Vector
Vector

Choose your topics

Blogs
Top Tips to Save Time When Assessing Third-Party Risks

Is assessing third-party risks taking up too much of your time? How can you make the process more effective and efficient? Find out in the latest post from SureCloud.

Third-Party Risk Management GRC
Blogs
The GRC Trends to Look Out for in 2024

Our GRC experts at SureCloud share their 2024 predictions for the world of governance, risk and compliance.

GRC
Blogs
The Top 5 Challenges of Third-Party Risk Management

With the supply chain now seen as a legitimate attack path, what can your organization do? Let’s explore 5 challenges of TPRM and how to overcome them.

Third-Party Risk Management GRC
Blogs
What is Third-Party Risk Management?

What is third-party risk management and how should you approach it? Find out in this post.

Third-Party Risk Management GRC
Blogs
The Top 4 Challenges of Risk Management

What are the top four challenges of risk management today and how can you overcome them? Find out in this post from SureCloud.

Third-Party Risk Management GRC
Blogs
Transform Compliance into Your Competitive Advantage

In GRC, compliance is often viewed as a cost that makes it harder to pursue growth. Here's how to make it your competitive advantage.

Compliance Management GRC
Blogs
Questions You Should Ask when Preparing For Your First Pen Test

Understand the processes that you and your chosen pentest provider will travel through for your first pen test, from the initial point to the day the test starts.

Penetration Testing
Blogs
TPRM Blog 6-Writing Clear Questions

Our GRC Practice Director explores the importance of clear communication and how to achieve it in your third party questionnaires. Read more here.

Third-Party Risk Management GRC
Blogs
The Simple Way to Combat Phishing

SureCloud Cybersecurity Practice Director Luke Potter shares his tip to stay ahead of attackers phishing for your downfall.

Penetration Testing
Vector (7)
Vector-1
Third-Party Risk Management, GRC

Why Is SureCloud Recognised As A Challenger For IT Risk Management According to Gartner?

Why Is SureCloud Recognised As A Challenger For IT Risk Management According to Gartner?
Written by

Matthew Davies

Published on

30 Oct 2020

Why Is SureCloud Recognised As A Challenger For IT Risk Management According to Gartner?

 

SureCloud has recently been recognised for the first time in the Gartner 2020 Magic Quadrant for IT Risk Management (ITRM) report as a Challenger, after being placed in Gartner’s Magic Quadrant for Integrated Risk Management Solutions (July 2019) and for Vendor Risk Management (August 2020). We’re delighted with this recognition, particularly as a firsttime entrant, and wanted to share what we think it takes to make it as a Gartner Challenger. 

Gartner Recognised | IT Risk and Vendor Management

What is the IT Risk Management Gartner Magic Quadrant? 

Gartner releases over 150 Magic Quadrant reports year, across a wide range of technology types and customer markets. 

As you can see, the Magic Quadrant is a visual quadrant, where the vertical axis refers to a company’s ‘ability to execute,’ and the horizontal axis refers to their ‘completeness of vision.’ The IT Risk Management Quadrant evaluates 15 key IT Risk Management solution providers and places them into one of four quadrants: Niche Players, Visionaries, Challengers and Leaders, reflecting how well technology providers are realising their stated visions and performing against Gartner’s market view.  

The IT Risk Management Magic Quadrant came from ‘security and risk management leaders experiencing increased demand for IT Risk Management solutions originating from cybersecurity initiatives, board risk oversight, and digital compliance obligations.’ Gartner, 2020.

What makes a Gartner Challenger? 

According to Gartner, Challengers are those “capable of being future leaders.” As SureCloud continues to grow and expand, we aim to move further up the quadrant, challenging the traditional IT Risk leaders into creating more innovative solutions needed in 2020 and beyond. With this in mind, let’s take a look at four key areas Gartner recognised us foand where we think SureCloud delivers a best of breed IT Risk Management solution. 

1. Diverse risk assessment approaches 

Gartner praised SureCloud’s diverse risk assessment approaches. As a provider of Governance, Risk and Compliance solutions, as well as CREST, accredited Cyber Security services, IT Risk Management is at the core of our business.  

