KnowBe4 KCM GRC Addresses Major Vendor Risk Management Issues

KCM GRC Provides Organizations With a Simple, Effective Way to Measure and Continuously Monitor Vendor Risk

According to a recent survey of more than 1,000 U.S. and U.K.-based CISOs by the Ponemon Institute, 59 percent of companies said they have experienced a data breach caused by one of their vendors or third parties. With large organizations today having upwards of 100,000 third-party vendors to manage, and small organizations having a significant sub-set of that, managing third-party vendor risk is an important part of an organization’s overall cyber-health. KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced new functionality for its GRC management platform, KCM GRC, which helps organizations of all sizes address the growing problem of third-party vendor risk management.KCM GRC Logo-1

Organizations that do not know the cyber-health of vendors they do business with put themselves at risk of breaches and other cyber-attacks. According to the Ponemon survey, 75 percent of organizations believe that third-party cybersecurity incidents are increasing and 22 percent of respondents admitted they didn’t know if they’d had a third-party data breach in the past 12 months. Additionally, PwC’s recent report “The Global State of Information Security Survey 2018” states that there are very few companies that are correctly building cyber and privacy risk management into their digital transformation initiatives.

KnowBe4’s KCM GRC is an intuitive platform which organizations can customize to measure third-party vendor risk. Once an initial assessment is completed, organizations can continually monitor against risk levels they’ve set. KCM GRC enables an organization to keep track of everything within the platform, moving away from using cumbersome point products and office management tools, to adhere to policy and compliance management standards. As with all KnowBe4 offerings, KCM GRC comes with free and unlimited support.

“Third party vendors introduce risk to any organization. The vendor lifecycle and those risks must be managed. With the introduction of vendor risk in the KCM GRC platform, we designed it as a simple, intuitive and scalable platform to easily manage these risks.” said Blake Huebner, KnowBe4’s SVP of KCM Strategy.

For more information on KCM GRC, visit:


About KnowBe4
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 24,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as the last line of defense.

Number 96 on the list Inc. 500 of 2018, number 34 on 2018’s Deloitte's Technology Fast 500, and 2nd place in Cybersecurity Ventures Cybersecurity 500, KnowBe4 is headquartered in Tampa Bay, Florida, with offices in Brazil, England, the Netherlands, Germany, South Africa and Singapore.


Get the latest about social engineering

Subscribe to CyberheistNews