Crossword Cybersecurity plc has announced the availability of Rizikon Assurance 2.0, an online solution to the problem of third-party risk. The new version allows organisations to visualise all risks for each third-party through fully customisable 360-degree supplier scorecards. The new Third-party Assurance Framework Dashboard – an industry first – gives Supplier Management teams, Chief Risk Officers and senior executives a complete understanding of third-party risks across their supply chain, helping identify problem areas and prioritise remedial action.

Every day there is a new report of a third-party (often a supplier) causing financial, reputational or regulatory harm to a company – this could be a data breach, an issue with child labour, a missed delivery date, or a safety problem. Rizikon Assurance helps companies address the pressure from Regulators, Auditors, Compliance professionals and customers to improve third-party assurance & risk management. It supports the Rizikon Supplier Assurance Framework, an optional, technology independent, methodology for organising, managing and measuring third-party risks.

Controlling third-party risk with assessments

Rizikon Assurance 2.0 is now fully integrated with data sources from Companies House and credit ratings via CreditsafeRizikon Assurance helps organisations take control of third-party risk with secure online assessments in their own branded portal, automated assessment scoring and workflows. Both standard and customised assessments are securely sent to third parties; once submitted online they are automatically scored, and can be manually rescored by ‘Assessors’, who can flag answers and return them for more detail or improved responses.

Procurement and Supplier managers and executives can then instantly use data to understand the risks associated with that supplier, a specific risk area, or across the whole business. Rizikon Assurance 2.0 is now fully integrated with data sources from Companies House and credit ratings via Creditsafe.

This means that Suppliers can be verified against registered information, and limits financial exposure by giving finance and procurement teams instant access to the financial risk data for all suppliers in the Creditsafe database of over 320 million companies. Credit risk can now be viewed alongside all other areas of Supplier risk (Cyber, GDPR, Continuity, etc.) on a single scorecard.

360-degree view of third-party risk

Scorecards give an at-a-glance 360-degree view of third-party risk in a context defined by the customerNew Rizikon Assurance Scorecards allow customers to see all risks for each third-party with combined risk information from the Assessments they have completed on multiple topics, as well as data from Companies House and credit-scoring from Creditsafe. Scorecards give an at-a-glance 360-degree view of third-party risk in a context defined by the customer, as each scorecard segment and weighted risk calculation is customisable.

The industry-first Assurance Framework Dashboard gives executives and risk professionals a top-level view of all risks across all third parties, organised by ‘Impact levels’. It allows them to quickly focus on high ‘criticality’ third parties needing the most attention and drill-down into those risks. The dashboard also highlights where assurance information gaps exist, which may leave a company exposed.

SaaS platform with two-factor authentication

Rizikon Assurance comes with a growing library of standard assessments that organisations can use to support third-party assurance covering areas including Cyber Security, Modern Slavery, Anti Bribery & Corruption, GDPR and Minimum Wage legislation. These can be combined with customised assessments based on a customer’s own tried and tested question sets.

Security features include two-factor authentication and 256-bit end-to-end encryptionDelivered as a SaaS platform, the installation and hosting, maintenance, support and security of Rizikon Assurance is taken care of by the Crossword Cybersecurity team, reducing both risk and total cost of ownership. Security features include two-factor authentication and 256-bit end-to-end encryption. All data is hosted in the UK across multiple data centres.

Third-party assurance and risk management

Jake Holloway, Director responsible for Rizikon Assurance, commented: “Despite third-party risks being one of the top enterprise risks for any large company or organisation, third-party risk assurance is often under resourced and simply not visible at board level in the same way as other areas, such as global trade policy or cyber security.

The Rizikon Supplier Assurance Framework and Rizikon Assurance 2.0 give companies a methodology and software platform that improves third-party assurance and risk management through efficiency, automation and better visibility of risk areas and individual suppliers. Finally, boardrooms can answer the question ‘How much third-party risk do we have and exactly where is it?’

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version

In case you missed it

Embracing digital transformation in the security industry
Embracing digital transformation in the security industry

