Skip to Content

Uncovering third-party cyber risk

Challenge: The cybersecurity risk team of a top-5 U.S. pharmaceutical organization was struggling to understand and act on their third-party risk exposure and didn’t have the data necessary to discover and monitor external systems or effectively assess third-party cybersecurity risk performance.

Solution: They used the RiskRecon platform to continuously discover and assess their internet attack surface and automatically assess the cybersecurity performance of over 3,000 critical suppliers.

  • Discovered 112 shadow IT systems facing the internet (out of 1,134)
  • Expanded third-party cybersecurity risk performance visibility by 10x (300 to 3,000)
  • Reduced new vendor assessment time from three weeks to two days

Prioritizing investments to minimize risk

Challenge: Due to limited resources, the CISO at a national bank was faced with a prioritization challenge of what to focus on for maximum impact.

Solution: The bank conducted a Mastercard Cyber Quant diagnostic survey for a risk-driven analysis of their cyber priorities. Cyber Quant analyzed the bank’s current cyber posture and suggested three controls to prioritize, which could mitigate millions of dollars in financial loss.

  • Maximized the effectiveness of their limited resources
  • Decreased financial risk by up to $155 million
  • Spent less than $10 million in cybersecurity investments

*Certain open banking solutions are provided by Mastercard’s wholly owned subsidiary, Finicity Corporation.

1. Proofpoint, 2022. The 2022 State of the Phish.

2. HP Wolf Security. 2022 Blurred Lines & Blindspots Report.

3. Foundry. 2021. Security Priorities Study.