What is the ICCI?

The Instinctability Cyber Confidence Index gives boards and leaders a clear, practical view of how prepared their organisation is to manage cyber risk in the real world.

It goes beyond technical controls to assess the governance, leadership, culture, and everyday behaviours that shape how a cyber event actually unfolds. It is designed to complement technical and compliance frameworks, not duplicate them.

Why it matters

Most incidents do not begin with something extraordinary. They begin with ordinary moments: a clicked email, a reused password, uncertainty about reporting, or confusion about who owns the next decision.

At the same time, expectations on leadership are rising. Regulators, insurers, and boards increasingly want evidence of reasonable steps in practice, not just policies sitting on a shelf.

  • clicking a convincing phishing email
  • approving an MFA request without thinking
  • reusing
credentials
  • being unsure
who to call
  • assuming “IT will handle it”

ICCI measures how prepared your organisation is for these everyday moments—and how quickly you can respond when something goes wrong.

Every ICCI assessment includes:

  1. Cyber Confidence Score + Benchmark

    A practical view of confidence across governance, leadership, behaviour, and culture.

  2. External Tech Scan

    A non-intrusive scan of external digital footprint, email configuration, and exposed credentials.

  3. Executive Debrief & Recommendations

    A focused discussion of the results, implications, and priority actions.

  4. Board-Ready Report

    Plain-English findings and practical recommendations.

Designed for Leaders,
Not Just IT

Technical assessments tell you whether a system is vulnerable. The ICCI helps you understand whether your organisation is ready — ready to recognise risk, respond well, and act credibly when the pressure is on.

Think of it as workplace health and safety for your digital environment: building safer, more reliable behaviour, not just more documentation.

What we measure

Governance & Risk
— Leadership oversight
— Accountability
— Escalation
— Continuity
— Alignment with regulatory and insurance expectations.
Technology & Data
— External exposure
— Credential hygiene
— Access control
— Data sensitivity and supplier risk
People & Culture
— Habits
— Reporting confidence
— Onboarding
— Training
— Leader role-modelling.

Your Results Are:

Together, these form a more complete picture of organisational safety. Your results are:

  • Confidential
  • De-identified in all benchmarking
  • Never linked to your organisation or individuals in any external material

Participation also contributes to a growing national benchmark, giving organisations useful comparison data while helping raise the standard more broadly.

Is your organisation ready to handle modern cyber threats?

Be part of Australia’s largest cyber confidence benchmark
and see how your organisation compares.

Take the survey

Common outcomes

Across sectors, ICCI helps organisations:

  • Stronger board-level oversight of cyber risk
  • Better cyber insurance conversations and outcomes
  • Reduced disruption during incidents
  • Greater leadership confidence under pressure
  • Clearer evidence of reasonable steps for regulators and auditors
  • Reduced everyday human cyber risk
  • Better protection of reputation and trust

Who it's for

Boards, executives, business owners, and senior leaders in small to mid-sized organisations who want a practical view of cyber risk without committing to a six-month audit or a deeply technical exercise.

.

  • boards
  • executives
  • business owners
  • senior leaders