According to a recent survey of more than 1,000 U.S. and U.K.-based CISOs by the Ponemon Institute, 59 per cent of companies said they have experienced a data breach caused by one of their vendors or third parties. With large organisations today having upwards of 100,000 third-party vendors to manage, and small organisations having a significant sub-set of that, managing third-party vendor risk is an important part of an organisation’s overall cyber-health.

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, has announced new functionality for its GRC management platform, KCM GRC, which helps organisations of all sizes address the growing problem of third-party vendor risk management. Organisations that do not know the cyber-health of vendors they do business with put themselves at risk of breaches and other cyber-attacks

Data and cyber security

Organisations that do not know the cyber-health of vendors they do business with put themselves at risk of breaches and other cyber-attacks. According to the Ponemon survey, 75 per cent of organisations believe that third-party cybersecurity incidents are increasing and 22 per cent of respondents admitted they didn’t know if they’d had a third-party data breach in the past 12 months.

Additionally, PwC’s recent report 'The Global State of Information Security Survey 2018' states that there are very few companies that are correctly building cyber and privacy risk management into their digital transformation initiatives. 

Third party vendors introduce risk to any organisation. The vendor lifecycle and those risks must be managed. With the introduction of vendor risk in the KCM GRC platform, we designed it as a simple, intuitive and scalable platform to easily manage these risks.” said Blake Huebner, KnowBe4’s SVP of KCM Strategy.

KCM GRC management platform

KnowBe4’s KCM GRC is an intuitive platform which Organisations can customise to measure third-party vendor risk. Once an initial assessment is completed, organisations can continually monitor against risk levels they’ve set. KCM GRC enables an organisation to keep track of everything within the platform, moving away from using cumbersome point products and office management tools, to adhere to policy and compliance management standards. As with all KnowBe4 offerings, KCM GRC comes with free and unlimited support.