Both common and recent attack profiles are available, and provide visibility to tactics needed to detect, prevent and mitigate common cybersecurity threats.
Ransomware Threat Profiles
The Ransomware Threat Profile, available in the Framework Mapper tool, allows a company to pull a report for individual third parties to view their coverage of 124 controls that have specifically been identified as critical to ransomware protection by MITRE®. CyberGRX examined tactics and techniques from over 160 use cases, including 49 ransomware attacks, in order to identify primary controls needed to detect, prevent, and mitigate the threat of ransomware.
Other Common Threat Profiles
CyberGRX also offers threat profiles aligned with specific ransomware campaigns and other recent cyberattacks including REvil Ransomware – Kaseya Supply Chain Attack, SolarGate, CodeCov, Accellion, Log4Shell, and Magecart. These profiles provide a view of how the third party rates against each identified control known to be exploited in these attacks. Companies can filter by those controls that are missing/absent and follow up with the third party to request remediation.
CyberGRX Ransomware Ecosystem View is an additional report available to CyberGRX members that provides an overview of the ransomware risk within their entire third-party ecosystem. This report provides a holistic view of which third parties currently have at least one ransomware gap as well as the which controls are least covered across their portfolio.