Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybersecurity Funding

RiskRecon Raises $25 Million to Grow Third-Party Cyber Risk Management Business

Salk Lake City-based RiskRecon, which offers solutions to help companies manage third-party cyber risk, has raised $25 million in Series B financing, the company announced Wednesday.

Salk Lake City-based RiskRecon, which offers solutions to help companies manage third-party cyber risk, has raised $25 million in Series B financing, the company announced Wednesday.

The Series B round brings the total amount raised by RiskRecon to more than $40 million.

RiskRecon helps its customers control third-party risk by providing assessments of each third-party’s security practices, which can be used to establish a base level of trust and identify specific areas for further discussion and investigation.

The company, which has nearly tripled its customer base in the last twelve months, says the additional funding will be used to support increasing demand for its third-party cyber risk management solutions.

“Though most businesses have no choice but to obtain internet services, security solutions, and a range of other business-critical technologies from third-party providers, they do have a choice in how they manage the associated security risks,” noted SecurityWeek contributor Josh Lefkowitz in a recent column. 

“Third-party risk management is the process of holding enterprises accountable to good security practices,” explained Kelly White, RiskRecon’s CEO and Co-founder. “As you improve the risk management of your third parties, you improve the collective security of the Internet.”

The Series B round was led by Accel and joined by existing investors Dell Technologies Capital, General Catalyst, and Fidelity’s F-Prime Capital. Several existing individual investors also participated in the round.

“As we talk to our CISOs, we see a growing need for third-party risk management as enterprises have become more intertwined with third-party service providers,” said Nate Niparko, a partner at Accel. 

“Conducting thorough due diligence on a prospective vendor’s security is essential,” Lefkowitz added in his April 2018 column. “The most secure and successful vendor relationships are rooted in preparation and transparency. Thoroughly understanding all facets of a vendor’s security program, implementing additional controls as needed to appropriately safeguard your business’s assets, and being prepared to respond to future incidents can go a long way toward reducing business risks associated with any vendor relationship.”

Related: Managing Risk a Must in Third-Party Relationships

Related: Third-Party Cyber Risks a Rising Threat, Research Shows

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Funding/M&A

Tenable has launched a $25 million venture fund to place bets on early-stage startups in the exposure management space.

Risk Management

A threat-based approach to security often focuses on a checklist to meet industry requirements but overlooked the key component of security: reducing risk.

Funding/M&A

Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Risk Management

CISA has published a report detailing the cybersecurity risks to the K-12 education system and recommendations on how to secure it.