TechValidate Research on CyberGRX

6 Charts


CyberGRX Customer Research

What do you use CyberGRX for?

Assessing third party vendors as part of the procurement process (vetting and onboarding)
87%
Assessing third parties as part of a compliance program (assessment audits)
70%
Continuously monitoring third parties as part of a cybersecurity program
64%
Aligning third party control gaps to common and recent cyberattacks
32%
Establishing industry benchmarks to improve my own third-party cyber risk program
15%

CyberGRX Customer Research

What were the key pain points experienced prior to using CyberGRX?

Lack of visibility against current cyber threats involving third parties
53%
Completed assessments took too long to receive
51%
Process was focused on assessment completion and not risk data analysis
42%
No benchmarkable data to share with C-suite and/or Board
40%
Procurement-focused third-party process without security involvement
29%

CyberGRX Customer Research

How quickly did you realize a return on your investment with CyberGRX?

Immediately: 14%
Within the first 3 months: 12%
Within the first 6 months: 14%
Within the first year: 28%
Within 1-2 years: 33%

CyberGRX Customer Research

Surveyed IT professionals have experienced the following key pain points prior to using CyberGRX:

Too much time spent completing bespoke assessments
75%
Too much time needed to address customer follow up questions or requests post-assessment share
64%
Urgent and unplanned bespoke assessment requests for presale procurement
43%
A lack of control over cyber reputation and risk posture due to use of security ratings and outside-in scanning tools
25%
A lack of program success metric data (time saves, acceptance rate on shares, etc.) or benchmarkable data to share with the C-suite and/or the Board
19%

CyberGRX Customer Research

Surveyed IT professionals use CyberGRX to improve their cyber risk management in several key ways:

Assessing third party vendors as part of the procurement process
86%
Assessing third party cyber risk as part of the security process
79%
Monitoring third parties as part of a compliance program
52%
Aligning third party control gaps to common and recent cyberattacks
17%
Establishing benchmarks for industry security
7%
Mapping third party vendors to industry standards
7%

CyberGRX Customer Research

Surveyed IT professionals experienced the following key pain points prior to using CyberGRX:

Completed assessments took too long to receive
60%
Assessment data is not organized or actionable in a way to help me make decisions
45%
Lack of visibility against current cyber threats involving third parties
45%
Procurement-focused third party process without security involvement
29%
No benchmarkable data to share with C-suite and/or Board
29%
Other
17%



More Research on CyberGRX