation<\/a><\/div>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n<div style=\"height:100px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n","protected":false},"excerpt":{"rendered":"<p>A virtual CISO is an experienced cybersecurity executive who serves your organization on a part-time or retainer basis,&nbsp;providing&nbsp;the strategic&nbsp;leadership, program oversight,&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"full-width.php","meta":{"footnotes":""},"class_list":["post-6173","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/cyberassurancenow.com\/index.php\/wp-json\/wp\/v2\/pages\/6173","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cyberassurancenow.com\/index.php\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/cyberassurancenow.com\/index.php\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/cyberassurancenow.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberassurancenow.com\/index.php\/wp-json\/wp\/v2\/comments?post=6173"}],"version-history":[{"count":9,"href":"https:\/\/cyberassurancenow.com\/index.php\/wp-json\/wp\/v2\/pages\/6173\/revisions"}],"predecessor-version":[{"id":7010,"href":"https:\/\/cyberassurancenow.com\/index.php\/wp-json\/wp\/v2\/pages\/6173\/revisions\/7010"}],"wp:attachment":[{"href":"https:\/\/cyberassurancenow.com\/index.php\/wp-json\/wp\/v2\/media?parent=6173"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}