Trends Report

Cybersecurity Risk Ratings Enhance Third-Party Risk Management

Rating Solutions Help Accelerate Third-Party Security Assurance But Can’t Replace Essential Processes

July 25th, 2019
Paul McKay, VP, Research Director
Paul McKay VP, Research Director
Trevor Lyness, null
Trevor Lyness
With contributors:
Stephanie Balaouras , Alla Valente , Kate Pesa , Peggy Dostie

Summary

Cybersecurity risk rating solutions are a valuable tool for third-party risk management (TPRM), but both the technology and the way customers use it are still maturing. Cybersecurity ratings solutions act as a useful augmentation of existing TPRM questionnaires. They automate some of the analysis and collection of external cybersecurity data. View them as a useful, efficient tool to enhance the security assessment — not replace your entire TPRM program. Security and risk leaders can read this report to understand the limitations of these rating solutions as well as learn how to effectively integrate ratings into their third-party risk management program.

Want to read the full report?

Contact us to become a client

This report is available for individual purchase ($1495).

Forrester helps business and technology leaders use customer obsession to accelerate growth. That means empowering you to put the customer at the center of everything you do: your leadership strategy, and operations. Becoming a customer-obsessed organization requires change — it requires being bold. We give business and technology leaders the confidence to put bold into action, shaping and guiding how to navigate today's unprecedented change in order to succeed.