RiskRecon and CyberGRX provide orgs with a contextual view of their third-party cyber risk

RiskRecon and CyberGRX announced a strategic partnership to provide organizations with a complete, contextual view of their third-party cyber risk posture. CyberGRX customers can now view RiskRecon ratings for every vendor in the CyberGRX Exchange based on continuously updated data.

The customizable interactive widget enables users to drill down for detailed information on the ratings, which are uniquely risk prioritized based on a combination of issue severity and asset value. In addition, joint customers can easily login to the RiskRecon console through the widget.

As our digital ecosystem continues to expand and becomes more complex, the challenge of managing an organization’s risk surface has never been greater. Traditional risk assessments performed annually or bi-annually are outdated and do not reflect today’s rapidly changing digital ecosystem.

New research from RiskRecon and Cyentia Institute reveals that while 79% of firms have a third-party risk management (TPRM) program, only 14% are confident that vendors actually trust third parties’ security matches responses from their questionnaires.

Security professionals are desperately looking for new ways to manage third-party cyber risk that reflect the rapidly changing digital world.

“Security and IT teams need a risk-driven approach to managing third-party cyber risk based on real-time data that reflects their current environment and extended ecosystem at any given moment,” said Fred Kneip, CEO, CyberGRX.

“RiskRecon’s industry-certified data accuracy and multidimensional approach to automatically risk prioritize issues based on asset value and issue severity is a game changer.

The combination of RiskRecon’s leading risk ratings data and the validated assessment data available through CyberGRX Exchange will provide security and IT teams with unparalleled visibility into any threat activity within their environment and the ability to intelligently manage the risk surface of their extended ecosystem of third parties.”

RiskRecon continuously monitors the cybersecurity risk of four million companies across the most highly regulated industries, including financial services and healthcare.

By integrating RiskRecon with CyberGRX’s proven ability to assess and validate risk within an organization’s third-party ecosystem, customers are empowered to prioritize which vulnerabilities to tackle first based on their evolving network of third parties.

Together, RiskRecon and CyberGRX provide organizations with the most comprehensive view of their risk surface in real-time through automated, continuous cyber risk monitoring.

“CyberGRX provides dynamic data into a company’s entire risk surface for true, real-time third-party risk management,” said Kelly White, co-founder and CEO, RiskRecon.

“By combining CyberGRX’s inside-out view of cyber risk with RiskRecon’s outside-in approach, organizations have access to their entire risk surface based on real-time, third-party, cyber risk data for complete visibility.”

The RiskRecon and CyberGRX partnership will be rolled out in a series of phases. Phase one includes the RiskRecon widget and is available now. Plans for forthcoming enhancements include a contextualized solution with a pre-assessment super rating.

Additional details about enhancements to the RiskRecon and CyberGRX partnership will be made public as soon as that information is available. CyberGRX joins RiskRecon’s network of best-of-breed security consultants, MSSPs, resellers, technology partners and industry alliances.