The IT Nerd

VISO TRUST has issued its “2024 State of Third Party Risk Management: AI’s Impacts and Future Trends” which codifies that longstanding Third-Party Risk Management (TPRM) methods are increasingly inadequate in today’s digital business environment. 

The report leverages VISO TRUST Platform-derived data, which includes profiles of more than 2.4 million companies, and insight from CISOs, security, and TPRM professionals across various industries.

Among key findings on legacy TPRM: 

• Inadequate responses: Approximately 75% of vendors responding to legacy questionnaire approaches requiring manual input either ignore or delay crucial risk assessments.
• False positives: Conventional cyber risk ratings yield a 90% false positive rate, undermining their reliability.

AI-driven transformation of TPRM findings:

• Efficiency gains: AI-assisted modern TPRM programs reduce vendor and partner assessment timelines from months to days.

• Near-complete coverage: AI and automation achieve almost 100% coverage of third-party networks.
• Significant increase in true positives: data analysis revealed a 500% rise in accurate risk identifications.
• Faster assessments: Risk evaluation times have decreased from 60 to 90 days to just five to eight days.
• Enhanced accuracy: AI-driven methods refine risk assessment precision.

VISO TRUST, a leading AI-driven third-party cyber risk management (TPRM), today announced its latest integration with Netskope, the platform that is redefining cloud, data, and network security to help organizations apply zero trust principles to protect data. This groundbreaking collaboration aims to empower VISO TRUST customers with a comprehensive and streamlined approach to managing third-party cyber risks arising from shadow IT vendors.

As organizations increasingly rely on cloud services and applications, the use of unauthorized or unvetted shadow IT vendors has become a significant concern for IT and security teams. These unapproved vendors can introduce potential security vulnerabilities, data breaches, and compliance risks, making it crucial for businesses to gain visibility and control over their digital ecosystems.

The newly released Netskope integration empowers VISO TRUST customers to seamlessly identify and monitor shadow IT vendors operating within their ecosystem, connecting with their environment or interacting with their users. By leveraging Netskope’s advanced cloud security capabilities, VISO TRUST users can efficiently detect unauthorized applications and services in real time, minimizing the potential for security blind spots.

Key features of the Netskope integration include:

• Shadow IT Vendor Discovery: The joint solution surfaces and de-silos previously undisclosed data, providing new and in-depth visibility into unauthorized cloud applications, and enabling organizations to uncover hidden shadow IT risks lurking within their infrastructure.
• Automated Risk Assessment: VISO TRUST users can now pipe detected shadow IT vendors into their third-party cyber risk management workflows effortlessly. The integration streamlines the risk assessment process, identifying potential security gaps and evaluating each vendor’s risk profile.
• Risk Mitigation Strategies: Armed with comprehensive insights from Netskope’s cloud security platform, VISO TRUST users can apply appropriate risk mitigation strategies to improve their overall cybersecurity posture effectively.
• Regulatory Compliance Support: The combined power of VISO TRUST and Netskope ensures that organizations can align their cloud usage with industry regulations and compliance standards more efficiently.
• Real-Time Alerts: Instant notifications enable swift action to address potential risks and security incidents, enhancing incident response times and minimizing the impact of cybersecurity threats.

With the VISO TRUST and Netskope integration, businesses can now confidently embrace the benefits of cloud services while proactively safeguarding their critical data and networks against potential threats.

For more information about the integration and its benefits, please visit www.visotrust.ai.

VISO TRUST reaffirms its commitment to staying at the forefront of cybersecurity innovation by announcing the licensing of the 2024 Shared Assessments Standardized Information Gathering (SIG) Questionnaire for its state-of-the-art platform.

The Shared Assessments SIG Questionnaire is renowned across industries for its role in standardizing third-party risk information. From vendor artifacts and evidence, and with no need for human interaction, the VISO TRUST platform delivers:

• Questionnaire-free assessments;
• Full auto-population of the Shared Assessments SIG;
• Uploading and full auto-population of every TPRM questionnaire, including custom questionnaires;
• Unprecedented speed of completion of third party and Nth party assessments.

Automatically populating the SIG or any custom questionnaire from vendor artifacts and evidence, without requiring human interaction, empowers risk professionals in numerous ways. For example, it equips them to:

1. Focus on the more strategic aspects of their mission,
2. Expand their program’s scope to include analysis of both vendors and partners who are currently identified as high risk, and also analyze and more fully understand cyber risks presented by the broader array of their ecosystem vendors,
3. Identify high-risk vendors with up to 500% greater accuracy,
4. Rapidly achieve new levels of TPRM program maturity,
5. Give senior management a new holistic perspective on vendor risk, and
6. Alert senior management immediately on “red flags” presented by potential partners and acquisition targets, the “blast radius” and potential organizational impacts arising from partners who are experiencing security events, equip them to quickly and more completely respond to TPRM-related questions and issues raised by their Board or stakeholders.

Developed with input from 300 CISOs, the VISO TRUST Platform is relied upon by many of the largest and most mature companies, contains more than 2.4 million companies in its vendor database, recognizes more than 25 security frameworks, and leverages hundreds of different types of source artifacts.

The Shared Assessments SIG Questionnaire is revered for its thorough coverage of risk areas, enabling organizations to conduct comprehensive assessments of third-party cybersecurity. With its incorporation into VISO TRUST’s AI-powered TPRM platform, users gain the advantage of a holistic perspective on vendor risk, allowing for informed decisions with unparalleled precision.

