How Blackstone Assessed 3x More Vendors Than Before: Interactive Case Study

Blackstone Case Study – Interactive
How a Leading Investment Firm Assessed 3x More Vendors Than Before
Blackstone trusted CyberGRX to arm them with a modern third-party cyber risk program. The result? A streamlined approach that reduced resource spend by 50%, allowing Blackstone to reallocate resources to true risk management, reduction, and mitigation efforts – and that’s not all.
The Company: Blackstone
Founded in 1985, Blackstone is one of the world’s leading
investment firms. They seek to create positive economic
impact and long-term value for their investors, the
companies they invest in, and the communities in which
they work.
Blackstone has over 3,000 vendors themselves,
while their portfolio, which includes over 100 companies, has
tens of thousands of vendors.
The Problem: Spreadsheet assessments and endless phone tag couldn’t keep up
With a steadily growing ecosystem of third parties, Blackstone needed a streamlined, scalable solution that could force-multiply their third-party cyber risk management efforts. They were onboarding 4 to 6 new vendors every month, and static spreadsheets just weren’t cutting it.
Wasted time and resources
on tedious, manual tasks
Lack of shared insights
Couldn’t scale with vendor growth
The Results:
Blackstone assesses 3x the number of vendors than
previously assessed
Blackstone has been able to reduce the resources allocated to their previously inefficient assessment process, from 1 to .5 FTE
The Solution: A new, game-changing approach
CyberGRX’s dynamic assessments and advanced analytics have enabled Blackstone to prioritize critical areas of risk and allows them to have informed, risk-based discussions with their vendors and business partners.
Once a vendor completes an assessment on the Exchange, it’s kept up-to-date, shared with approved partners, and significantly reduces the waste and overlap of redundant assessment requests between and among Blackstone and its portfolio.
Can now focus resources on true risk management, reduction, and mitigation efforts
What Blackstone is Saying:
“CyberGRX is a force multiplier for our third-party cyber risk management program. In just
the first year, I anticipate we will be able to
assess 3x more vendors than we assessed last
year and reallocate the resources saved to true
risk management and mitigation efforts.”
Adam Fletcher
Blackstone CISO


Leave a Reply