May 2, 2023, OREM, Utah and HOUSTON—Avetta®, the leading provider of supply chain risk management software, announced the launch of the Cyber Risk Solution, providing a quantitative score that evaluates cyber health in 10 areas and delivers an aggregate grade for each supplier. The Avetta One feature offers a diagnostic cyber health check that identifies potential risk areas for companies to investigate further.
The Problem
Supply chains are particularly vulnerable to cyberattacks, as suppliers, contractors and vendors tend to have less mature IT and security functions. Consider this:
- Almost half of small businesses have been victims of cyberattacks.
- Garner predicts 45% of global organizations will be impacted by a supply chain cyberattack by 2025.
- A total of 108.9 million global accounts were breached in the third quarter of 2022, a 70% increase compared to the previous quarter.
- IBM found 75% of organizations have had a ransomware attack – 64% paid the ransom and 40% failed to recover their data.
U.S. disruptions in fuel supplies occurred when a hacker launched a cyber-attack on Colonial Pipeline by stealing a single password. Cyberattacks can cause debilitating business disruptions involving stolen data, locked systems, interrupted operations, and other problems throughout a supply chain. These attacks are also incredibly high profile and can put a company’s reputation at risk.
The Solution
The Cyber Risk Solution is the latest component of Avetta One, a comprehensive supply chain risk monitoring platform. The new feature provides instant visibility into the cyber health of a company’s full supply chain, including continuous monitoring that alerts clients when the risk score falls outside of an acceptable range. Clients can use it as a diagnostic tool to gain insight into third-party cyber risks and inform sourcing decisions.
“Suppliers and contractors are often an overlooked cybersecurity risk, but supply chain cyber-attacks are increasing and can have devastating consequences,” said Taylor Allis, Avetta Chief Product & Marketing Officer. “Avetta's Cyber Risk Solution transforms the supply chain risk management landscape by offering a comprehensive way for businesses to constantly monitor all third parties for safety, financial health, ESG and now cybersecurity.”
Avetta’s Cyber Risk Solution can identify potential risks that could lead to an attack, making it a critical part of understanding holistic supplier and contractor risk. For example, a supplier with an F rating is seven times more likely to be a victim of a cybersecurity breach than one with an A rating.
A procurement leader at a large transportation company said the Cyber Risk Solution’s reporting capabilities are “fantastic,” adding “I can get a clear picture into the suppliers that have a cybersecurity risk and am able to drill down into specific issues easily.”
The feature can be used for companies of all sizes and industries, but it is particularly relevant to companies with large dependencies on supply chains for operations and delivery due to the magnitude of a potential business interruption from a cyber incident. Power generation and utility companies can be especially vulnerable because power outages or service interruptions can impact thousands or millions of consumers.
Avetta’s Cyber Risk Solution is powered by SecurityScorecard, the leading security ratings, response, and resilience company. The company provides actionable insights for over 12 million organizations so users can know who to trust, quickly respond to cyber risks, and strengthen cyber defenses. SecurityScorecard's patented rating technology is used by over 25,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight.
“While more organizations today are aware of the cyber risks they face, we find that many still neglect the massive cyber vulnerabilities in their extended supply chain. Organizations need visibility into the security ratings of their entire third- and fourth-party ecosystem so that they can know in an instant whether an organization deserves their trust and can take proactive steps to mitigate risk;” said Alex Rich, vice president, Strategic Alliances at SecurityScorecard. “With this partnership, Avetta is helping their clients get simple visibility into those third-party risks to protect their data and the smooth flow of operations.”
Clients can share suppliers’ Cyber Risk Scores with any of their suppliers so they can understand their cyber gaps and enact mitigation and corrective action plans to reduce potential supply chain cyber threats.
About Avetta
The Avetta supply chain risk management SaaS platform helps clients manage supply chain risk and their contractors to become more qualified for jobs. For hiring clients in our network, we offer the world’s largest supply chain multi-risk management network to manage contractor safety, sustainability, worker competency and performance, and business and financial risk. We perform contractor prequalification and worker competency management across major industries, all over the globe, including construction, energy, facilities, high tech, manufacturing, mining and telecom.
For contractors in our network, our audit and verification services help lower their safety incidents rate by 47%. As a result, nearly 50% of members find additional job opportunities within the first year of joining. In addition, our contractors receive privileged access to the Avetta Marketplace, where dozens of partners offer special discounts for business services like insurance and work gear. Avetta serves 500+ enterprise companies and 125,000+ contractors across 120+ countries.