Portfolio Risk Findings: CyberGRX's New Capability for Combatting Risks

CyberGRX, a dedicated provider of global risk exchange, has launched its Portfolio Risk Findings, a new capability that offers customers visibility into the organization's specific control coverages gapped by the riskiest third parties through the lens of any framework or threat profile. This new feature leverages attested data and predictive risk profiles to provide a detailed report on customers' riskiest vendors and their specific unmet gapped controls.

With Portfolio Risk Findings, CyberGRX's data will be measured against control coverage and a selected framework or threat profile of their choosing to return a score between 1% to 100%. This score will help customers identify where third parties fall on the risk spectrum, from high risk to low risk. Customers can also filter results to identify potential business exposure of a security incident based on the nature of the relationship with the third-party.

According to CyberGRX, no other third-party risk management company provides this level of visibility, which makes their platform quite significant. The goal of Portfolio Risk Findings is to help customers find the, quote, 'needle in a haystack' by providing them with the tools to quickly mitigate risk.

The addition of these capabilities to the CyberGRX Exchange platform provides a central location where stakeholders, cyber defenders, and vendors can see the gaps in controls and where third parties are not meeting quality standards in their own risk posture, allowing the vendor themselves to assess and take steps to ensure proper cyber defenses. By doing so, organizations can spend less time researching and tackling concerns that may be of low impact, and systematically focus on the high and medium-level threats, instead.

This announcement comes on the heels of the company's launch of a Predictive Data tool for the Attack Scenario Analytics feature. This feature allows organizations to evaluate levels of risk posed by a third party against 13 key security categories established by the MITRE ATT&CK framework. The CyberGRX Exchange platform provides customers with a comprehensive solution for managing third-party risk, which can help them to better understand their vendor ecosystem and reduce their exposure to cyber threats.

[ Back To TMCnet.com's Homepage ]