DTS
Measure and communicate your digital trust with a single indicator.
NALLAM's Digital Trust Score (DTS) translates cybersecurity, compliance, and resilience into a clear indicator for management, clients, and partners.
What is the Digital Trust Score?
The DTS condenses the state of your cybersecurity and compliance into a 0 to 950 score with levels (LOW, MEDIUM AND HIGH). It's easily understandable by the board of directors, council, and clients, without losing technical rigor.
One indicator, many dimensions
The model weighs Internet exposure, vulnerabilities, critical service configuration, compliance (ISO 27001, ENS, NIS2, GDPR), and internal processes. Technical detail exists, but management receives a simple reading.
Updated and traceable
The DTS is recalculated periodically (usually every 90 days) after technical and compliance reviews. Each change is documented, so you can demonstrate continuous improvement.
Private by default, public if you want
The DTS is confidential by default. A badge or web widget is only published if there is a contract and explicit consent. You decide what level of detail is visible from outside.
How DTS works with NALLAM
We convert audits, pentests, and compliance reviews into a numerical model. It's not another "checklist", but a way to prioritize investment, justify decisions, and communicate digital trust.
We define which parts of your organization are included in the DTS: web perimeter, offices, cloud, OT, subsidiaries, etc. We incorporate previous audits when they exist.
We perform (or reuse) penetration tests, configuration analysis, process review, documentation, and applicable regulatory compliance.
We apply NALLAM's DTS model, weighing each dimension. We simulate scenarios: "what happens if we close these gaps?" to help you prioritize actions.
We deliver an executive report, the technical detail for your security team, and optionally, the DTS badge for web and corporate materials.
Frequently asked questions about DTS and legal aspects
The Digital Trust Score is designed to respect confidentiality, GDPR, and current regulations. These are some key points.
Is my DTS published without permission?
No. We never publish your DTS without express contractual consent. The value and any associated details are confidential. If you decide to make it public, we define with you what is shown and where.
What data is processed to calculate the DTS?
We use technical information from your systems (results of audits, pentests, configuration reviews, etc.) and process documentation. We do not need to process personal data of your end customers to calculate the DTS.
Is the DTS model a certificate?
The DTS does not replace standards like ISO 27001 or ENS. It is NALLAM's proprietary indicator that can rely on your certifications and audits, and that helps you communicate your maturity level clearly.
Can we display a trust badge on our website?
Yes. If you wish, NALLAM can issue a DTS badge with a unique identifier and a verification link hosted at nallam.org. The badge is only renewed when we update your score.
What happens if our DTS drops?
The system detects the drop and we reflect it in the periodic report. If you have a public badge, we agree with you on the update policy (for example, prior review before changing the externally visible value).
Can we use the DTS in contracts with clients?
Many organizations use the DTS as additional evidence of their maturity in cybersecurity and compliance. We can help you draft the appropriate description in RFPs, bids, or security annexes.