Security Experts:

RiskRecon Raises $25 Million to Grow Third-Party Cyber Risk Management Business

Salk Lake City-based RiskRecon, which offers solutions to help companies manage third-party cyber risk, has raised $25 million in Series B financing, the company announced Wednesday.

The Series B round brings the total amount raised by RiskRecon to more than $40 million.

RiskRecon helps its customers control third-party risk by providing assessments of each third-party’s security practices, which can be used to establish a base level of trust and identify specific areas for further discussion and investigation.

The company, which has nearly tripled its customer base in the last twelve months, says the additional funding will be used to support increasing demand for its third-party cyber risk management solutions.

“Though most businesses have no choice but to obtain internet services, security solutions, and a range of other business-critical technologies from third-party providers, they do have a choice in how they manage the associated security risks,” noted SecurityWeek contributor Josh Lefkowitz in a recent column. 

“Third-party risk management is the process of holding enterprises accountable to good security practices,” explained Kelly White, RiskRecon’s CEO and Co-founder. “As you improve the risk management of your third parties, you improve the collective security of the Internet.”

The Series B round was led by Accel and joined by existing investors Dell Technologies Capital, General Catalyst, and Fidelity’s F-Prime Capital. Several existing individual investors also participated in the round.

“As we talk to our CISOs, we see a growing need for third-party risk management as enterprises have become more intertwined with third-party service providers,” said Nate Niparko, a partner at Accel. 

“Conducting thorough due diligence on a prospective vendor’s security is essential,” Lefkowitz added in his April 2018 column. “The most secure and successful vendor relationships are rooted in preparation and transparency. Thoroughly understanding all facets of a vendor’s security program, implementing additional controls as needed to appropriately safeguard your business’s assets, and being prepared to respond to future incidents can go a long way toward reducing business risks associated with any vendor relationship.”

Related: Managing Risk a Must in Third-Party Relationships

Related: Third-Party Cyber Risks a Rising Threat, Research Shows

view counter
For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.