Free Tool · Quantum Security
Quantum Exposure Snapshot
Seven questions. Two to five minutes. An instant directional score for quantum cryptographic risk relevance. No account required. Results appear on this page. No email needed.
- Runs entirely in your browser — nothing is stored or transmitted
- Based on NIST PQC migration guidance and NCSC quantum transition frameworks
- Score range 20–100 across four exposure tiers
Your answers are used only to calculate your score. No email address, company name, or IP address is collected as part of this assessment. Anonymised scores are pooled with other responses to produce sector-level benchmarks, for example average scores across financial services organisations. Any PDF report you download is generated in your browser and is not stored on any server. You can choose to download the PDF report after the tool is completed. If you choose to enter your email address, that information is stored separately and only used to send you the updates you asked for.
What this tool collects
This tool collects your assessment answers and calculates a score. All of this happens in your browser. Your answers are not sent to a server for processing.
Anonymised benchmarking
The anonymised score from your assessment may be used to build sector-level benchmarks. For example: organisations in the financial services sector score an average of 54. No personal information, company name, or IP address is attached to this data. You cannot be identified from it.
What is not collected
Your IP address is not collected or stored. Your company name is not collected unless you choose to enter it when downloading a PDF report. Your email address is not collected unless you choose to provide it to receive updates.
PDF reports
If you choose to download a PDF report, it is generated entirely within your browser using your answers. The report is not sent to or stored on any server. Once you download it, the data stays with you.
Email addresses
An email address is only stored if you voluntarily opt in to receive notifications or updates. Providing your email address is never required to use this tool or to view your results. Your email address is not shared with third parties or used for advertising.
Third parties
Your data is not sold to third parties. Your data is not shared with advertising networks. Your data is not used for any purpose other than those described here.
How this tool works
The Quantum Exposure Snapshot scores your organisation across seven factors that determine quantum cryptographic risk relevance. The score uses a weighted formula: sector and data profile together account for 60% of the result, reflecting that industry type and data characteristics are the strongest predictors of quantum risk urgency.
The tool does not audit your cryptographic infrastructure. It provides a directional triage result: accurate enough to tell you whether quantum risk is an immediate priority, a medium-term concern, or a longer-range planning item — and what the appropriate next step is.
Scoring formula: Score = (Sector×0.20 + Longevity×0.20 + Sensitivity×0.20 + Trust×0.15 + Regulatory×0.10 + Legacy×0.10 + Vendor×0.05) × 20
What industry does your organisation operate in?
Select the sector that best describes your primary business activity. Sector is the strongest single predictor of quantum cryptographic risk relevance.
This answer helps tailor your results. Nothing is transmitted from your browser.
How long does your most sensitive data need to stay confidential?
Think about your most important records: contracts, medical data, financial histories, intellectual property, personnel files. If someone captured encrypted copies of this data today, how long would it matter if they could eventually read it?
This answer helps tailor your results. Nothing is transmitted from your browser.
How sensitive is the data your organisation handles?
Consider the type and volume of sensitive data in your systems: personal records, financial data, health information, confidential contracts, intellectual property, national security material.
This answer helps tailor your results. Nothing is transmitted from your browser.
How much does your organisation rely on digital certificates, code signing, or device trust systems?
Certificate authorities issue digital certificates that prove identity online. Code signing confirms that software has not been tampered with. Device trust systems verify that hardware is genuine. If your organisation runs any of these — or if your products include them — select the appropriate level.
This answer helps tailor your results. Nothing is transmitted from your browser.
How heavily regulated is your organisation?
Some sectors face formal requirements to prepare for quantum cryptographic threats. Finance, critical infrastructure, government, healthcare, and defence face the earliest and most specific obligations.
This answer helps tailor your results. Nothing is transmitted from your browser.
How difficult would it be for your organisation to update its cryptographic systems?
Modern cloud systems can update cryptographic libraries in weeks. Legacy systems, embedded hardware, and bespoke industrial equipment may require physical replacement or multi-year upgrade programmes.
This answer helps tailor your results. Nothing is transmitted from your browser.
How dependent is your organisation on third-party vendors for its core cryptographic systems?
High dependency means your organisation cannot migrate to quantum-safe cryptography without your vendors making changes first: cloud providers, hardware security module vendors, software platforms, or industrial system suppliers.
This answer helps tailor your results. Nothing is transmitted from your browser.