We Are Dedicated To Transforming Third-Party Cyber Risk Management
Why We Created the Cyber Risk Exchange
It started with a seemingly simple request. An organization set out to assess the security posture of one of their vendors and uncovered that vendor was being assessed by not one, but thousands of other companies. The assessments, while slightly customized, were mostly redundant and incredibly time consuming. The organization, vendor and some of the other upstream partners came together and committed to reduce the inefficiencies their third-party programs posed. They created a third-party global cyber risk management exchange and CyberGRX was born.
Force-Multiplying Third-Party Cyber Risk Management
Board of Directors
Founded by former CISO’s and risk officers and backed by world-class investors, CyberGRX partners with some of the most trusted names and brands in cybersecurity.
Partner, Bessemer Venture Partners
Founder & General Partner, Ten Eleven Ventures
Managing Director, Clearsky Security
President & CEO, Cylance
Former CEO, RSA “Much is made today of the insider threat. As many as 60% of attacks are attributed to insiders. But a close look (under the covers) reveals that many of those attacks are the result of compromised credentials and through third party relationships with insider access. Further, many of the compromised credentials are the result of social engineering attacks enabled and abetted by already compromised third parties. It’s a vicious circle. The CyberGRX Platform provides a much more efficient way to evaluate and combat these threats.”
Director, ClearSky Security “Third party relationships represent some of the hardest-to-manage cyber risks at organizations of all types. It’s a unique challenge that historically has only been solved by adding headcount – an inefficient and difficult to scale approach. Fortunately, the CyberGRX Platform provides a substantially smarter and more secure solution.”
CEO, Veracode “Third-party risk is escalating dramatically as the vast majority of enterprises are increasingly reliant upon outside suppliers for technology solutions and when internally developed technologies almost always rely on components from a third party. Traditional vendor attestations are woefully insufficient and the CyberGRX Platform will provide a construct for reducing third-party risk with a programmatic, prioritized construct that is already backed by the world’s best companies.”
CyberGRX is a force multiplier for our third-party cyber risk management program. In just the first year we will be able to assess 3x more vendors than we assessed last year and reallocate the resources saved to true risk management and mitigation efforts.