Use RATINGCY to check the
IT security level of your company
– objective and transparent!

Request rating now!


RATINGCY is a cyber security rating agency that objectively evaluates the IT security of companies on the basis of a security rating. With RATINGCY, secion GmbH has developed a new brand that takes into account the urgent demand of vertical markets for the evaluation of IT security in companies. At the latest since the IT Security Act came into force in May 2015, the binding and comparable assessment of companies' cyber-security capabilities has experienced a new urgency.

RATINGCY uses a two-stage procedure in its Standard rating level to create a uniform and comparable security rating. The first step is a technical IT security check. The second part of the security assessment includes an organizational security audit, which is based on the requirements of basic IT protection as well as the ISO standard 27001/2. RATINGCY calculates the two partial results according to a transparent method. As a final result, you will receive a risk score and a RATINGCY results diagram showing the value of your company's IT security compared to the industry average.

RATINGCY Target Group Segments


The RATINGCY rating system classifies valid and transparent the estimated level of IT security of companies you want to contract.

More information

Banks and credit reports

RATINGCY provides you with the valuation factor for IT security, which is nowadays an indispensable factor in a mature company valuation and thus has a decisive influence on your credit decision.

More information

Mergers & Acquisitions

RATINGCY evaluates the IT security status of companies focused on M&A (Mergers and Acquisitions) business processes.

More information

Procurement and supplier management

(Third Party /Vendor Risk Management)
With RATINGCY you create the prerequisites for a valid and transparent evaluation of the IT security of potential partner companies.

More information

What added value does RATINGCY offer you?

Rating agencies that examine companies with regard to their creditworthiness have so far failed to take into account the factor of IT security assessment or have failed to do so.

If the credit rating is not supplemented by the result of a standardized IT security assessment from the outset, you will not be able to answer the following questions:

How to assess the IT security level of your supplier you are planning to contract with? How do you determine the premium amount for the company that would like to take out a company liability or even cyber insurance with you? How do you assess the risk of a successful cyber attack and its consequences for the company you are planning to take over in the short term?

Irrespective of the reason for which the assessment of a company's IT security is relevant to you - an incorrect or completely ignored assessment of this factor by your potential business partner, customer, supplier or service provider means the risk of financial or even legal consequences for you.

Risk Score Industry average


Your Risk Score


Rating modules



Ideal for a fast and transparent security rating

  • Verification of external
    IT vulnerabilities
  • Detailed organizational
    Security Audit



For holistic and complex
Security Ratings

  • Professional Rating
  • Social Engineering
  • Red Team Penetration Test

RATINGCY - A brand of secion GmbH

RATINGCY, secion GmbH's security rating agency, classifies the IT security of companies on the basis of a multi-level rating system. The resulting IT security index (risk score) shows you precisely how high the IT security of your third-party service provider, for example, should be evaluated. This enables you for the first time to include the consequences of a security incident as an elementary evaluation factor in the risk assessment of third-party companies.