VISO TRUST’s patented Artifact Intelligence supports any framework including the Shared Assessments framework but can also automatically complete SIG questionnaires using existing security program artifacts and evidence, and provide questionnaire-less assessments. Furthermore, it can enrich any completed SIG questionnaire to generate a comprehensive risk assessment without requiring user intervention.

Inclusion of the 2024 Shared Assessments SIG Questionnaire reflects VISO TRUST’s leadership in setting industry standards through the application of AI and adherence to best practices. This milestone further solidifies VISO TRUST’s position as an AI innovative leader in the TPRM arena and the frontrunner in cyber risk management.

For more information about VISO TRUST and its AI-powered TPRM platform, please visit www.visotrust.ai.

VISO TRUST reaffirms its commitment to staying at the forefront of cybersecurity innovation by announcing the integration of the 2024 Shared Assessments Standardized Information Gathering (SIG) Questionnaire into its state-of-the-art platform.

The Shared Assessments SIG Questionnaire is renowned across industries for its role in standardizing third-party risk information. Not only does the VISO TRUST platform support the SIG, but it can also automatically populate the SIG from vendor artifacts and evidence, freeing risk professionals to focus on the more strategic aspects of their mission. With this new integration, VISO TRUST is equipping its users with tools to streamline and enhance their risk assessment processes – faster and with unprecedented accuracy. The integration underscores VISO TRUST’s dedication to delivering cutting-edge solutions that empower organizations to navigate the evolving cybersecurity landscape with confidence.

Developed with input from 300 CISOs, the VISO TRUST Platform is relied upon by many of the largest and most mature companies, contains more than 2.4 million companies in its vendor database, recognizes more than 25 security frameworks, and leverages hundreds of different types of source artifacts.

The Shared Assessments SIG Questionnaire is revered for its thorough coverage of risk areas, enabling organizations to conduct comprehensive assessments of third-party cybersecurity. With its integration into VISO TRUST’s AI-powered TPRM platform, users gain the advantage of a holistic perspective on vendor risk, allowing for informed decisions with unparalleled precision. VISO TRUST’s patented Artifact Intelligence not only supports the Shared Assessments framework but can also automatically complete SIG questionnaires using existing security program artifacts and evidence. Furthermore, it can enrich any completed SIG questionnaire to generate a comprehensive risk assessment without requiring user intervention.

VISO TRUST’s integration of the 2024 Shared Assessments SIG Questionnaire exemplifies the company’s ongoing commitment to setting industry standards through the application of AI and adherence to best practices. This milestone further solidifies VISO TRUST’s position as an AI innovative leader in the TPRM arena and the frontrunner in cyber risk management.

For more information about VISO TRUST and its AI-powered TPRM platform, please visit www.visotrust.ai.

VISO TRUST, the pioneering leader in AI-driven third-party risk management (TPRM), today introduced a major update and several industry-first features and innovations to its AI-driven TPRM platform to fundamentally transform the reach, effectiveness, operational efficiency and economics of TPRM programs.

The platform was first conceived in 2016 by and for CISOs and risk professionals, and its first AI-driven innovations were patented in 2017. Its 2020 introduction incorporated requirements gathered from more than 300 CISOs. Today, it’s relied upon by many of the largest and most mature companies, contains more than 2.4 million companies in the vendor database, recognizes more than 25 security frameworks, and leverages hundreds of different types of source artifacts.

With today’s new features (see below), the VISO TRUST platform lets organizations complete complex vendor assessments and identify high-risk vendors at a pace and precision level otherwise unknown, and that offers substantially greater market agility, as named customer endorsements confirm.

The mass migration of data onto third and Nth party SaaS, PaaS, and IaaS platforms now puts sensitive data at unprecedented risk. A platform that ingests TPRM data from the broad universe of sources with extreme accuracy, speed and ease of operation is emerging as an urgent need. VISO TRUST’s platform fully and elegantly addresses this crucial market gap with near real-time vendor risk analysis which dramatically lowers risk assessment costs and sharply improves accuracy of cyber threat detection.

New VISO TRUST Platform Features:

• Rapid Risk Analysis: Lightning-fast vendor risk analysis reduces assessment time from months to minutes, empowering organizations to make swift, informed decisions with 5x more relevant findings than are typically found with manual and alternative automated approaches.
• Infinite Potential Risk Network Ecosystem: The VISO TRUST Risk Network fosters collaboration and information sharing among organizations, strengthening collective security and resilience across growing third and Nth party relationships.
• Expansion of New Controls Detection: VISO TRUST’s “Risk Dimensions” extends coverage across various risk areas, including AI trust, cyber insurance, resilience, privacy, relevant regulatory compliance and product security, providing a comprehensive view of vulnerabilities. This next-level visibility empowers organizations to proactively identify and mitigate risks across a wide spectrum of security domains.
• Expansion of Artifact Intelligence: VISO TRUST’s platform leverages generative AI to enable unprecedented use cases, seamlessly translating security control information between questionnaires and diverse source artifacts and evidence.
• Cumulative Impacts: The impacts of these technological advancements is staggering. Organizations can now achieve a reduction in third-party security risk exceeding 95%, spend less than 5 minutes to assess a vendor, and are 5 times more likely to identify high-risk vendors, setting a new industry standard for security, risk management and compliance teams and leaders.

Artifact Intelligence, VISO TRUST’s patented AI-driven TPRM process, seamlessly translates security control information. It is backed by an exceptional assurance and risk modeling accuracy rate exceeding 98%. It derives information from an extensive range of public and private sources, including policies, standards, trust portals, trust reports (such as SOC, ISO, and PCI reports), penetration test reports, and automated compliance platforms.

Take a self-guided interactive demo of VISO’s AI platform or create an account to receive an AI cyber risk assessment at no cost.