CyberSecurityBoard
Sponsor Register Login

Drata unveils Third-Party Risk Management offering to help security teams identify risks

Drata announced its Third-Party Risk Management offering, empowering customers to identify, evaluate, and monitor third-party risks in one centralized and integrated platform.
Third-party risk has become a critical element of a strong governance, risk, and compliance program, especially when addressing sensitivities with data protection.
Drata's new Risk Trends Report found 83% of security professionals have experienced negative consequences as a result of their current TPRM process or informal oversight process.
Investment remains a challenge, with 44% of respondents saying their company may not have the appropriate staff or resources to thoroughly screen third parties.
Drata's TPRM offering provides security teams with a comprehensive tool for identifying, assessing, and continuously monitoring risks and integrating them with internal risk profiles.
This holistic approach ensures a unified, clear view of potential exposures across the entire organization to effectively and efficiently manage third-party risks.
Vendor import via Okta SSO integration & bulk upload: streamline adding and updating vendors in a Vendor Directory.
Vendor impact analysis: standardize the assessment of Vendor Impact and Impact Level by evaluating data access, operational impact, and more.
Vendor questionnaire responses: gain deeper insight into vendor risk posture.
Vendor risks: adding reminders, categorization, and treatment to track and continuously assess the risk of vendors as part of an organization's risk register.
Vendor risk overview: easily understand, prioritize, and act on all risks across vendors.
Vendor insights dashboard: keep stakeholders up-to-date on the overall risk impact of a current vendor ecosystem.
NIST AI Risk Management Framework to proactively set standards, collect evidence, and monitor controls to ensure proper governance of AI adoption across the workforce.
HRIS integrations, automating the evidence collection and control monitoring for 23+ Human Resources Information Systems.


This Cyber News was published on www.helpnetsecurity.com. Publication date: Wed, 13 Dec 2023 14:13:05 +0000


Cyber News related to Drata unveils Third-Party Risk Management offering to help security teams identify risks