Many industries are, to a greater or lesser extent, in the throes of digital transformation. As with any change programme, digital transformation efforts often under-perform against expectations. Yet, the number of digital transformation programmes continue to increase, as commercial pressures intensify. As security professionals we need to embrace our role in digital transformation, as security is everybody’s business. For all those people weary of hearing about digital transformation and believe it’s a business fad, consider your own behaviours. If you use a smartphone to search, find, order, buy, message, watch, learn, play, bank, pay, enter, exit, navigate, communicate and more then you are part of the reason that digital transformation is a commercial necessity. The way we live our lives has changed significantly over the past twenty years and this needs to be reflected into how we rethink the way we do business. Digital transformation is about more than technology, it allows people to solve their traditional problems in new and better ways than before. Better can mean faster, at lower cost, using fewer resources, easier to maintain, more compliant and/or easier to report insights. IoT, criminal activity and security  The number of internet connected devices worldwide is increasing at an exponential rate; by the end of 2025 there are expected to be 75.44 billion. Internet of Things (IoT) means digital transformation converges physical and digital for security professionals. Criminals use smarter digital tools such as malware, drones, key cloners, signal readers and more, which impact both physical and cybersecurity. To counter this, digital transformation provides security professionals with access As security professionals we need to embrace our role in digital transformation, as security is everybody’s businessto valuable actionable insights to identify and deter threats to people and assets. All transformation starts with an idea generated by people and ends with people experiencing the output. Therefore, digital transformation starts and ends with people. To ensure a solid foundation to any digital transformation agenda, people need to have a clear purpose to engage. This is where security leaders can inspire their colleagues with a laudable purpose of embracing disruption at the same time as focusing on safeguarding people and assets. Non-security colleagues should understand that security risks are advancing at a faster pace than enterprises can adapt. As a security leader, you are advocating a movement where your colleagues adopt relevant enterprise security risk management practices in their daily thinking and working. The message is clear that digital transformation presents abundant opportunities and these need to be evaluated alongside the proliferating security threats that can become a business continuity failure. Security professionals and digital influence  The number of internet connected devices worldwide is increasing at an exponential rate; by the end of 2025 there are expected to be 75.44 billionSecurity professionals can influence digital transformation success by translating an enterprise’s strategy into secure operational reality. The security narrative should emphasise the people side of digital transformation and how technology can act as an enabler of a safe and secure experience, both for employees and customers. Operationally, digital transformation is about agility, adaptability and navigating uncertainty. Old ways of thinking and working will be blockers to transformation, so security leaders ought to identify the rapid enablers of a ‘secure’ digital transformation. Better people, processes and overall technology People generally don’t want more in their lives, they want better. Better people. Better data. Better technology. Better processes. Digital transformation creates significant ‘better’ benefits for security: For example, connected (IoT) sensors, video analytics at the edge and machine learning identify threats faster; workflow technologies and automation detect, investigate and remediate routine responses; cloud provides many benefits such as agility, scale and mobility; and, smartphones/digital devices provide real-time communication and collaboration. Tackling all the ‘better’ needs within a security approach is necessary – focusing on the prioritised commercial needs first. Think about how to drive radical simplification into digital transformation agendas to ensure complexity doesn’t create too many unmanageable risks. Designing enterprise security risk management into the business operating model will facilitate colleagues to be empowered for safe and secure change. Communicating security successes and breaches with commercial impact insights in a timely and concise manner across the enterprise will prove the value of active security engagement throughout digital transformation programmes. Transforming the world Digital technology is transforming the world around us, in a way that impacts every area of security. Security professionals are now businesspeople and technologists, in addition to their traditional security remits. Embracing this impacts security recruitment, training and employee engagement, within the security team and with non-security colleagues. Without a doubt, security professionals are integral to digital transformation programmes.

What are the security challenges of protecting utilities?
What are the security challenges of protecting utilities?

Utilities are an important element of critical infrastructure and, as such, must be protected to ensure that the daily lives of millions of people continue without disruption. Protecting utilities presents a unique range of challenges, whether one considers the electrical grid or telecommunications networks, the local water supply or oil and gas lines. Security technologies contribute to protecting these diverse components, but it’s not an easy job. We asked this week’s Expert Panel Roundtable: What are the security challenges of protecting utilities?

Q&A: how the ‘secret service of Hollywood’ protects celebrities
Q&A: how the ‘secret service of Hollywood’ protects celebrities

