SureCloud has recently been recognised for the first time in the Gartner 2020 Magic Quadrant for IT Risk Management (ITRM) report as a Challenger, after being placed in Gartner’s Magic Quadrant for Integrated Risk Management Solutions (July 2019) and for Vendor Risk Management (August 2020). We’re delighted with this recognition, particularly as a first–time entrant, and wanted to share what we think it takes to make it as a Gartner Challenger.
What is the IT Risk Management Gartner Magic Quadrant?
Gartner releases over 150 Magic Quadrant reports a year, across a wide range of technology types and customer markets.
As you can see, the Magic Quadrant is a visual quadrant, where the vertical axis refers to a company’s ‘ability to execute,’ and the horizontal axis refers to their ‘completeness of vision.’ The IT Risk Management Quadrant evaluates 15 key IT Risk Management solution providers and places them into one of four quadrants: Niche Players, Visionaries, Challengers and Leaders, reflecting how well technology providers are realising their stated visions and performing against Gartner’s market view.
The IT Risk Management Magic Quadrant came from ‘security and risk management leaders experiencing increased demand for IT Risk Management solutions originating from cybersecurity initiatives, board risk oversight, and digital compliance obligations.’ Gartner, 2020.
What makes a Gartner Challenger?
According to Gartner, Challengers are those “capable of being future leaders.” As SureCloud continues to grow and expand, we aim to move further up the quadrant, challenging the traditional IT Risk leaders into creating more innovative solutions needed in 2020 and beyond. With this in mind, let’s take a look at four key areas Gartner recognised us for and where we think SureCloud delivers a best of breed IT Risk Management solution.
1. Diverse risk assessment approaches
Gartner praised SureCloud’s diverse risk assessment approaches. As a provider of Governance, Risk and Compliance solutions, as well as CREST, accredited Cyber Security services, IT Risk Management is at the core of our business.
With this in mind, we focus on delivering simple and innovative solutions and the functionality to support this. Our IT Risk Management solutions offer enhanced Control mapping capability, with pre-loaded data from SCF, ISO and NIST, and multiple OOB assessment options, including ISO 31000, ISO 27005, and ISF IRAM 2.
We are the only vendor within the IT Risk Management Magic Quadrant that also allows your business to automate and accelerate your adoption and use of IRAM2. ISF designed their Information Risk Assessment Methodology 2 (IRAM2) to provide “risk practitioners with a complete end-to-end approach to performing business-focused information risk assessments.” Our Risk Management for IRAM2 software, which has been developed in conjunction with key ISF community members, assists you in making this happen.
SureCloud’s Risk Management for IRAM2 allows you to streamline and automate your assessment process, and provides aggregated real-time reporting of information risk on interactive and customisable dashboards, giving you a greater understanding of your assessment outcomes.
2. Quicker time to value implementation with Accelerate
Gartner particularly highlighted SureCloud’s strength in our Implementation Service, ‘Accelerate,’ which allows businesses to jumpstart their GRC implementation journey. Accelerate helps you to get your GRC solution implemented quickly and meet the majority of your requirements as standard, based on industry best practices.
Thanks to our pre-configured solutions, designed by risk professionals, you can get your SureCloud application up and running in weeks, rather than years like most traditional IT Risk Management providers. Long time frames are usually one of the biggest hurdles many businesses face when implementing a new software solution into their way of working. Accelerate delivers this impressive delivery through pre-configured GRC solutions, with supporting business requirements, design and training documents that can be tailored to meet your organisation. This takes away the time needed to develop key project documents such as business, functional and technical requirements, by offering a pre-configured solution which can easily be modified to meet your individual business needs.
What’s more, Accelerate is differentiated through its fixed-fee implementation approach, which allows you to remain fully in control of your costs. We provide tiered pricing options, based on the complexity of your business requirements, so you can feel assured that the solution meets your organisation’s needs. Learn more about the fixed cost implementation service here.
3. Integration which flexes to your way of working
SureCloud’s Integration Hub allows you to integrate your current applications and processes within the SureCloud platform, bringing together your tools and centralising and streamlining your GRC processes. We offer native integration with business applications including, Qualys, Rapid 7 and Tenable.
In 2020, we collaborated with BitSight to provide our customers with a one stop shop for end-to-end vendor onboarding and an even further simplified vendor risk management process. BitSight provides independently validated information to rate the security posture of suppliers. BitSight security ratings are combined with SureCloud vendor assessments in one single interface, allowing you to make more intelligent decisions regarding prioritising risk level and task assignment.
4. Constant innovation
Finally, we strive to constantly deliver new capabilities to ensure our customers can further leverage our solution to support IT and Cyber Risk management processes.
Recent enhancements include upgraded Asset Management capabilities and support for CMDB integration with ServiceNow, upgraded task and issue management capabilities and support integration with JIRA Cloud, and integration with MS teams to further embed IT risk management engagement within business applications.
The SureCloud IT Risk Management solution allows organisations to:
- Effectively manage IT risks across different business areas ensuring the risks are suitable and understood by the business stakeholders
- Optimise and align IT regulations/standards (ISO 27001, NIST CSF etc) and the underlying controls to reduce duplications and overlapping requirements
- Demonstrate to members of the executive team how security initiatives are protecting business assets and services
- Coordinate and track progress on IT risk and cyber activities including program status, incident resolution, identification of control weaknesses and remediation
About Matthew
Matthew Davies is responsible for the go-to-market proposition behind our GRC solution offerings and helps maximise the business value of our solutions. Before SureCloud, Matthew previously held positions in GRC implementation, pre-sales and product development at Deloitte and PWC.
About SureCloud
SureCloud is a provider of cloud-based, Integrated Risk Management (IRM) products, Cybersecurity and Risk Advisory services, which reinvent the way you manage risk. SureCloud connects the dots with IRM solutions enabling you to make better decisions and achieve your desired business outcomes. SureCloud is underpinned by a highly configurable technology platform, which is simple, intuitive and flexible. Unlike other GRC Platform providers, SureCloud is adaptable enough to fit your current business processes without forcing you to make concessions during implementation; meaning you get immediate and sustained value from the outset.