The Cyber Attitudes Assessment (CAA), developed in partnership with QA, is a trait based screening diagnostics tool that reduces human risk at organisations by analysing personality traits that can potentially expose individuals to cyber security risk and recommending individual mitigation advice to each participant. The goal of the diagnostics is to enable organisations fortify the human membrane of their cyber security defences in a targeted way. The CAA instrument drives responsible digital behaviours and drives individual development based on The CyberFish Company’s Responsible Digital Behaviours Framework.

Recommended Use

The test is recommended to be used by all staff, as part of a general user awareness training effort, but can also be used in a cyber incident response management or in a broader, supply chain context to improve teamwork and with a view to bridge capability gaps and put in additional protective measures. For recruitment purposes the CAA can add extra value to improve the existing team’s skills balance or to form a basis of an effective cyber on-boarding programme.


The CAA takes 30 minutes to complete excluding the instructions and instruction trial questions. The test consists of 150 questions and is available in international, non-idiomatic English. Reports are fully anonymised and ID based. To fill out a test administrative details of participants need to be shared. Reports are generated automatically and transferred in an encrypted format to the participant or to their team leaders and or organisations.

Learning Outcomes

The CyberFish Responsible Digital Behaviours Framework© details the critical skills and competencies needed by employees across the organization to be more resilient to digital attacks and deal with mission critical situations in an effective way.

By having your team complete the assessment you will be able to:

  • Precisely identify the specific behaviours that can expose your team members to different cyber attacks and behaviours that strengthen your defences
  • A heat map of your team with a view to risk exposure along the 6 different risk domains measured
  • Detailed description for each individual of their specific cyber security exposure mappded to their personality profiles
  • Individually mapped mitigation plans that allow instant changes to be made with regards to reducing potential cyber security exposure
  • A relative measure of how your team’s exposure compares to an average team’s exposure with a view to make decisions for investing in improving your defences in a more informed way, counteracting the weaknesses and building on the strengths of your team

Course Outline

The CAA report is designed to improve not only staff’s security competence but also self-awareness by highlighting tendencies the participants who may be unaware of and also provide insight to the implications and mitigation opportunities of these potential blind spots from the cybersecurity context.

The CAA explores the relative strengths and gaps in employees behaviours and offers personalised mitigation opportunities to minimise the exposure to cyber risk. The immediate result of the assessment is an instant change in the attitude of participants shifting towards demonstrating safer behaviours after having taken the test and having understood their exposure and mitigation opportunities.

An individual/narrative report is generated for each employee where the specific strengths and mitigation areas are highlighted with bespoke mitigation plans from a cyber security perspective. The CAA results will not be transferable to another organisational context. When delivered for an entire organization/team, a leadership report is generated that captures a team heatmap and enables targeted investment in mitigation such as a focused training plans, purchasing additional technical solutions that keep a strong line of cyber security defences.

Please complete this form and we'll be in touch

Hide form
Please enter a date or timescale
Please type in a preferred location or region...