CyberVadis: Integrated Approach to Managing Supply Chain Vendor Risk

Follow CyberVadis on :

Pierre-Francois Thaler, Co-Founder and Co-CEO
“It has become imperative that global organizations take an integrated approach to supply chain vendor risk management, covering the 360-degree view of their risk landscape,” advises Pierre-Francois Thaler, the co-founder, and co-CEO of EcoVadis. The reason? The growing augmentation of regulations and mandates has made organizations realize that they need to reinvent their siloed approach toward monitoring the risk of all the vendors in their supply chain. “What makes the job of creating an integrated approach difficult for supply chain organizations is that these vendors are distributed over various geographical regions, and to work with them seamlessly may require a number of human resource and systems. That’s where EcoVadis comes in,” says Thaler. Founded over 12 years ago with an aim to assist chief supply chain and chief procurement officers in mitigating supplier risks, the company provides an online platform for companies to avoid duplication of CSR audits and surveys. This allows them to create an integrated and singular approach towards supply chain vendor evaluation by leveraging EcoVadis’ cloud technology and remote analysis expertise.

Cybervadis was created last year as a spin-off of EcoVadis to leverage the same technology and business model but apply it to cybersecurity and data privacy (GDRP) 3rd parties risk assessment. Clients can access ratings and scorecards for the security robustness of different vendors on a singular platform. Through its risk assessment methodology, Cybervadis works with the key stakeholders of a supply chain organization to assist them in identifying the vendors with the best cybersecurity performance. The ones with the highest ranks are invited to register on Cybervadis’ online network. Depending on the vendor’s profile, the company’s system creates dynamic set of questions, answers to which are reviewed in by their cybersecurity analysts, along with evidence documentation. After the evaluation, score-cards and ratings are created to depict the cybersecurity performance of each vendor. At the end of the day, CyberVadis provides both the vendors as well as the clients with clear recommendations that enable them to improve their security posture.

Cybervadis works with the key stakeholders of a supply chain organization to assist them in identifying the vendors with the best cybersecurity performance

Further, the methodology maps to all major international standards, including GDPR, NIST, NY DFS, and CCPA.

Thaler mentions that EcoVadis’ comprehensive assessment methodology has enabled the company to gain traction among 50,000 customers across 125 countries today. One specific CyberVadis’s success story that he talks about, is for one of the largest global pharma companies. The entity didn’t reach out to Cybervadis merely because of their holistic assessment service or scalable platform, but primarily due to their easy-to-understand ratings and scorecards that could empower the end-users and decision makers. Cybervadis’ solution provided them an integrated way of assessing their vendors and also decentralized the supply chain process based on the ratings and scorecard, and any end-user could apprehend the risk associated with a particular vendor.

The quintessential aspect that differentiates EcoVadis is that it combines its technology and human expertise to deliver an integrated vendor assessment solution. The company’s global network today consists of more than 300 Fortune 2000 companies in Europe, North America, and Asia which also provides it a strategic edge over other companies to scale operations quickly. Going forward, EcoVadis aims to deploy tools to create robust processes for supply chain companies. “We will continue to support suppliers to improve their practices in the ever-changing risk environment,” concludes Thaler.


New York, NY

Pierre-Francois Thaler, Co-Founder and Co-CEO

CyberVadis is the first scalable solution for managing the full third-party cybersecurity risk assessment process. The company’s platform is based on a methodology that maps to all major international compliance standards, and combines the speed of automation with the accuracy and effectiveness of a team of experts. The company's operational platform includes engaging vendors directly with assessments, validating results with an in-house team of security analysts, and issuing companies a standardized cybersecurity rating that they can share with others, along with a detailed improvement plan for increasing their score and the ability to collaborate with clients and vendors on implementing better practices. CyberVadis was developed by EcoVadis, the world’s most trusted provider of businesses sustainability ratings, intelligence and collaborative performance improvement tools for global supply chains. EcoVadis counts industry leaders like Johnson & Johnson, L’Oréal, Nestlé, and Michelin, among the more than 55,000 businesses on its network