Third-Party Cyber Risk Management

Threat Profiles

Now both customers and third parties can view coverage of controls that are commonly exploited in cyber attacks.

threat profiles

Both common and recent attack profiles are available, and provide visibility to tactics needed to detect, prevent and mitigate common cybersecurity threats.

Ransomware Threat Profiles

The Ransomware Threat Profile, available in the Framework Mapper tool, allows a company to pull a report for individual third parties to view their coverage of 124 controls that have specifically been identified as critical to ransomware protection by MITRE®. ProcessUnity examined tactics and techniques from over 160 use cases, including 49 ransomware attacks, in order to identify primary controls needed to detect, prevent, and mitigate the threat of ransomware.

threat profiles

Other Common Threat Profiles

ProcessUnity also offers threat profiles aligned with specific ransomware campaigns and other recent cyberattacks including REvil Ransomware – Kaseya Supply Chain Attack, SolarGate, CodeCov, Accellion, Log4Shell, and Magecart. These profiles provide a view of how the third party rates against each identified control known to be exploited in these attacks. Companies can filter by those controls that are missing/absent and follow up with the third party to request remediation.

common threat profiles

Ecosystem View

ProcessUnity Ransomware Ecosystem View is an additional report available to ProcessUnity members that provides an overview of the ransomware risk within their entire third-party ecosystem. This report provides a holistic view of which third parties currently have at least one ransomware gap as well as the which controls are least covered across their portfolio.

To successfully fight cyber threats, companies need to take a modern approach to third-party cyber risk management that includes threat intelligence and comprehensive data analytic capabilities.

full ecosystem

Threat Profile: Log4j Explained

The Global Risk Exchange (formerly CyberGRX) is an innovative platform designed to transform the way organizations manage third-party risk. Schedule your personalized demo of our award-winning software and start your journey today!

Request a Demo: Global Risk Exchange