Avetta recently announced the launch of Cyber Risk Solution, the company's latest B2B cyber security feature of Avetta One, the Orem-based company's supply chain risk monitoring platform. Cyber Risk Solution provides a quantitative score that evaluates cyber health in ten areas and delivers an aggregate grade for each supplier. The Avetta One feature offers a diagnostic cyber health check that identifies potential risk areas for companies to investigate further.
Supply chains are particularly vulnerable to cyberattacks, as suppliers, contractors and vendors tend to have less mature IT and security functions, says Avetta, which cites sobering statistics about the growing threat of cyberattacks on busineses:
- Almost half of small businesses have been victims of cyberattacks.
- Gartner predicts 45% of global organizations will be impacted by a supply chain cyberattack by 2025.
- A total of 108.9 million global accounts were breached in the third quarter of 2022, a 70% increase compared to the previous quarter.
- IBM found 75% of organizations have had a ransomware attack of which 64% paid the ransom and 40% failed to recover their data.
U.S. disruptions in fuel supplies occurred when a hacker launched a cyber-attack on Colonial Pipeline by stealing a single password. Cyberattacks can cause debilitating business disruptions involving stolen data, locked systems, interrupted operations, and other problems throughout a supply chain. These attacks are also incredibly high profile and can put a company’s reputation at risk.
Cyber Risk Solution provides instant visibility into the cyber health of a company’s full supply chain, including continuous monitoring that alerts clients when the risk score falls outside of an acceptable range. Clients can use it as a diagnostic tool to gain insight into third-party cyber risks and inform sourcing decisions, says the company's Chief Product & Marketing Officer, Taylor Allis.
“Suppliers and contractors are often an overlooked cybersecurity risk, but supply chain cyber-attacks are increasing and can have devastating consequences,” explains Allis. “Avetta's Cyber Risk Solution transforms the supply chain risk management landscape by offering a comprehensive way for businesses to constantly monitor all third parties for safety, financial health, ESG, and now cybersecurity.”
Avetta’s Cyber Risk Solution can identify potential risks that could lead to an attack, making it a critical part of understanding holistic supplier and contractor risk. For example, a supplier with an F rating is seven times more likely to be a victim of a cybersecurity breach than one with an A rating.
A procurement leader at a large transportation company said the Cyber Risk Solution’s reporting capabilities are “fantastic,” adding “I can get a clear picture into the suppliers that have a cybersecurity risk and am able to drill down into specific issues easily.”
The feature can be used for companies of all sizes and industries, but it is particularly relevant to companies with large dependencies on supply chains for operations and delivery due to the magnitude of a potential business interruption from a cyber incident. Power generation and utility companies can be especially vulnerable because power outages or service interruptions can impact thousands or millions of consumers.
Avetta’s Cyber Risk Solution is powered by SecurityScorecard, the leading security ratings, response, and resilience company. The company provides actionable insights for over 12 million organizations so users can know who to trust, quickly respond to cyber risks, and strengthen cyber defenses. SecurityScorecard's patented rating technology is used by over 25,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight.
“While more organizations today are aware of the cyber risks they face, we find that many still neglect the massive cyber vulnerabilities in their extended supply chain. Organizations need visibility into the security ratings of their entire third- and fourth-party ecosystem so that they can know in an instant whether an organization deserves their trust and can take proactive steps to mitigate risk.” said Alex Rich, vice president, Strategic Alliances at SecurityScorecard. “With this partnership, Avetta is helping their clients get simple visibility into those third-party risks to protect their data and the smooth flow of operations.”
Clients can share suppliers’ Cyber Health Scores with any of their suppliers so they can understand their cyber gaps and enact mitigation and corrective action plans to reduce potential supply chain cyber threats. To learn more about Avetta, visit https://www.avetta.com/.
Avetta was founded in 2003 by John Moreland and is majority-owned by the New York-based private equity firm Welsh, Carson, Anderson & Stowe, also known as Welsh Carson, which has a portfolio of over 30 technology and healthcare companies amounting to over $27 billion in assets. Avetta has also received investments from Menlo Park’s Technology Crossover Ventures (TCV), and Norwest Venture Partners of Palo Alto
The Avetta supply chain risk management SaaS platform helps clients manage supply chain risk and their contractors to become more qualified for jobs. Avetta also offers a marketplace for suppliers and contractors offering them discounts on insurance and safety-related products and services. The company performs contractor prequalification and worker competency management across major industries, including construction, energy, facilities, high tech, manufacturing, mining and telecom. The company rebranded from its original name, PICS Auditing, to Avetta in 2016. It was originally based in Irvine, CA and is now located in Orem, UT in the former Word Perfect buildings.