For Enterprises

CyberGRX for Enterprises

The market’s only third party cyber risk platform

HOW IT WORKS

STEP 1: PLAN

1. Load your third parties into the CyberGRX Plan module

2. Answer questions to determine inherent risk

3. CyberGRX’s proprietary Dynamic Risk Ranker™ recommends appropriate level of due diligence for each third party

4. Visualize your third party ecosystem by services provided, inherent risk and by asset class involved

STEP 2: ASSESS

1. If your third party’s assessment is in the CyberGRX Exchange, place an order and you’ll receive instant access (upon approval by third party)

2. If your third party’s assessment is not yet in the CyberGRX Exchange, initiate coverage and our team performs the assessment from beginning to end. Assessment options – all updated quarterly:

Tier 1: On-site assessment with validated evidence of controls

Tier 2: Long-form self-assessment with automated validation rules

Tier 3: Short-form self-assessment with self attestation

STEP 3: MITIGATE

1. CyberGRX identifies the greatest risk exposures and recommends prioritized remediation advice to your third parties

2. Machine learning driven algorithms drive the decomposition of successful breaches and illuminate areas where mitigation will be most successful

3. Collaborate with your third parties to agree upon a mitigation plan

4. Visualize remediation progress via the CyberGRX Progress Tracker™

5. Full audit trail of all communication

STEP 4: MONITOR

1. CyberGRX ingests threat and business intelligence from top providers and correlates back to third parties in your ecosystem

2. Receive an alert if a third party experiences a state change

A. Breach

B. Acquisition/Divestiture

C. New attack that leverages a weak control

TAKE THE THIRD PARTY PROGRAM MATURITY QUIZ