CyberGRX and ServiceNow Modernize Risk Assessment

CyberGRX and ServiceNow Modernize Risk Assessment

By Greg Tavarez

Organizations that work with multiple vendors, partners and suppliers are provided with a range of benefits. However, the threat landscape then expands because each vendor, partner or supplier respectively may have different security practices and may be vulnerable to different types of attacks. As a result, an organization's risk exposure can increase when it works with multiple third-party entities.

For example, if one of the organization's vendors is compromised by a cyberattack, the attacker gains access to sensitive information and systems of the organization, as well. Furthermore, if one vendor has access to another vendor's systems, a compromise of the first vendor's systems potentially leads to a compromise of the second vendor's and, subsequently, the organization's systems.

It’s important for organizations to have a comprehensive vendor risk management program in place to assess and mitigate risks associated with working with multiple vendors, partners and suppliers. One such solution is ServiceNow Vendor Risk Management, which helps organizations continuously monitor critical vendors so businesses can evaluate, mitigate and remediate risks.

Still, ServiceNow VRM customers needed a way to streamline their third-party cyber risk program. Enter an integration with CyberGRX, a provider of third-party cyber risk data exchange. CyberGRX provides third-party threat intelligence, predictive risk insights, outside-in scanning and scoring and a portfolio-wide view of security gaps.

Through the integration, ServiceNow VRM customers now have access to CyberGRX’s extensive third-party risk data. This enables them to prioritize risk actions and maintain constant visibility on emerging third-party threats.

The CyberGRX ServiceNow integration leverages the CyberGRX API to enable customers to create or link vendors to over 200,000 companies in the CyberGRX Exchange. Customers can complete eight impact questions to identify the inherent risk(s) posed by each vendor, including the probability of targeted attacks and potential harm to the business.

Customers can also request assessments on vendors, view assessment statuses, and review attested results including assessment scores, findings and the report PDF.

 “More than 80% of the top 500 companies requested by customers are already on the Exchange. Coupling this data with advanced machine learning capabilities, we empower organizations to view, analyze and share cyber risk data like never before,” said Fred Kneip, CEO at CyberGRX. “By partnering with other leaders in the risk management space, such as ServiceNow, we are able to work together to develop revolutionary risk-reducing capabilities and programs.”

When it comes to cybersecurity, organizations need data they can trust. The integration allows those organizations to make decisions, manage risks and meet compliance with trusted data and insights to save money, time and resources.

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

Related Articles

Say Goodbye to Passwords: 1Password Unveils Two Passkey Innovations

By: Greg Tavarez    6/9/2023

1Password now offers customers the ability to save and sign into online accounts with passkeys as well as unlocking 1Password accounts with a passkey.

Read More

Industrial Cybersecurity Transformed: Secureworks Launches Integrated MDR Solution for OT and IT

By: Greg Tavarez    6/8/2023

Secureworks announced two new offerings to unify the way industrial organizations prevent, detect and respond to threats across the OT and IT landscap…

Read More

K8 Notifier: A New Twist on Cloud Cybersecurity

By: Matthew Vulpis    6/8/2023

K8 Notifer can create a suite of alerts for MSP to detect suspicious activity in the configuration and patterns of their and their customers cloud ser…

Read More

Impossible Cloud Paves Way with New Program in the Web3 Era

By: Greg Tavarez    6/8/2023

Impossible Cloud's Partner Program allows partners and resellers to seamlessly implement, demo and integrate its efficient, performance-driven solutio…

Read More

CrowdStrike Empowers Next-Gen Cybersecurity with Generative AI

By: Stefania Viscusi    6/8/2023

Security company CrowdStrike unveiled Charlotte AI, a new generative AI cybersecurity that will help to democratize security and empower users of the …

Read More