Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

RiskRecon

Below you will find reports with the source of “RiskRecon”

image from The State of Third-Party Risk Management

The State of Third-Party Risk Management

This new study makes it clear that enterprise demands have certainly continued to grow since then. Organizations place greater strategic priority on TPRM to contribute to a widening scope of enterprise risk that extends beyond cybersecurity. It’s also clear from these results that supply chains are expanding as is the need to efficiently assess risk across those business relationships. Respondents tell us they’re increasingly relying on automated assessments and risk ratings to meet that demand.

(more available)
Added: April 3, 2024
image from The 2022 Data Risk in the Third-Party Ecosystem Study

The 2022 Data Risk in the Third-Party Ecosystem Study

This report is sponsored by RiskRecon, a Mastercard Company and conducted by Ponemon Institute, 1,162 IT and IT security professionals in North America and Western Europe were surveyed. All participants in the research are familiar with their organizations’ approach to managing data risks created through outsourcing. Sixty percent of respondents said the number of cybersecurity incidents involving third parties have increased.

(more available)
Added: November 30, 2023
image from Balancing Third-Party Risk

Balancing Third-Party Risk

This report is different in that we’re focusing on explicit relationships that are manually configured by organizations using RiskRecon’s platform. In other words, we’re examining curated portfolios of vendors and suppliers tracked as part of organizations’ third-party risk management program. We started with a dataset extracted from RiskRecon’s platform consisting of over 100,000 primary organizations and more than 300,000 monitored third-party relationships. We’re focusing on direct relationships in this report, but the data supports the analysis of indirect (fourth- to nth-party) relationships.

(more available)
Added: May 23, 2023
image from Navigating The Internet Risk Surface

Navigating The Internet Risk Surface

In this risk surface series, RiskRecon, a Mastercard Company, and Cyentia have worked to help third-party risk managers understand how to measure and manage risk. We’ve seen variation across industries and other slices. But not all firms are interchangeable. A payroll processor cannot be replaced with a janitorial supply company, at least not with good business outcomes! In this report, we look at what distinguishes top-performing firms from those that struggle the most. Armed with this knowledge, Third-Party Risk Management (TPRM) professionals can take into account the totality of their risk surface, and how it impacts the overall security performance of an organization

(more available)
Added: April 25, 2023
image from Five lessons from 1,000 destructive ransomware events

Five lessons from 1,000 destructive ransomware events

RiskRecon studied 1,000 publicly reported destructive ransomware events that occurred between January 2016 and November 2022. These publicly reported events were identifies through internet keyword searches, monitoring of event disclosure sites, dark web sites, and 8K SEC filings. Events in which the impact was limited to data theft were excluded.

(more available)
Added: January 19, 2023
image from The State of Noncompliance in Cyber Risk Management

The State of Noncompliance in Cyber Risk Management

The goal of this report is to offer a view on the state of compliance in today’s typical organization, including: the rate of noncompliance among a typical organization’s assets, the compliance standards that are hardest for organizations to adhere to, how well compliance tracks against the overall risk surface and the most common security controls causing non-compliance.

(more available)
Added: October 12, 2022
image from Ripples Across the Risk Surface: 2021

Ripples Across the Risk Surface: 2021

A continued look at “ripple events” - multi-party security events - examining the size and frequency of these events, firmographics, as well as the velocity of spread of such events.

(more available)
Added: September 21, 2021
image from From Uncertainty to Understanding

From Uncertainty to Understanding

Using RiskRecon’s assessment information, explanatory models are built to demonstrate the value of technical information in predicting measures of risk at varying levels of greater technical insight.

(more available)
Added: May 11, 2021
image from Internt of Tip-offs (IoT)

Internt of Tip-offs (IoT)

An analysis on the indicators to be derived from detecting Internet of Things (IoT) in organization’s public internet facing profiles.

(more available)
Added: January 26, 2021
image from Internet Risk Surface in the Financial Sector

Internet Risk Surface in the Financial Sector

A deep dive into the nature of the finance sector’s public risk surface. Reviewing subsectors of the finance ecosystem, including supply chains.

(more available)
Added: December 9, 2020
image from State of Third-Party Risk Management 2020

State of Third-Party Risk Management 2020

A survey-driven report of over 150 third-party risk practitioners to understand the challenges facing their programs, the actions those professionals are taking to address the challenges, and identify success factors.

(more available)
Added: November 5, 2020
image from Internet Risk Surface in the Healthcare Sector

Internet Risk Surface in the Healthcare Sector

A deep dive into the nature of the healthcare sector’s public risk surface. Reviewing subsectors of the healthcare ecosystem, including supply chains.

(more available)
Added: October 15, 2020
image from Third-Party Security Signals: Exposing the reality of unsafe network services

Third-Party Security Signals: Exposing the reality of unsafe network services

Using RiskRecon’s telemetry of the public risk surface of thousands of organizations, this report takes a look at services which are commonly viewed as unsafe. The prevalence and co-occurrence of these services is used as a indicator of other hygiene and risk indicators at firms.

(more available)
Added: September 2, 2020
image from Weaving a Safer Web: The State and Significance of TLS 1.2 Support

Weaving a Safer Web: The State and Significance of TLS 1.2 Support

A deep dive into the state of deploying the latest TLS version (v1.2) and the use of this signal for correlating with broader public-facing risk surfaces and characteristics of firms.

(more available)
Added: July 6, 2020
image from Ripples Across the Risk Surface

Ripples Across the Risk Surface

Using breach data from Advisen, this report defines ripple effects of breaches as the impacts on companies more than one degree of separation from the company directly affected by the breach. As vendor relationships are both broad and deep, a breach in any one company in a network can have distant effects on companies not directly related. The implications upon third party risk management are explored.

(more available)
Added: June 10, 2020
image from Internet Risk Surface Report

Internet Risk Surface Report

This report goes in depth into the state of Internet security, including how companies are storing data, orgation’s internet surface areas, and where exposures exist the most.

(more available)
Added: October 1, 2019
image from Cloud Risk Surface Report

Cloud Risk Surface Report

This publication looks into the safety of cloud and on-prem environments.

Added: October 1, 2019
image from Risk Management Playbook

Risk Management Playbook

The Third-Party Security Risk Management Playbook (Playbook) is the definitive study of third-party security risk management practices. Based on in-depth interviews of risk executives from 30 domestic and global firms, it reveals the real-world capabilities and practices employed to manage third-party cyber risk, distilled into 14 capabilities with 72 common, emerging, and pioneering practices.

(more available)
Added: November 16, 2018
© Cyentia Institute 2025
Library updated: July 9, 2025 00:09 UTC (build b1d7be4)