At a major music festival, a fan in the crowd aggressively leapt over a barricade to approach a famous artist. Personnel from Force Protection Agency immediately implemented extrication protocol to shield the artist from physical harm, quickly reversed course and calmly led the client away from the threat. Force Protection Agency (FPA) personnel intentionally did not engage the threatening fan in any way, as local venue security personnel were present and tasked with apprehending the rogue fan. FPA’s efforts were directed expressly toward the protection of the client, avoiding unnecessary escalation or complications and minimising physical, visual, and legal exposure. Dedicated to the safety of clients Force Protection Agency is a unique, elite-level agency inspired by a vision for excellence and innovation Specialising in protecting celebrities and high-net-worth individuals, Force Protection Agency is a unique, elite-level agency inspired by a vision for excellence and innovation, and dedicated to the safety and success of clients. The agency was formed in 2017 by Russell Stuart, a California State Guard officer and security and entertainment industry veteran. The agency is the culmination of 20 years of experience in the fields of security, military, emergency management, logistics and technology, media and entertainment, and celebrity management. We interviewed Russell Stuart, Founder and CEO of Force Protection Agency (FPA), which has been called “the Secret Service of Hollywood,” for his insights into providing security for celebrities. Q: What unique need in the marketplace do you seek to serve, and how are you qualified to serve it? Stuart: The needs of celebrity and high-net-worth clients are complex and constantly changing. When dealing with a high-profile individual, discretion is paramount, extensive communication is required, and adaptation is ongoing. A critical objective is anticipating and planning for all types of potential negative scenarios and preventing them from even starting, all while not disrupting the normal course of operation of the client's day or their business. Force Protection Agency is poised to serve these needs by innovating and intelligently managing the planning, procedures, and personnel used in every facet of protecting the client’s interests and achieving their objectives. Q: What is the typical level of "professionalism" among bodyguards and security professionals that protect celebrities? Why does professionalism matter, and how do you differentiate yourself on this point? Stuart: Professionalism is an overall way of approaching everything to do with the business, from recruiting, to training, to making sure the right agent is with the right client. Nothing matters more; polish and precision are not only critical to mission success, but also support the comprehensive best interest of the client while preventing costly collateral damage and additional negative consequences. True “professional protective services" is intelligent strength and proper execution, not emotional or reactionary violence. Unfortunately, the latter is frequent among many celebrity bodyguards, and often incurs extremely expensive and even dangerous repercussions. Q: Your company has been described as "the Secret Service of Hollywood." How true is that comparison, and how does your work differ from (e.g.) protecting the President? Force Protection Agency prides itself on providing its services with discretion, precision, and poise Stuart: Totally true, and for this reason: the keys to success in protection are prioritization, and planning. Most people fail to even recognise the first, negating any level of effort given to the second. Establishing the true needs and the correct priority of objectives for each individual client and situation, and firmly committing to these without deviation, are what distinguishes both government secret services and Force Protection Agency from the vast majority of general security firms. Also, the term “secret service” implies an inconspicuous yet professional approach, and Force Protection Agency prides itself on providing its services with discretion, precision, and poise. Q: What is the biggest challenge of protecting celebrities? Stuart: The very nature of celebrity is visibility and access, which always increases risk. The challenge of protecting a high-profile individual is facilitating that accessibility in a strategic and controlled manner while mitigating risk factors. A client’s personal desires and preferences can often conflict with a lowest risk scenario, so careful consideration and thorough preparation are essential, along with continual communication. Q: How does the approach to protection change from one celebrity (client) to another? What variables impact how you do your job? Stuart: The approach is largely determined by the client’s specific needs, requests and objectives. The circumstances of a client's activities, location, and other associated entities can vastly disrupt operation activities. A client may prefer a more or less obvious security presence, which can impact the quantity and proximity of personnel. Force Protection Agency coordinates extensively with numerous federal, state, and municipal government agencies, which also have a variety of influence depending on the particular locations involved and the specific client activities being engaged in.  Q: Are all your clients celebrities or what other types of "executives" do you protect – and, if so, how are those jobs different? Stuart: Force Protection Agency provides protective services for a wide range of clients, from the world’s most notable superstars to corporate executives and government representatives. We also provide private investigation services for a vast variety of clientele. Force Protection Agency creates customised solutions that surpass each individual client’s needs and circumstances. The differences between protecting a major celebrity or top business executive can be quite different or exactly the same. Although potentially not as well known in popular culture, some top CEOs have a net worth well above many famous celebrities and their security needs must reflect their success. Q: What is the role of technology in protecting famous people (including drones)? Technology is crucial to the success of security operations Stuart: Technology is crucial to the success of security operations and brings a tremendous advantage to those equipped with the best technological resources and the skills required to maximise their capabilities. It affects equipment such as communication and surveillance devices like drones, cameras, radios, detection/tracking devices, GPS, defensive weapons, protective equipment, and more. Technology also brings immense capabilities to strategic planning and logistical operations through the power of data management and is another aspect of Force Protection Agency operation that sets us apart from the competition. Q: What additional technology tools would be helpful in your work (i.e., a “technology wish list”)? Stuart: The rapidly growing and evolving realm of social media is a massive digital battlefield littered with current and potential future threats and adversaries. Most mass shooters as of late have left a trail of disturbing posts and comments across social media platforms and chat rooms that telegraphed their disturbing mindset and future attacks. A tool that could manage an intelligent search for such threats and generate additional intel through a continuous scan of all available relevant data from social media sources would be extremely useful and could potentially save many lives. Q: Anything you wish to add? Stuart: Delivering consistent excellence in protection and security is both a vital need and a tremendous responsibility. Force Protection Agency is proud of their unwavering commitment to “Defend, Enforce, Assist” and stands ready to secure and satisfy each and every client, and to preserve the life and liberty of our nation and the world.