Avetta releases Cyber Risk Solution for complete supply chain cyber health visibility

Avetta has released the Cyber Risk Solution, providing a quantitative score that evaluates cyber health in 10 areas and delivers an aggregate grade for each supplier.

The Avetta One feature offers a diagnostic cyber health check that identifies potential risk areas for companies to investigate further.

The problem

Supply chains are particularly vulnerable to cyberattacks, as suppliers, contractors and vendors tend to have less mature IT and security functions.

Consider this:

• Almost half of small businesses have been victims of cyberattacks.
• Gartner predicts 45% of global organizations will be impacted by a supply chain cyberattack by 2025.
• A total of 108.9 million global accounts were breached in the third quarter of 2022, a 70% increase compared to the previous quarter.
• IBM found 75% of organizations have had a ransomware attack – 64% paid the ransom and 40% failed to recover their data.

US disruptions in fuel supplies occurred when a hacker launched a cyberattack on Colonial Pipeline by stealing a single password. Cyberattacks can cause debilitating business disruptions involving stolen data, locked systems, interrupted operations, and other problems throughout a supply chain. These attacks are also incredibly high profile and can put a company’s reputation at risk.

The solution

The Cyber Risk Solution is the latest component of Avetta One, a supply chain risk monitoring platform. The new feature provides instant visibility into the cyber health of a company’s full supply chain, including continuous monitoring that alerts clients when the risk score falls outside of an acceptable range.

Clients can use it as a diagnostic tool to gain insight into third-party cyber risks and inform sourcing decisions.

“Suppliers and contractors are often an overlooked cybersecurity risk, but supply chain cyberattacks are increasing and can have devastating consequences,” said Taylor Allis, Avetta Chief Product & Marketing Officer.

“Avetta’s Cyber Risk Solution transforms the supply chain risk management landscape by offering a comprehensive way for businesses to constantly monitor all third parties for safety, financial health, ESG and now cybersecurity,” Allis added.

Avetta’s Cyber Risk Solution can identify potential risks that could lead to an attack, making it a critical part of understanding holistic supplier and contractor risk. For example, a supplier with an F rating is seven times more likely to be a victim of a cybersecurity breach than one with an A rating.

A procurement leader at a large transportation company said the Cyber Risk Solution’s reporting capabilities are “fantastic,” adding, “I can get a clear picture into the suppliers that have a cybersecurity risk and am able to drill down into specific issues easily.”

The feature can be used for companies of all sizes and industries, but it is particularly relevant to companies with large dependencies on supply chains for operations and delivery due to the magnitude of a potential business interruption from a cyber incident.

Power generation and utility companies can be especially vulnerable because power outages or service interruptions can impact thousands or millions of consumers.

Avetta’s Cyber Risk Solution is powered by SecurityScorecard. The company provides actionable insights for over 12 million organizations so users can know who to trust, quickly respond to cyber risks, and strengthen cyber defenses.

“While more organizations today are aware of the cyber risks they face, we find that many still neglect the massive cyber vulnerabilities in their extended supply chain. Organizations need visibility into the security ratings of their entire third- and fourth-party ecosystem so that they can know in an instant whether an organization deserves their trust and can take proactive steps to mitigate risk,” said Alex Rich, VP, Strategic Alliances at SecurityScorecard.

“With this partnership, Avetta is helping their clients get simple visibility into those third-party risks to protect their data and the smooth flow of operations,” Rich continued.

Clients can share suppliers’ Cyber Health Scores with any of their suppliers so they can understand their cyber gaps and enact mitigation and corrective action plans to reduce potential supply chain cyber threats.