AI-Threat Readiness Assessment

Free assessment of whether your controls can withstand AI-enabled fraud, synthetic media, prompt injection, agentic misuse, AI-provider dependency, and AI data exposure. Anchored to NIST AI RMF, NIST AI 600-1, OWASP LLM Top 10, MITRE ATLAS, and the major operational-resilience frameworks.

What it covers

Seven dimensions of AI-driven threat exposure: payment-instruction integrity and manipulated business communication; synthetic-media and identity-attack readiness; AI-augmented phishing and social engineering; AI-driven fraud typologies in customer and transaction monitoring; security of own and vendor AI surfaces; AI incident response and operational resilience; and AI inventory, data exposure, and shadow-AI governance.

Short form and long form

The short form is eight questions plus one sector-specific question, about six minutes. The long form is twenty-two questions plus one sector-specific question, about twelve minutes. Both produce an overall tier (Partial, Risk Informed, Repeatable, or Adaptive), a scored-dimension radar, and tailored next steps.

Jurisdiction overlays

FINMA Guidance 08/2024 and 05/2025 (Switzerland), the EU AI Act and DORA (European Union), NCSC AI guidance (United Kingdom), and FFIEC and HHS / FDA references (United States).

Related

See Burgtor for the enterprise risk platform, Plainview for investor risk research, or read the Bollwerk manifesto.