With this in mind, we focus on delivering simple and innovative solutions and the functionality to support this. Our IT Risk Management solutions offer enhanced Control mapping capability, with pre-loaded data from SCF, ISO and NIST, and multiple OOB assessment options, including ISO 31000, ISO 27005, and ISF IRAM 2. 

We are the only vendor within the IT Risk Management Magic Quadrant that also allows your business to automate and accelerate your adoption and use of IRAM2. ISF designed their Information Risk Assessment Methodology 2 (IRAM2) to provide “risk practitioners with a complete end-to-end approach to performing business-focused information risk assessments.” Our Risk Management for IRAM2 software, which has been developed in conjunction with key ISF community members, assists you in making this happen.  

SureCloud’s Risk Management for IRAM2 allows you to streamline and automate your assessment process, and provides aggregated real-time reporting of information risk on interactive and customisable dashboards, giving you a greater understanding of your assessment outcomes. 

Discover our control library here.

2. Quicker time to value implementation with Accelerate 

Gartner particularly highlighted SureCloud’s strength in our Implementation Service, ‘Accelerate,’ which allows businesses to jumpstart their GRC implementation journey. Accelerate helps you to get your GRC solution implemented quickly and meet the majority of your requirements as standard, based on industry best practices. 

Thanks to our pre-configured solutions, designed by risk professionals, you can get your SureCloud application up and running in weeks, rather than years like most traditional IT Risk Management providersLong time frames are usually one of the biggest hurdles many businesses face when implementing a new software solution into their way of working. Accelerate delivers this impressive delivery through pre-configured GRC solutions, with supporting business requirements, design and training documents that can be tailored to meet your organisation. This takes away the time needed to develop key project documents such as business, functional and technical requirements, by offering a pre-configured solution which can easily be modified to meet your individual business needs. 

What’s more, Accelerate is differentiated through its fixed-fee implementation approach, which allows you to remain fully in control of your costs. We provide tiered pricing options, based on the complexity of your business requirements, so you can feel assured that the solution meets your organisation’s needs. Learn more about the fixed cost implementation service here. 

3. Integration which flexes to your way of working 

SureCloud’s Integration Hub allows you to integrate your current applications and processes within the SureCloud platform, bringing together your tools and centralising and streamlining your GRC processes. We offer native integration with business applications including, Qualys, Rapid 7 and Tenable.  

In 2020, we collaborated with BitSight to provide our customers with a one stop shop for end-to-end vendor onboarding and an even further simplified vendor risk management process. BitSight provides independently validated information to rate the security posture of suppliers. BitSight security ratings are combined with SureCloud vendor assessments in one single interface, allowing you to make more intelligent decisions regarding prioritising risk level and task assignment. 

4. Constant innovation 

Finally, we strive to constantly deliver new capabilities to ensure our customers can further leverage our solution to support IT and Cyber Risk management processes.  

Recent enhancements include upgraded Asset Management capabilities and support for CMDB integration with ServiceNow, upgraded task and issue management capabilities and support integration with JIRA Cloud, and integration with MS teams to further embed IT risk management engagement within business applications. 

The SureCloud IT Risk Management solution allows organisations to: 

  • Effectively manage IT risks across different business areas ensuring the risks are suitable and understood by the business stakeholders 
  • Optimise and align IT regulations/standards (ISO 27001, NIST CSF etc) and the underlying controls to reduce duplications and overlapping requirements 
  • Demonstrate to members of the executive team how security initiatives are protecting business assets and services 
  • Coordinate and track progress on IT risk and cyber activities including program status, incident resolution, identification of control weaknesses and remediation 
Matthew Davies - VP of Product

About Matthew 

Matthew Davies is responsible for the go-to-market proposition behind our GRC solution offerings and helps maximise the business value of our solutions. Before SureCloud, Matthew previously held positions in GRC implementation, pre-sales and product development at Deloitte and PWC.

About SureCloud

SureCloud is a provider of cloud-based, Integrated Risk Management (IRM) products, Cybersecurity and Risk Advisory services, which reinvent the way you manage risk. SureCloud connects the dots with IRM solutions enabling you to make better decisions and achieve your desired business outcomes. SureCloud is underpinned by a highly configurable technology platform, which is simple, intuitive and flexible. Unlike other GRC Platform providers, SureCloud is adaptable enough to fit your current business processes without forcing you to make concessions during implementation; meaning you get immediate and sustained value from the outset.