Two specialists in cybersecurity risk management – CyberGRX and RiskRecon, a Mastercard Company – have integrated their services to provide organisations with a comprehensive view of their risk surface in real-time through automated, continuous cyber risk monitoring.
The strategic partnership integrates RiskRecon’s continuous cybersecurity risk monitoring of four million companies across highly regulated industries, including financial services and healthcare, with the CyberGRXglobal cyber risk exchange, which assesses and validates risk within an organisation’s third-party ecosystem.
The addition of a customisable RiskRecon widget will enableCyberGRX customers to view and examine RiskRecon ratings for every vendor in the CyberGRX Exchange, based on continuously updated data. Joint customers will also be able to login to the RiskRecon console through the widget.
Integration of the two companies’ services gives a real-time, dynamic alternative to the often untrusted annual or bi-annual risk assessment questionnaires completed by third-party vendors.
In a recent survey byRiskRecon and Cyentia Institute, 81% of respondents said that three out of four vendors pass their security questionnaires. Yet, just 14% trust that the answers provided are a true representation of a vendor’s current security posture.
Fred Kneip, CEO of CyberGRX, said: “Security and IT teams need a risk-driven approach to managing third-party cyber risk based on real-time data that reflects their current environment and extended ecosystem at any given moment. The combination of RiskRecon’s leading risk ratings data and the validated assessment data available through CyberGRX Exchange will provide security and IT teams with unparalleled visibility into any threat activity within their environment and the ability to intelligently manage the risk surface of their extended ecosystem of third parties.”
The RiskRecon and CyberGRX partnership will be rolled out in a series of phases, starting with the RiskRecon widget, which is available now, followed by a contextualised solution with a pre-assessment super rating.