Blog Post
New Features: Third-Party Cyber Risk Quantification & Transparent Data
November 15, 2022
New Feature: Third-Party Cyber Risk Quantification
Third-party cyber risk can be a lot like the wild wild west - it’s hard to predict where your next loss will come from. We know that third-party cyber events can lead to millions of dollars of loss revenue, remediation costs, regulatory fines & more. That’s why Kovrr has made significant updates to their platform to help put a financial quantification on risk derived from your organization’s third parties.
The third-party risk feature provides users with insights on:
- Third-Party vs. First-Party Risk
- Probability of experiencing a third party cyber event
- Vendors most likely to have a significant cyber event
- Financial impact of a third party cyber event (e.g. data leak)
- Data inputs that can affect the results
How can this help you?
- Better understand the contribution of third party risk to your overall exposure.
- Identify losses associated with specific third party providers.
- Receive security posture recommendations that can limit damage from third parties.
- Insight into the amount of cyber insurance third party providers must have in order to keep your business secure.
New Feature: Asset Table, Data Transparency for Integrations
Did you integrate Kovrr's CRQ platform with your SIEM, EDC, SOAR, BAS, SMDB, IPS, or GRC Platform, ? Wouldn’t it be great to understand how that data feeds Kovrr’s modeling process? NOW YOU CAN 🪄
The platform now provides visibility into the data used from the integration and shows users how the data maps to the company sphere and influences model results. The platform will now show you insights into:
- What data is used from the integration?
- How is the data used to map the organization?
- What are the critical properties of the assets in an asset group?
- What vendor is the data attributed to?
This will significantly reduce the inferences needed to be taken by the infosec team and help create data-driven results reflecting the data already gathered by your other security tools. To get started, Kovrr will need read permissions to integrate with one of the security systems we support.
Understanding your organization's third-party risk is a crucial aspect of any business resiliency program and must be carefully considered when pursuing cybersecurity mitigation plans. Especially as threat actors are being increasingly creative and sophisticated when attempting to penetrate service providers, cybersecurity leaders must do all they can to account for this type of risk.
Contact our risk experts today to learn more about CRQ aids the third-party cybersecurity process.
.jpg)
.jpg)
