CyberGRX Spotlighted in TAG Cyber Analysis “Using Cyber Risk Intelligence to Manage Third-Party Cyber Risk”

2 minute read

October 2022

Denver – October 18, 2022 – CyberGRX, provider of the world’s first and largest global risk exchange, today announced the issuance of a report by TAG Cyber, the leader in democratizing world-class cybersecurity research and advisory services, on “Using Cyber Risk Intelligence to Manage Third-Party Cyber Risk: An Overview of CyberGRX.” In this report, TAG Cyber analyst, Dr. Edward Amoroso analyzes the common challenges of third-party security, the benefits of implementing a data intelligence approach and an overview of the unique features offered by CyberGRX that can help organizations accelerate their risk management efforts. 

The state of vendor breaches and supply chain attacks today underscores the need for prioritization of third-party cyber risk management.

“The state of vendor breaches and supply chain attacks today underscores the need for prioritization of third-party cyber risk management. Many of these risks can be drastically reduced if we modernize our approach and focus on the collection and analysis of cyber risk intelligence and data, compared to traditional risk management methodologies,” said Dr. Amoroso, CEO and Founder of TAG Cyber. “The goal of this report is to demonstrate to security, risk and procurement professionals how the CyberGRX platform encompasses these principles and can support them on their third-party cyber risk management journeys.” 

The report outlines the advantages of a data intelligence approach and how it can strengthen risk management processes to better manage cyber risk and the reputation of third parties. TAG Cyber lists some of the key intelligence features below:

  • Emphasis on Data Analytics—Rather than just managing questionnaires, risk-intelligence-driven approaches depend on the use of advanced analytics. This process works best when the data collected forms a repository that can be used to validate existing practices and predict future issues. 
  • Support for Scaling—For third-party cyber risk management (TPCRM) to scale across enterprise and third-party participants, methods  such as crowdsourcing can simplify data gathering. An additional strategy is to create an  exchange which can reduce the amount of coordination required between multiple enterprise  and third-party companies. 
  • Focus on Actionable Insight—Effective solutions for TPCRM must focus on driving actionable  insights for both enterprise and third-party participants. This implies that the repository and  analytics support tasks such as prioritization, benchmarking and other methods of assessing or  reducing risk. 

“At CyberGRX, we consistently look for ways to challenge the status quo. We work closely with enterprises and third-parties to discuss the hurdles they are facing in regards to risk management and then innovate new features and capabilities to address these challenges,” said Fred Kneip, CEO of CyberGRX. “We feel this report by TAG Cyber captures our intent to steer organizations in the right direction so that they can make risk management attainable and effective, and actually reduce risk.”  

Download your free copy of the TAG Cyber report, “Using Cyber Risk Intelligence to Manage Third-Party Cyber Risk.” 

Related Articles

About Us

ProcessUnity is a leading provider of cloud-based applications for risk and compliance management. The company’s software as a service (SaaS) platform gives organizations the control to assess, measure, and mitigate risk and to ensure the optimal performance of key business processes. ProcessUnity’s flagship solution, ProcessUnity Vendor Risk Management, protects companies and their brands by reducing risks from third-party vendors and suppliers. ProcessUnity helps customers effectively and efficiently assess and monitor both new and existing vendors – from initial due diligence and onboarding through termination. Headquartered outside of Boston, Massachusetts, ProcessUnity is used by the world’s leading financial service firms and commercial enterprises. For more information, visit