New “bottom-line” Cyber Risk Rating combines essential cyber data with business context to help organizations make rapid security decisions about their third parties.     

NEW YORK, July 22, 2020 — Panorays, a leading provider of automated third-party security management, today announced that it has released an innovative security ratings model that provides the most comprehensive view of vendor cyber risk. Panorays also added two new key features to its platform: Remediation Plans and Standards and Regulations Reports.

Panorays’ new Cyber Risk Rating combines data from Panorays’ Smart Questionnaire™ Rating with its Cyber Posture Rating. Vendors’ responses to the automated Smart Questionnaire™ provide an overview of a vendor’s internal policy security and is based on the business and technology relationship between the third party and the company. The Cyber Posture Rating is a calculated average of ratings which represents the cyber resilience of three layers: network and IT, application and human.

“We are excited to launch what we believe represents a new era in third-party security management,” said Panorays CEO Matan Or-El. “Organizations are always looking for effective ways to streamline the third-party risk process, and we are certain that Panorays’ Cyber Risk Rating will help them accomplish that. By providing one of five levels—bad, poor, fair, good or excellent—the Cyber Risk Rating provides a rapid thumbs-up-or-down view of a vendor’s cyber risk. By dramatically speeding up the process, Panorays has succeeded in introducing a radical change to the third-party security ecosystem.”

“In today’s distributed and dynamic extended enterprise, it is essential that organizations have complete insight into the risk of any particular third-party relationship,” said Michael Rasmussen, GRC analyst at GRC 20/20 Research, LLC. “Being able to get to that ‘bottom-line’ risk rating is critical to managing third-party risk within a specific relationship, as well as across relationships.”

Panorays’ new Remediation Plan feature allows organizations to share remediation plans with their suppliers to improve their Cyber Risk Rating. For example, if a supplier’s Cyber Risk Rating is “bad,” the organization can set a goal to raise the rating to “good.” A remediation plan will automatically be generated that details how the supplier can achieve this goal with the least amount of steps and effort.

The Standards and Regulations Reports feature allows organizations to generate compliance reports for regulations such as GDPR and NYDFS. The reports are either based on the completion of Panorays’ automated questionnaire or a past standard questionnaire like SIG, which the vendor can upload to Panorays’ platform. Such reports can be especially valuable for companies’ SOC II and ISO processes. 

“With the new Remediation Plan and Standards and Regulations reports features, we are providing the very best of third-party security and compliance to our customers,” said Panorays VP Product Noam Maman. “The Remediation Plan allows organizations to work with vendors that they may not have otherwise considered because of security reasons. The Standards and Regulations Reports feature addresses the pain of complying with regulations. By providing these rapid and innovative solutions, we are enabling business while maintaining the highest standards of security.”

About Panorays

Panorays automates third-party security lifecycle management. With the Panorays platform, companies dramatically speed up their third-party security evaluation process and gain continuous visibility while ensuring compliance to regulations such as GDPR, CCPA and NYDFS. It is the only platform that enables companies to easily view, manage and engage on the security posture of their third parties, vendors, suppliers and business partners. Panorays is a SaaS-based platform, with no installation needed.

Panorays is currently being successfully implemented by client organizations in various industries including financial, banking, insurance, healthcare, technology, retail and automotive.

For more information, visit