BlueVoyant has signed a strategic partnership with Argos Risk to expand its CRx suite of services. The deal gives BlueVoyant access to the third-party financial risk intelligence that Argos Risk gathers. Adding information on financial risk gives BlueVoyant customers a wider picture of the risk posed by third-party suppliers.
Jim Penrose, Chief Operating Officer at BlueVoyant, said: “Argos Risk feeds non-cyber related insights from key sectors into BlueVoyant’s CRx services, allowing for a more holistic view of a business’ third-party cyber risk security posture. It enables it to directly address its clients’ exposure to cyber risk throughout the supply chain, enabling them to take immediate action.”
Adding financial risk strengthens cyber risk profiles
Understanding the risk a third-party poses to a business is important. When it comes to financial risk, it might mean that the third-party is less likely to deliver goods on time. It could also mean that it may ask for payments upfront or reduce the quality of the materials it uses. These are areas that most companies already monitor from a business perspective.
What is not often considered is the impact of financial risk on the cybersecurity posture of a business. If money is tight, cost-cutting might mean not upgrading to the latest products or investing in better cybersecurity. It can also mean that the third-party cannot properly invest in the staff or services to check that its systems are secure. A more worrying risk is that employees, worried for their future, could be open to financial approaches from cybercriminals.
All of this needs to be part of any comprehensive supply chain risk profile when dealing with a third-party. It is not just about those third-parties who are directly connecting to the supply chain of a large enterprise. Many fail to understand the risk that comes from the third-parties that their key suppliers and partners rely on. This is a subject that BlueVoyant Chairman, Robert Hannigan spoke about on a recent Enterprise Times security podcast.
Enterprise Times: What does this mean
This is the sort of announcement that often goes unremarked upon. That’s because financial risk is generally ignored by everyone apart from finance and perhaps the C-Suite. The reality is that any risk needs to be factored in when it comes to cybersecurity. A company in financial difficulty is one that risks being compromised. If that compromise includes security credentials and access to the systems of its partners, the impact can be far-reaching.
It makes sense for BlueVoyant to widen its tools to add financial risk to its CRx suite. It means greater visibility over partners, third-parties and the suppliers to those third-parties. The question is, how quickly and widely will customers take advantage of it? More importantly, how effectively will BlueVoyant expose the enhanced risk? If too much is left to interpretation by analysts, the value that this deal offers may well be lost.