We are dedicated to transforming third-party cyber risk management


Why We Created the Cyber Risk Exchange

It started with a seemingly simple request. An organization set out to assess the security posture of one of their vendors and uncovered that that vendor was being assessed by not one, but thousands of other companies. The assessments, while slightly customized, were mostly redundant and incredibly time consuming. The organization, vendor and some of the other upstream partners came together and committed to reduce the inefficiencies their third-party programs posed. They created a third-party global cyber risk exchange and CyberGRX was born.

Backs of Giants

Art Coviello

Former CEO, RSA

“Much is made today of the insider threat. As many as 60% of attacks are attributed to insiders. But a close look (under the covers) reveals that many of those attacks are the result of compromised credentials and through third party relationships with insider access. Further, many of the compromised credentials are the result of social engineering attacks enabled and abetted by already compromised third parties. It’s a vicious circle. The CyberGRX Platform provides a much more efficient way to evaluate and combat these threats.”

Jay Leek

Director, ClearSky Security

“Third party relationships represent some of the hardest-to-manage cyber risks at organizations of all types. It’s a unique challenge that historically has only been solved by adding headcount – an inefficient and difficult to scale approach. Fortunately, the CyberGRX Platform provides a substantially smarter and more secure solution.”

Bob Brennan

CEO, Veracode

“Third-party risk is escalating dramatically as the vast majority of enterprises are increasingly reliant upon outside suppliers for technology solutions and when internally developed technologies almost always rely on components from a third party. Traditional vendor attestations are woefully insufficient and the CyberGRX Platform will provide a construct for reducing third-party risk with a programmatic, prioritized construct that is already backed by the world’s best companies.”

Our Advisory Board

Founded by former CISO’s and risk officers and backed by world-class investors, CyberGRX partners with some of the most trusted names and brands in cybersecurity. Partners and investors include:

Art Coviello
Former CEO, RSA

Bob Brennan
CEO, Veracode

Mahendra Ramsinghani
Chief Steward, Secure Octane

Dave Johnson
Former Head of Strategy, Dell
Former SMD, Blackstone

Mike McConnell
Former Vice Chairman, Booz Allen Hamilton
Former Director of National Security Agency

Patrick Gorman
Former Chief Security Officer (CSO) at Bridgewater Associates & Chief Information Security Officer (CISO) at Bank of America

Design Partners

CyberGRX is a force multiplier for our third-party cyber risk management program. In just the first year we will be able to assess 5x more vendors than we assessed last year and reallocate the resources saved to true risk management and mitigation efforts.

Adam Fletcher, CISO of Blackstone