Continuously Monitor
Monitor the security posture of your third parties in real time with automated, objective security ratings. Set alerts to find out when your critical service providers expose vulnerabilities, and grant access to their IT Security teams so they can engage with the assessment to improve their score. Generate regular reporting for your board, regulator and other stakeholders to demonstrate thorough, proactive oversight.


Conduct a Deep Assessment
Use Orbit Diligence to access Thomas Murray’s library of digitised IT Security questionnaires, with auto-scoring, in-platform vendor communication, document storage and reporting. Automate the issuance of questionnaires and leverage Orbit’s intuitive workflows to save both you and your third parties time and manual effort.
Take Action
Escalate with a potentially high-risk third party by providing full access to its security rating and threat intelligence assessment, automatically flagging high-impact remediations so that their IT Security team can being improving their score from day 1. Thomas Murray’s cyber security analysts will engage with your third parties to help them understand, contextualise and implement their assessment – you only need to make the introduction.


Speak with
an Expert
Speak with
an Expert
Get the most out of your network footprint

Automated
By combining automated “external” security ratings and digitised “internal” IT Security questionnaire, our clients can establish a sophisticated monitoring programme without adding to budget or headcount.

Centralised
Orbit is the only solution which combines expert security ratings with deep due diligence capacities, meaning that our clients can centralise their third party risk management on a single, easy-to-use platform.

Compliant
Orbit is designed to help lean teams meet stringent regulatory requirements. We help clients achieve compliance by demonstrating a proactive approach with deep assessments, tailored reporting and audit trails.
We safeguard clients and their communities

Petroleum Development Oman Pension Fund
“Thomas Murray has been a very valuable partner in the selection process of our new custodian for Petroleum Development Oman Pension Fund.”

ATHEX
"Thomas Murray now plays a key role in helping us to detect and remediate issues in our security posture, and to quantify ATHEX's security performance to our directors and customers."

Northern Trust
“Thomas Murray provides Northern Trust with a range of RFP products, services and technology, delivering an efficient and cost-effective solution that frees our network managers up to focus on higher Value activities.”
Manage
Attack Surface Discovery
- Automated discovery of digital assets.
- Eliminate false positives.
- Monitor for changes.
Security Ratings
- Organisation security ratings.
- Domain security ratings.
- Benchmarking.
Attack Surface Reduction
- Breaches.
- Vulnerabilities.
- Misconfigurations.
Monitor
Reporting and Benchmarking
- C-Suite reporting.
- Alerts and Automated reports.
- Custom competitor analysis.
Enquiries and Improvements
- Live enquiries tool.
- Access to expert analysts.
- Track organisation and domain scores.
Integration
- APIs.
Oversight
- Accounts and permissions.
- Historical scores.
- Account security.
Escalate
Third Parties
- Provide free access for remediation.
- Monitor changes.
IT Security Questionnaires
- Issue and Analyse.
- Manage and Monitor.
- Assess and Remediate.
Vendor Due Diligence and Selection
- Standard and custom questionnaires.
- Track, report and benchmark.
Insights

Join our live webinar: How to rob a bank (and not get away with it)
Thomas Murray’s global cyber risk practice is built on deep industry expertise. With nearly 30-years’ experience supporting major financial…

Impact of Russian invasion of Ukraine on capital markets of Ukraine and Russia
Russian forces invaded Ukraine on Thursday, 24 February 2022. Global stock prices tumbled that day, while oil prices surged – increasing…

The growing pains of cyber insurance
The cyber insurance market has grown rapidly over the last few years, and it’s not done yet. By some forecasts, the global market will grow…

Strengthening supply chains against sanctions
Third-party due diligence used to mean simply assessing the financial and operational capacity of your third parties. Basic due diligence now…
Contact an expert

Robert Smith
Head of SaaS Sales and Customer Success | SaaS Sales and Customer Success