16 top ERM software vendors to consider in 2024 - Enterprise risk management software helps organizations identify, mitigate and remediate business risks, which can lead to improved business performance. The risk management market is rapidly evolving from separate tools across different risk domains ...
5 months ago Techtarget.com
ProcessUnity Introduces Industry's All-In-One Third-Party Risk Management Platform - PRESS RELEASE. BOSTON-(BUSINESS WIRE)- ProcessUnity, provider of comprehensive end-to-end third-party risk management and cybersecurity solutions to leading enterprises, today announced the completed integration of the Global Risk Exchange. The newly ...
5 months ago Darkreading.com
Drata unveils Third-Party Risk Management offering to help security teams identify risks - Drata announced its Third-Party Risk Management offering, empowering customers to identify, evaluate, and monitor third-party risks in one centralized and integrated platform. Third-party risk has become a critical element of a strong governance, ...
6 months ago Helpnetsecurity.com
Third-Party Security Assessments: Vendor Risk Management - As businesses rely more heavily on external vendors to provide critical services and support, the importance of effective vendor risk management strategies becomes paramount. This article explores the significance of third-party security assessments, ...
5 months ago Securityzap.com
Key elements for a successful cyber risk management strategy - In this Help Net Security interview, Yoav Nathaniel, CEO at Silk Security, discusses the evolution of cyber risk management strategies and practices, uncovering common mistakes and highlighting key components for successful risk resolution. Nathaniel ...
5 months ago Helpnetsecurity.com
New infosec products of the week: December 15, 2023 - Here's a look at the most interesting products from the past week, featuring releases from Censys, Confirm, Drata, Safe Security, and SpecterOps. Nemesis: Open-source offensive data enrichment and analytic pipeline. Nemesis is a centralized data ...
6 months ago Helpnetsecurity.com
Drata unveils Adaptive Automation for streamlined compliance - Drata has unveiled a new offering, Adaptive Automation. Augmenting the scope of continuous control monitoring and evidence collection, Adaptive Automation empowers GRC professionals to save time and automate even more of their compliance program ...
3 months ago Helpnetsecurity.com
A Plan to Protect Critical Infrastructure from 21st Century Threats - On April 30th, the White House released National Security Memorandum-22 on Critical Infrastructure Security and Resilience, which updates national policy on how the U.S. government protects and secures critical infrastructure from cyber and ...
1 month ago Cisa.gov
What Are the 6 Types of Risk Assessment and How Do They Work? - Risk assessment is a tool used to help quantify potential risks in a certain situation. It can be used in many different scenarios, including business operations, financial decisions, and also cybersecurity. A risk assessment helps you identify areas ...
1 year ago Thehackernews.com
Enhancing Organisational Security: A Comprehensive Guide to Insider Risk Management Courses - In a world increasingly aware of internal security threats, the necessity for comprehensive insider risk management courses has never been more crucial. Astonishingly, up to 90% of organisations acknowledge their vulnerability to insider attacks, ...
5 months ago Securityboulevard.com
Master Security by Building on Compliance with A Risk-Centric Approach - In recent years, a confluence of circumstances has led to a sharp rise in IT risk for many organizations. That's why a proactive approach to seeing, understanding, and acting on risk is key to improving the effectiveness of defenses in place to meet ...
5 months ago Cyberdefensemagazine.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
6 months ago Microsoft.com
A Cybersecurity Risk Assessment Guide for Leaders - Now more than ever, keeping your cyber risk in check is crucial. In the first half of 2022's Cyber Risk Index, 85% of the survey's 4,100 global respondents said it's somewhat to very likely they will experience a cyber attack in the next 12 months. ...
1 year ago Trendmicro.com
AuditBoard enhances InfoSec Solutions to reduce compliance fatigue across the organization - AuditBoard announced powerful enhancements for its InfoSec Solutions to help organizations meet their IT compliance, cyber risk, and vendor risk management needs in the face of rising risks and increased regulatory requirements. With these new ...
1 month ago Helpnetsecurity.com
Cybersecurity Risk Management: Top 20 essential Long-Tail Keywords - Cybersecurity risk management is essential for protecting any organization from malicious actors on the internet. In the digital age, all businesses need to understand the risks and take steps to defend themselves from cyber threats. Cybersecurity ...
1 year ago Heimdalsecurity.com
CISOs Need to Take a Holistic Approach to Risk Management - Although the traditional approach to cybersecurity typically revolves around mitigating threats and vulnerabilities, these tactics are no longer enough to protect businesses effectively. There is now a need for a more comprehensive, holistic approach ...
6 months ago Feeds.fortinet.com
How to manage third-party risk in the cloud - The increasing levels of access and integration within cloud environments create risks and potential new avenues of compromise for cloud customers. Organizations can hope their cloud service providers are secure, but that's not always the case. It's ...
3 months ago Techtarget.com
US Supreme Court Leak Investigation Highlights Weak and Ineffective Risk Management Strategy - A recent US Supreme Court leak investigation has highlighted a number of weaknesses in the existing risk management strategy. The investigation has revealed that there were no controls in place to prevent the leak from taking place and the risk ...
1 year ago Csoonline.com
How to Do a Risk Analysis Service in a Software Project - Software projects are vulnerable to countless attacks, from the leak of confidential data to exposure to computer viruses, so any development team must work on an effective risk analysis that exposes any vulnerabilities in the software product. A ...
7 months ago Feeds.dzone.com
Infosec products of the month: June 2024 - Designed with managed security service providers in mind, Plainsea offers a comprehensive cybersecurity platform that streamlines service delivery, enhances collaboration, and provides unparalleled visibility into the threat landscape. Plainsea ...
4 days ago Helpnetsecurity.com
Infosec products of the month: May 2024 - The Third-Party Intelligence module combines vendor-specific cyber threat intelligence with cybersecurity posture data from suppliers' tech environments, exposing a critical blind spot for security teams. Synopsys Polaris Assist automates repetitive, ...
1 month ago Helpnetsecurity.com
Three Things to Know About the New SEC Rules on Sharing Information and Breach Disclosure Deadlines - Recently, the Securities and Exchange Commission adopted rules about the handling and reporting of cyber risks and breaches. With these new guidelines and regulations, public companies and organizations must disclose cybersecurity incidents ...
5 months ago Cyberdefensemagazine.com
Key Takeaways from the Gartner® Market Guide for Insider Risk Management - Insider risk incidents are on the rise and becoming more costly to contain. As a result, earlier this year, Gartner predicted that 50% of all medium to large enterprises would adopt insider risk programs. The report reveals several key findings about ...
6 months ago Securityboulevard.com
How to Complete an IT Risk Assessment - An effective security strategy needs to put managing risk at the heart of its approach. An IT risk assessment process is used by organizations to identify and prioritize the most pressing risks to their IT environment. Naturally, it focuses on IT ...
6 months ago Heimdalsecurity.com
Product showcase: Apiiro unifies AppSec and SSCS in a deep ASPM - With the rapidly evolving threat landscape and complexity of interconnected applications, identifying real, business-critical application risks is more challenging than ever. Application security teams need a better solution than their current siloed ...
6 months ago Helpnetsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)