Search form


Enterprise Cyber Risk

Security Ratings and Attack Surface Management

Your complete platform to monitor your network footprint for breaches, vulnerabilities and misconfigurations, protect client data and report to your board. Manage your attack surface with up-to-date insight and benefit from continuous upgrades

Get Visibility over your Attack Surface

We use objective security ratings to give you a 0-1000 score, so you know how your organisation is performing.

Our platform allows you to:

Discover your online network footprint

Our algorithm constantly searches for your publicly visible servers

Benefit from objective ratings

of your organisation and its underlying servers. We group cyber risks into six categories: Breach, Configuration, Mail, DNS, HTTP and SSL/TLS

Use our unique sector comparatives

to see how you rank against your peers

Streamline Issue Remediation

Even the best IT Security team can struggle to manage a large network footprint. Use Thomas Murray’s platform to:

  • See what the hackers see and manage your visible attack surface
  • Remediate potential issues, including breaches, vulnerabilities and misconfigurations
  • Take risk-based decisions, reduce manual effort and gain realtime

Achieve Compliance and Best Practice

Our clients want to surpass minimum requirements by reaching the highest possible standards. We:

  • Give them the tools to pre-empt and close down potential issues before they arise
  • Provide access to our holistic suite of third-party risk management solutions
  • Constantly upgrade our products to meet the needs of clients, boards and regulators

Third-Party Cyber Risk

Have an accurate and updated view of your network’s footprint

Whether you’re looking to identify third-party risks, benchmark your providers’ online footprints or meet the requirements of your board or regulator, Thomas Murray Cyber Risk provides the continuous risk management and reporting you need

Whether you are a Compliance Officer, an IT Security professional or anything in between, Thomas Murray’s threat intelligence platform is


Continuous Scalable Monitoring

  • Real time monitoring of your whole network of third parties
  • Objective, verifiable data
  • Access our trusted platform & Thomas Murray’s suite of thirdparty risk solutions with single sign-on

Risk Assessment & Remediation

  • Make better, faster risk management decisions
  • Identify potential third party risks and give access to key stakeholders
  • Track security ratings over time and watch your network improve

Unique Industry Comparatives

  • Benchmark your third parties’ cyber risk against like-for-like sectors
  • Understand how your third party performs against its peers, as well as Thomas Murray’s global universe
  • Benefit from our continuous monitoring of thousands of financial institutions, providing meaningful comparatives

Thomas Murray Cyber Risk for Compliance

Regulators are increasingly shining a spotlight on third party risk – your monitoring needs to keep pace.

With our cyber risk platform, you can:

  • Perform pro-active monitoring
  • Report issues to your board and regulator

Thomas Murray has been developing expert compliance programmes for banks and funds globally for 25 years. Talk to us today about your regulatory requirements on

Integrated Due Diligence

TM Cyber Risk is fully integrated with SupplierSelect, the due diligence platform of choice for hundreds of financial services companies worldwide.

With Supplier Select, you can:

  • Issue IT Security questionnaires rapidly & easily analyse results
  • Access a due diligence platform with 20,000+ users
  • Quickly import last year’s answers, updating any changes

Read more about our complementary due diligence software:

Thomas Murray’s Third-Party Risk Suite

Having an all-in-one solution for your third-party risk management has huge benefits. Thomas Murray’s clients benefit from single signon to our unique set of risk and compliance solutions, from pure software to managed services, risk assessments and more.

Contact us today to set up an industry-leading risk and compliance programme