RiskRecon, a Mastercard Company, and CyberGRX, provider of the world’s first and largest global cyber risk exchange, today announced a strategic partnership to provide organisations with a complete, contextual view of their third-party cyber risk posture.
CyberGRX customers can now view RiskRecon ratings for every vendor in the CyberGRX Exchange based on continuously updated data. The customisable interactive widget enables users to drill down for detailed information on the ratings, which are uniquely risk prioritised based on a combination of issue severity and asset value. In addition, joint customers can easily login to the RiskRecon console through the widget.
As our digital ecosystem continues to expand and becomes more complex, the challenge of managing an organisation’s risk surface has never been greater. Traditional risk assessments performed annually or bi-annually are outdated and do not reflect today’s rapidly changing digital ecosystem. New research from RiskRecon and Cyentia Institute reveals that while 79% of firms have a third-party risk management (TPRM) program, only 14% are confident that vendors actually trust third parties’ security matches responses from their questionnaires. Security professionals are desperately looking for new ways to manage third-party cyber risk that reflect the rapidly changing digital world.
“Security and IT teams need a risk-driven approach to managing third-party cyber risk based on real-time data that reflects their current environment and extended ecosystem at any given moment,” said Fred Kneip, CEO, CyberGRX. “RiskRecon’s industry-certified data accuracy and multidimensional approach to automatically risk prioritise issues based on asset value and issue severity is a game changer. The combination of RiskRecon’s leading risk ratings data and the validated assessment data available through CyberGRX Exchange will provide security and IT teams with unparalleled visibility into any threat activity within their environment and the ability to intelligently manage the risk surface of their extended ecosystem of third parties.”
RiskRecon continuously monitors the cybersecurity risk of four million companies across the most highly regulated industries, including financial services and healthcare. By integrating RiskRecon with CyberGRX’s proven ability to assess and validate risk within an organisation’s third-party ecosystem, customers are empowered to prioritize which vulnerabilities to tackle first based on their evolving network of third parties. Together, RiskRecon and CyberGRX provide organisations with the most comprehensive view of their risk surface in real-time through automated, continuous cyber risk monitoring.
“CyberGRX provides dynamic data into a company’s entire risk surface for true, real-time third-party risk management,” said Kelly White, co-founder and CEO, RiskRecon. “By combining CyberGRX’s inside-out view of cyber risk with RiskRecon’s outside-in approach, organisations have access to their entire risk surface based on real-time, third-party, cyber risk data for complete visibility.”
The RiskRecon and CyberGRX partnership will be rolled out in a series of phases. Phase one includes the RiskRecon widget and is available now. Plans for forthcoming enhancements include a contextualised solution with a pre-assessment super rating. Additional details about enhancements to the RiskRecon and CyberGRX partnership will be made public as soon as that information is available.
CyberGRX joins RiskRecon’s network of best-of-breed security consultants, MSSPs, resellers, technology partners and industry alliances. To learn more about the RiskRecon Partner Program, visit: www.riskrecon.com/partners-riskrecon.