Search form


Third-Party Cyber Risk.

A complete solution for third party cyber risk management

50% of cyber attacks emerge through third parties, including suppliers, service providers, clients and contractors. With Thomas Murray Cyber Risk you can manage your exposure to third parties by continuously monitoring their public IT Security, identifying breaches and vulnerabilities, escalating risks and improving the security of your ecosystem.

Monitor your third parties’ cyber risk

Track your third parties’ performance over time through Cyber Risk’s real-time monitoring intelligence tool. Thomas Murray will provide your company with objective, verifiable data, and offer access to our trusted platform suite of third-party risk solutions with a single sign-on.

Provide third parties with free access

If an organisation your are exposed to has a low score or key underlying risks, you can escalate by providing them free access to their full assessment. Thomas Murray will work with their IT Security team to interpret and prioritise remediation steps, enabling them to improve their score and build security in your supply chain. Users can set automated alerts to warn you when a provider’s score drop significantly, or below an acceptable level, allowing you to rapidly escalate risks.

Escalate with automated, intelligent questionnaires

Our due diligence tool enables you to issue pre-built or bespoke questionnaires, track responses and automate the analysis, giving you deep visibility over all your third parties. Security Ratings provide an external analysis of the assets organisations are exposing to the internet, but questionnaires remain a key component of all third party risk management programmes, gaining internal visibility as well as representations from your providers. Our due diligence tool automates this process from issuance to analysis.

Build a secure network

Use Cyber Risk ratings to automatically assess existing providers, suppliers and clients, as well as to analyse potential partners, acquisitions or suppliers.

Identify and remove vulnerabilities from your network before they are exploited

See where your third parties have experience data or infrastructure breaches, and rapidly escalate to safeguard your assets


Bank-grade Third-Party Cyber Risk management, for any organisation.




Attack Surface Discovery

  • Automated discovery of digital assets.
  • Eliminate false positives.
  • Monitor for changes.

Reporting & Benchmarking

  • C-Suite reporting.
  • Alerts & Automated reports.
  • Custom competitor analysis.

Third Parties

  • Provide free access for remediation.
  • Monitor changes.

 Security Ratings

  • Organisation security ratings.
  • Domain security ratings.
  • Benchmarking.

 Enquiries & Improvements

  •  Live enquiries tool.
  • Access to expert analysts.
  • Track organisation & domain scores.

 IT Security Questionnaires

  • Issue & Analyse.
  • Manage & Monitor.
  • Assess & Remediate.

Attack Surface Reduction

  • Breaches.
  • Vulnerabilities.
  • Misconfigurations.


  • APIs.

Vendor Due Diligence & Selection

  • Standard & custom questionnaires.
  • Track, report & benchmark.


  • Accounts & permissions.
  • Historical scores.
  • Account security.

A Single, Global Risk Intelligence Platform

Resources for Cyber Risk

Thomas Murray - News

Cyber risk

This week’s successful cyber-attack on Optus – Australia’s second-largest telecommunications company – is a wake-up call for us all

Thomas Murray - News

Cyber risk

Fund managers should not get caught out thinking they are a low-priority target: here’s how to identify risks and build resilience, to protect investor data and assets.

Thomas Murray - News

Cyber risk

Philadelphia, PA June 7, 2022—The Business Intelligence Group today announced that Thomas Murray Cyber Risk has won the 2022 Fortress Cyber Security Awards in the Threat Detection category.

Thomas Murray - News

Cyber risk

50% of cyber-attacks originate through a third party, but Network Management teams are not doing enough to protect their banks from high-risk providers.

For more information about Cyber Risk, contact our experts:

Robert Smith

Head of SaaS Sales and Customer Success