Citalid, a leading cyber risk quantification (CRQ) platform, has introduced its new Third-Party Risk Management (TPRM) module. The addition helps CISOs, Risk Managers, and Procurement teams. It allows them to see, prioritize, and respond to cyber risks from suppliers. This is done using data-driven threat intelligence instead of just traditional tools.
A Strategic Capability for Resilience and Compliance
As digital ecosystems grow increasingly complex, visibility into supplier-related risk often remains limited. Citalid’s TPRM module addresses this challenge by integrating Cyber Threat Intelligence (CTI), quantitative risk modelling, and AI. This combination delivers a comprehensive, 360-degree view of third-party exposure enabling organisations to manage supplier risk proactively and strategically.
According to Maxime Cartan, Co-founder and CEO of Citalid: “Our TPRM module finally gives CISOs a comprehensive view of all their third parties, enabling them to focus on those that pose the greatest risk. This connection between high-level visibility and granular risk modeling has been missing from today’s TPRM market.”
Integrated, Actionable Risk Insights
Also Read: SonicWall’s MPSS Streamlines Security and Accelerates Growth for CT Solutions
Leveraging Citalid’s existing CRQ core (First-Party Risk Analysis) and Portfolio offerings (for insurers and financial institutions), the new TPRM module provides organisations with a suite of powerful capabilities:
• Mapping cyber risks across the entire supply chain with dynamic visualisation.
• Tiers and prioritises critical suppliers based on combined risk profile and their operational significance.
• Enables decision-making grounded in contextualised, CTI-enriched data eliminating overreliance on static, self-reported questionnaires.
• Offers a generative-AI–powered document analysis feature that accelerates information gathering and streamlines supplier assessments.
As Olivier Hamon, CTPO of Citalid, commented: “AI saves valuable time in document analysis while keeping final decisions with the teams. It is a powerful autonomy and efficiency driver for CISOs and procurement departments.”
Early Results Demonstrate Clear Impact
In pilot deployment with a major European banking group, the TPRM module uncovered clear discrepancies between supplier self-assessments and real cyber exposure: 61% of suppliers exhibited higher actual exposure than indicated in their questionnaires, while 71% displayed below-average cyber maturity.
These findings highlight critical gaps that traditional, questionnaire-based vendor risk programs may overlook underscoring the value of a dynamic, intelligence-driven TPRM approach.
