CyberGRX Launches Free Tool to Help Companies Benchmark Third-Party Cyber Risk


CyberGRX Third-Party Cyber Risk Management Maturity Grader allows organizations to quickly understand the state of their third-party cyber risk management program and score compared to peers

CyberGRX, provider of the most comprehensive third-party cyber risk management (TPCRM) platform, today announced the availability of a free online tool that allows organizations to benchmark third-party cyber risk against their peers. The CyberGRX Third-Party Cyber Risk Management Maturity Grader enables organizations to better understand the maturity of their TPCRM programs and provides prescriptive recommendations to take immediate action to advance them.

To take the quiz and receive a third-party cyber risk management maturity grade, please visit:

Using the Third-Party Cyber Risk Management Maturity Grader, organizations can take a quick five-minute, 11-question quiz and instantly learn where they stack up against other organizations in regards to analyzing, assessing, mitigating and monitoring third-party cyber risk. The quiz measures critical components of a company’s TPCRM strategy, including assessment methodologies and frequency, automation, documentation, and remediation and mitigation plans.

The combination of outsourcing, globalization and the digitization of business has created new third-party security and resiliency risks that many businesses are just starting to address. Large companies often have tens of thousands of suppliers, vendors and affiliates and smaller start-up companies can have dozens of suppliers and vendors. Managing risk from this digital ecosystem is now a board-level issue. According to PwC’s 2016 Global State of Information Security report, third-party contractors are the biggest source of security incidents outside of a company’s employees.

In addition to instantly grading an organization’s third-party cyber risk management program, the CyberGRX quiz provides a gateway to context-specific resources that can be utilized to develop best practices for moving up the maturity curve. It also provide stools for sharing these resources with key program stakeholders.

“At a minimum, organizations must be able to: identify the inherent risks across their third-party portfolio; assess security controls and understand gaps from a third-party cyber risk perspective; mitigate those gaps; and monitor for attacks that could exploit weak controls that have not been remediated,” said Fred Kneip, CEO, CyberGRX. “The tool we’re unveiling today provides organizations an understanding of where their TPCRM programs fall along the maturity curve and is a first step for organizations that want to build a program to truly manage their cyber risk.”

CyberGRX provides the most comprehensive third-party cyber risk management platform to cost-effectively identify, assess, mitigate and monitor an enterprise’s risk exposure across its entire partner ecosystem. For more information, visit or follow @CyberGRX1 on Twitter.