A system and method for evaluating and improving the security of a local area network including an application residing on an external server configured to conduct a penetration test of the local area network by interrogating each of the devices on the local area network to identify vulnerabilities and risks associated with those devices, receiving a report listing all such identified vulnerabilities and risks, calculating an IoT readiness score for the local area network, and undertaking and/or recommending specific actions for improving the security of the local area network.