DENVER--(BUSINESS WIRE)--CyberGRX, provider of the world’s first and largest global cyber risk exchange, today announced the availability of CyberGRX Ransomware Threat Profiles, a new resource to help customers and their third parties combat ransomware. The Ransomware Threat Profiles provide access to an overview of the ransomware risk within their entire third-party ecosystem.
As ransomware attacks surge across the globe, CyberGRX is giving enterprises the ability to visualize associated attack methods and prioritize controls for remediation among their vendors. CyberGRX has examined tactics and techniques from over 160 use cases, including 49 ransomware attacks, to identify 124 controls that have been specifically deemed as critical to ransomware protection by the MITRE ATT&CK framework. The Ransomware Threat Profiles provide a contextual view of how third parties rate against each identified control and allow companies to filter by those controls that are missing and follow up with the third party to request remediation. CyberGRX has Threat Profiles available to customers for a general ransomware scenario as well as those specific to recent attacks including the REvil ransomware targeting Kaseya, CodeCov, Accellion, SolarGate, Microsoft Exchange Servers and more.
“In order to fight ransomware, companies need a methodology that combines a wide range of security safeguards with a modern approach to third-party cyber risk management,” said Fred Kneip, CEO of CyberGRX. “With over 100,000 participating companies in our Exchange platform, coupled with our partnerships with leading threat intelligence companies, CyberGRX is able to provide comprehensive data analytic capabilities that will empower customers to confidently identify major gaps by third parties and the necessary mitigation controls to halt new and sophisticated ransomware threats.”
CyberGRX’s Ransomware Threat Profiles are available through their Framework Mapper feature. The Framework Mapper capability allows third parties to replace redundant assessments with the CyberGRX assessment by simply mapping the assessment back to relevant industry frameworks such as GDPR, CCPA, NIST 800/CSF, HIPAA, etc.—as their customers request. Framework Mapper leverages the MITRE ATT&CK Framework to map attack methods used in recent third-party breaches and supply chain attacks to an organization’s vendor ecosystem, empowering users to quickly identify their third parties that may have been impacted or determine which third parties are most likely to experience a ransomware attack. This capability will enable CyberGRX to further its goal of establishing a community of security professionals dedicated to reducing risk, putting a stop to the domino effect traditionally caused by third-party breaches and security incidents.
To learn more about this new feature and stay up to date on all the news surrounding CyberGRX, please visit: https://www.cybergrx.com/.
CyberGRX is on a mission to modernize third-party cyber risk management. Built on the market’s first third-party cyber risk exchange, CyberGRX’s dynamic and scalable approach is innovating TPCRM for enterprises and third parties. Armed with fast and accurate data and a proven and innovative approach, CyberGRX customers make rapid, informed decisions and confidently engage with partners. Based in Denver, CO, CyberGRX was designed with partners including Aetna, Blackstone and MassMutual.