Panorays, a frontrunner in third-party cyber risk management, is gearing up to debut its latest AI-driven technology at the RSA Conference 2024. This innovation is set to revolutionise Third-Party Cyber Risk Management (TPCRM) by addressing the increasing complexity of cyber threats originating from third parties. The new AI features will simplify and bolster supply chain security while ensuring that risk assessments are accurate and tailored to specific business needs.

Matan Or-El, Co-Founder and CEO of Panorays, commented on the initiative: “With the emergence of artificial intelligence, embracing both the challenges and the opportunities it brings for securing supply chains will redefine how we manage third-party risk.” He added, “Panorays’ broad portfolio of AI for supply chain discovery, assessment, threat detection, and automation will help bring AI to the forefront of operational efficiency and cyber resilience.”

Panorays’ approach for managing AI-based third party risks.

Generative AI offers efficiency but also risks exposing sensitive data and intellectual property which pose challenges for businesses. Security teams need help to adopt AI technology in a way that is safe and secure.

Panorays’ platform boasts advanced capabilities to identify suppliers using AI and detects the utilization of risky “privileged” AI models within the digital supply chain. The platform automatically maps AI-based third parties and tiers them based on criticality, sensitivity, and risk markers,  providing organizations with comprehensive insights into the risk landscape of their supply chain ecosystem. It also allows specific AI questionnaire templates to facilitate the effective implementation of governance programs, enabling organizations to streamline compliance efforts and ensure adherence to regulatory requirements.

Reducing the impact of supply chain attacks with AI.

One of the primary hurdles in third-party assessment lies in ensuring the accuracy and validation of findings. Panorays’ uses highly tuned AI models to accurately identify the digital assets in the supply chain by automatically identifying all third parties, 4th parties, and up to the nth level while accurately scans and validates each finding with minimum false positives. The AI-based assessment engine normalizes each finding and correlates it with internal findings and past cyber incidents, including breaches, zero-day exploits, and cyberattacks to predict the likelihood of supplier breaches. Combining these findings with the company’s KPIs and KRIs, makes the assessment both accurate and business driven.

Panorays empowers organizations to reduce third-party cyber risk with AI proactive threat intelligence. The platform utilizes contextual AI-driven mapping of new vulnerabilities and breaches to facilitate rapid alerts of threat indicators mapped by third party criticality and trigger actions based on the risk level.

Scaling the TPCRM Process Using AI.

Third party cyber risk management is notoriously known for being resource heavy. Panorays’ AI-powered platform automates the manual work associated with the process to provide a streamlined workflow automation. Its Questionnaire Autocompletion allows third parties to automatically fill out questionnaires based on previously provided responses, accompanied by supporting information serving as evidence.

Its NLP capabilities allows organizations to automatically parse documents provided by third parties, including questionnaires, certifications, and attestations (SOC2, ISO, and others) to seamlessly align them with corresponding responses in the assessment questionnaire. This process delivers the most precise, “zero touch” approach for assessment questionnaires and creates a concrete validation of the security control that doesn’t exist in the market today.
Proprietary, self-trained learning models for responsible and private usage.

Panorays’ AI-Driven third-party cyber risk management is built upon proprietary, self-developed learning models tailored to third-party security and trained on hundreds of millions of domains. This approach aligns with Panorays commitment to responsible AI, prioritizing privacy and accuracy as fundamental principles within its self-hosted and self-trained AI-based engine for third-party cyber risk management.