TechValidate Research on CyberGRX

TechValidate Customer Research Library / CyberGRX / Case Studies /

CyberGRX Case Study

The University Of Southern California

Introduction

This case study of The University of Southern California is based on an August 2022 survey of CyberGRX customers by TechValidate, a 3rd-party research service.

Share

Embed

Download

“CyberGRX Predictive Risk Profiles provide me dynamic and immediate data on my third parties that I previously did not have with assessments alone.”

“CyberGRX is helping me improve my third-party cyber risk management program through the ability to continuously monitor and analyze my third-party risk data beyond assessments and workflows.”

“CyberGRX has moved our program from a volume-driven assessment program to a risk-based third-party program. We now have risk insight into 25% of our vendor population through the platform; this was a major improvement from the 5% we had before.”

Challenges

What were the key pain points experienced prior to using CyberGRX:

  • Procurement-focused third-party process without security involvement
  • Process was focused on assessment completion and not data analysis
  • A lack of visibility against current cyber threats involving third parties
  • No benchmarkable data to share with C-suite and/or Board

Use Case

What do you use CyberGRX for:

  • Assessing third-party vendors as part of the procurement process (vetting and onboarding)
  • Assessing third parties as part of a compliance program (assessment audits)
  • Continuously monitoring third parties as part of a cybersecurity program
  • Establishing industry benchmarks to improve my own third-party cyber risk program
  • Aligning third-party control gaps to common and recent cyberattacks

Said that CyberGRX Predictive Risk Profiles are used frequently by me and or/my team in conjunction with self-attested assessments

Results

The surveyed organization achieved the following results with CyberGRX:

  • Realized a return on their investment with CyberGRX immediately.
  • Compared to other tools, how would you rate the following features of CyberGRX:
    • Auto-Inherent Risk Ratings: Best In Class
    • Predictive Risk Profiles: Best In Class
    • Framework Mapper: Best In Class
    • Threat Profiles: Best In Class
    • Third-Party Threat Intelligence Scores & Data (RiskRecon and Recorded Future integrations): Best In Class
  • Said that due to the Exchange model and Predictive Risk Profiles that CyberGRX provides, “I have visibility to data on more than 25% of my third parties under management.”
  • Reported that CyberGRX platform is extremely important (critical) to their overall third-party cyber risk management program.

Organization Profile

Organization:
The University of Southern California

Industry:
Educational Institution

About CyberGRX

With 360-degree correlated data and rich, diverse analytics to support real-time decision-making, you have more insight into your third-party cyber risk surface than ever before.

Learn More:

CyberGRX

Source: Kennde McCrumada, IT Risk Manager, The University of Southern California
Validated
  Published: Dec. 14, 2022   TVID: 9D9-07D-AC4




About This Data

This data was sourced directly from verified users of CyberGRX by TechValidate.

TechValidate verifies the identity and organizational affiliation of all participants that contribute to published research data. When research participants so desire, we also guarantee their anonymity so that they may share information honestly and freely.


More Research on CyberGRX



© Copyright 2024 SurveyMonkey. All marks used on this site are the property of their respective owners. Privacy Policy Terms of Use