CyberGRX, provider of the world’s first and largest global cyber risk exchange, has released an expanded Privacy section to their assessment framework that allows customers to confidently understand their third party’s privacy programs and adhere to increasing privacy regulations around sharing data with third parties and vendors. Unlike other third-party risk management solutions, CyberGRX’s platform is built on validated data and is powered by a risk exchange, enabling organizations to move past data collection and risk assessments, so they can start reducing third-party cyber risk. The expanded Privacy section acknowledges the increasing overlap between security and data privacy requirements and will arm users with a comprehensive understanding of security and privacy risks associated with a particular vendor.
In refreshing its third-party risk assessment with broader Privacy coverage, CyberGRX was able to reduce the question set and further streamline the assessment. Now businesses and their third-party vendors will be able to receive deeper insights into cyber and privacy risks and a more holistic view of their overall security posture. The added Privacy content covers multiple industry frameworks including, General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Australian Privacy Principles (APP), and focuses on Data Protection Principles such as Privacy Data Identification, Privacy Governance, Privacy Data Control, and Privacy Transparency. Collectively, the assessment now offers a dual look at both third-party security and privacy and reduces the need for multiple TPCRM solutions, offering enterprises an economic and resourceful option as security budgets decrease and cyber risks increase around the world.
“We are constantly striving to help our customers build effective third-party risk management programs, while meeting and overcoming industry requirements and challenges,” said Fred Kneip, CEO of CyberGRX. “It was critical to us to work with our customers to identify how we could arm them with new insights around privacy without creating a taxing and overwhelming experience for their third parties. The expansion of the Privacy content to our assessment framework allows our customers to confidently meet regulatory requirements, while streamlining their initiatives and reducing budget.”
The expanded Privacy content advances CyberGRX’s use case beyond just third-party cyber risk and creates a broader application for the market, where enterprise customers can evaluate third parties on cyber risk and now privacy data protections. CyberGRX’s existing customers will find that within their risk assessments, the GDPR control group has been replaced by the broadly named PRI control group. Within the PRI control group and throughout the assessment, questions have been updated to comprehensively cover privacy data protections.
For more information on CyberGRX products and services, please visit: https://www.cybergrx.com.
CyberGRX is on a mission to modernize third-party cyber risk management. Built on the market’s first third-party cyber risk exchange, CyberGRX’s dynamic and scalable approach is innovating TPCRM for enterprises and third parties. Armed with fast and accurate data and a proven and innovative approach, CyberGRX customers make rapid, informed decisions and confidently engage with partners. Based in Denver, CO, CyberGRX was designed with partners including Aetna, Blackstone and MassMutual.