CyberGRX applies machine learning to ‘transform third party cyber risk management’
Global risk exchange provider CyberGRX has launched the first in a series of predictive risk intelligence capabilities, the Predictive Risk Profile.
By leveraging standardised data within the Exchange platform and applying machine learning and data analytics, CyberGRX says it can now anticipate how individual third parties within a company’s vendor ecosystem will respond to a detailed security assessment questionnaire with an accuracy rate nearing 85 percent.
CyberGRX customers can use Predictive Risk Profiles to understand how individual vendors impact their cyber risk as well as to understand how they are viewed as a third party by their own customers.
“Third-party cyber risk management has been a tough nut to crack for many companies. This is largely because of the market misconception that having third parties complete risk assessments equals improved risk management. However, as recent events have shown, this is rarely the case,” said Fred Kneip (pictured), CEO at CyberGRX. “Since our inception, CyberGRX has been focused on creating a modern approach to third-party cyber risk management and proving to the industry that assessments are only a piece of the puzzle to help solve a larger problem. Predictive Risk Profiles will continue to propel the industry away from assessment-chasing to more effectively prioritising and managing third-party risk.”
With more than 130,000 companies on the Exchange and over 9,000 completed assessments, CyberGRX’s predictive risk assessment results are informed by its proprietary algorithm which analyses the data within the Exchange—collected from companies spanning multiple industries and geographies—along with firmographic information and outside-in scanning data from technology partners to produce a comprehensive predictive risk profile. From inherent and residual risk views, to mapping against common and customised frameworks, to providing control gap analysis using threat profiles and real-life cyber attack analytics, CyberGRX says its Predictive Risk Profile allows users to monitor and analyse third-party risk through the lens that matters most to them.
“With the difficulties managing third-party risks, CyberGRX's upstream sharing benefits both customers and service providers alike. Their new predictive risk intelligence capabilities are very interesting, and I was pleasantly surprised at how accurate it was compared to our validated results,” said Rory O'Connor, information security manager at Iron Mountain. “I hope more of our customers take advantage of CyberGRX’s predictive results, saving significant time and streamlining the third party risk management process.”
CyberGRX recently commissioned a study conducted by Forrester Consulting that surveyed over 300 senior IT leaders and found that 95 percent of respondents claim their organisation experienced a strategy- or technology-based challenge in managing third-party risk. It said the results “made clear that the current approach to third-party cyber risk management is broken. First and third parties are not working together and many organisations’ third-party cyber risk management strategies still rely on solutions that use static spreadsheets or bespoke assessments”. It said that even when these assessments are collected, the data is not standardised, meaning little can be done with it from an analysis point of view.
“Data without insight is only noise. That’s why CyberGRX has collected the most comprehensive cyber risk data to provide these actionable insights,” said Frank Price, CPO at CyberGRX. “Our predictive risk intelligence capabilities will help customers understand where their critical and high risks are so they can prioritise their efforts accordingly. As a result, they’ll be able to lessen impact from attacks on third parties and mitigate risks quickly and efficiently.”
CyberGRX will be hosting two webinars in December to showcase Predictive Risk Profiles.
For Customers: Manage Risk with Data Intelligence: A revolutionary approach to third-party cyber risk management
For Third Parties: End the Assessment Chase: Take control of your cyber risk reputation with Predictive Risk Profiles
Did you get value from this story? Sign up to our free daily newsletters and get stories like this sent straight to your inbox.
Already registered?
Login to your account
If you don't have a login or your access has expired, you will need to purchase a subscription to gain access to this article, including all our online content.
For more information on individual annual subscriptions for full paid access and corporate subscription options please contact us.
To request a FREE 2-week trial subscription, please signup.
NOTE - this can take up to 48hrs to be approved.
For multi-user price options, or to check if your company has an existing subscription that we can add you to for FREE, please email Elliot Field at efield@newtonmedia.co.uk or Adrian Tapping at atapping@newtonmedia.co.uk
Editor's picks
Editor's picks
More articles
Copyright © intelligentinsurer.com 2024 | Headless Content Management with Blaze