A method of cyber-risk assessment includes populating a database with ransomware attack information non-intrusively gathered from a plurality of data sources. A request for a ransomware susceptibility assessment of an entity associated with a domain name is received. A digital footprint of an entity is discovered in response to the associated domain name using non-intrusive information gathering. Commercial information associated with the entity is collected in response to the domain name. The database is scanned in response to the discovered digital footprint and at least one ransomware factor associated with the entity is generated in response to the scan. An impact parameter and a ransomware factor coefficient is computed based on the collected commercial information. Then an entity susceptibility index is computed based on the impact parameter, the ransomware factor coefficient, and the at least one ransomware factor. A ransomware attack is then identified and the database is re-populating in response to the identified ransomware attack. At least one of impact parameter or a ransomware factor coefficient is re-computed based at least one of an impact parameter or a ransomware factor coefficient based on the identified new ransomware attack to provide a cyber-risk assessment.