Panorays, a leading provider of third-party cyber risk management solutions, is set to unveil its advanced AI-powered platform at the RSA Conference 2024. This development is aimed at transforming the Third-Party Cyber Risk Management (TPCRM) landscape by providing enhanced simplicity and robustness in securing supply chains and ensuring customized and accurate risk assessments.

Matan Or-El, Co-Founder and CEO of Panorays, discussed the strategic impact of AI in this sector: “With the emergence of artificial intelligence, embracing both the challenges and the opportunities it brings for securing supply chains will redefine how we manage third-party risk.” He elaborated, “Panorays’ broad portfolio of AI for supply chain discovery, assessment, threat detection, and automation will help bring AI to the forefront of operational efficiency and cyber resilience.”

Panorays’ approach for managing AI-based third party risks. Generative AI offers efficiency but also risks exposing sensitive data and intellectual property which pose challenges for businesses. Security teams need help to adopt AI technology in a way that is safe and secure.

Panorays’ platform boasts advanced capabilities to identify suppliers using AI and detects the utilization of risky “privileged” AI models within the digital supply chain. The platform automatically maps AI-based third parties and tiers them based on criticality, sensitivity, and risk markers, providing organizations with comprehensive insights into the risk landscape of their supply chain ecosystem. It also allows specific AI questionnaire templates to facilitate the effective implementation of governance programs, enabling organizations to streamline compliance efforts and ensure adherence to regulatory requirements.

Reducing the impact of supply chain attacks with AI. One of the primary hurdles in third-party assessment lies in ensuring the accuracy and validation of findings. Panorays' uses highly tuned AI models to accurately identify the digital assets in the supply chain by automatically identifying all third parties, 4th parties, and up to the nth level while accurately scans and validates each finding with minimum false positives. The AI-based assessment engine normalizes each finding and correlates it with internal findings and past cyber incidents, including breaches, zero-day exploits, and cyberattacks to predict the likelihood of supplier breaches. Combining these findings with the company's KPIs and KRIs, makes the assessment both accurate and business driven. Panorays empowers organizations to reduce third-party cyber risk with AI proactive threat intelligence. The platform utilizes contextual AI-driven mapping of new vulnerabilities and breaches to facilitate rapid alerts of threat indicators mapped by third party criticality and trigger actions based on the risk level.

Scaling the TPCRM Process Using AI. Third party cyber risk management is notoriously known for being resource heavy. Panorays’ AI-powered platform automates the manual work associated with the process to provide a streamlined workflow automation. Its Questionnaire Autocompletion allows third parties to automatically fill out questionnaires based on previously provided responses, accompanied by supporting information serving as evidence.

Its NLP capabilities allows organizations to automatically parse documents provided by third parties, including questionnaires, certifications, and attestations (SOC2, ISO, and others) to seamlessly align them with corresponding responses in the assessment questionnaire. This process delivers the most precise, “zero touch” approach for assessment questionnaires and creates a concrete validation of the security control that doesn’t exist in the market today.