SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
ProcessUnity and CyberGRX merge expertise in security
Mon, 17th Jul 2023

ProcessUnity and CyberGRX have joined forces to create the most complete Third-Party Risk Management platform.

The Third-Party Risk Management (TPRM) experts aim to create the industry’s most powerful software and data platform to accelerate customers’ ability to identify, assess, analyse and ultimately reduce risk within their ecosystem. 

The combined company, which will continue to offer both products to new and existing customers, will merge the TPRM workflow platform with the global cyber risk exchange to centralise and standardise vendor risk management and directly respond to third-party and cybersecurity risks. 

Sean Cronin, CEO, ProcessUnity, says: “The combination between ProcessUnity and CyberGRX is an opportunity to revolutionise Third-Party Risk Management.” 

“We are in a unique position to transform how organisations assess their service providers while becoming the world’s largest database for vendor assessments and cyber risk data.”

“In the short term, our customers gain program workflow, validated vendor assessment data and artificial intelligence in a single solution, safeguarding their critical assets while significantly reducing program costs.” 

“Over time, our unparalleled expertise and forward-thinking innovators will introduce next-generation technology that will seismically shift how we manage cybersecurity and third-party risk.” 

“We’re thrilled to combine two customer-first teams and two market-recognized platforms to amplify our value to the ecosystem,” says Cronin. 

The combination offers global enterprises a vision for Third-Party Risk Management, where three key stakeholders: procurement teams, cybersecurity teams and external third-party service providers, work in concert to reduce both internal cyber risk and external third-party risk. 

The aim is to eliminate friction and obstacles to business adoption of products and services while ensuring organisations maximise protection. 

The joint ProcessUnity-CyberGRX platform will be the only integrated, end-to-end solution for third-party and cyber-risk assessments. 

ProcessUnity and CyberGRX deliver complementary capabilities that, when combined, can offer immediate and measurable value to both customers and vendors.

Customers will benefit from ProcessUnity’s assessment engine, vendor monitoring tools, and CyberGRX’s standardised exchange containing more than 14,000 attested and validated assessments and cyber risk data on more than 250,000 companies.

Customers can onboard vendors faster via more efficient pre-contract due diligence, complete periodic post-contract due diligence on-demand, assess vendors that don’t respond to assessment requests, reduce cycle times, and minimise risk from external sources.

The companies’ artificial intelligence, machine learning and natural language processing abilities work alongside third-party risk teams to provide vendor insights and significant time and cost savings. 

Fred Kneip, CEO, CyberGRX, says: “Since inception, CyberGRX has advocated for and improved upon methodologies to reduce risk and enable security and risk professionals to collaborate on the cybersecurity and risk management challenges experienced at the highest levels of the enterprise.”

“Joining forces with ProcessUnity will push this endeavour farther and faster, allowing these professionals to more effectively demonstrate the value of their own risk management program, while also offering a new level of collaboration between companies and their trusted vendors to reduce risk on a global scale.”

Under the terms of the transaction, ProcessUnity and its investors acquired CyberGRX, whose existing shareholders participated in the deal and will retain a minority stake.