Analyst Insight: The Gartner® Market Guide for IT Vendor Risk Management Solutions

IBM and Prevalent Build Cyber Resilience into Supplier Ecosystems

Cyber risk management leaders join forces to protect critical supply chains and third-party ecosystems with expert security services and software.
Kevin Hickey
Chief Executive Officer
March 08, 2023
Blog ibm prevalent supplier ecosystem 0323

Third-party risk management is a growing board-level concern for many organizations. As a board member and cybersecurity advisor, I have seen firsthand that:

As attack surfaces continue to expand as a result of remote and hybrid work, and supply chains become more interconnected and multi-tier, regulators are also taking notice, applying additional scrutiny on organizations to improve third-party cyber risk governance.

Third-Party Risk Management Challenges

Between rising numbers of incidents, growing regulatory pressure, and increasing breach remediation costs, third-party cyber risk management should be the priority for IT security teams. For many organizations, however, what’s missing is a centralized approach to manage third parties efficiently. We see this approach manifesting in three distinct challenges:

  • Incomplete inventory: A decentralized approach to third-party risk management inhibits an organization’s ability to take a complete inventory of its contracted third parties and suppliers.
  • Inconsistent risk identification: A lack of resources results in untimely third-party supplier assessments and inconsistent risk assessment practices across the company.
  • Poor communication: Manual processes inhibit teams in their efforts to understand and communicate the security and operational risks involved in third-party relationships throughout the organization.

Bottom line: Organizations lack the resources, processes and procedures to withstand third-party digital and physical disruptions. That has to change.

Discover How to Scale Your Third-Party Risk Program

Join IBM Security Services and Prevalent for a free webinar discussing how to build a third-party risk management program that can scale to cover your extended supplier ecosystem.

Register for the Webinar
Featured resource prevalent ibm supply chain webinar

Building Cyber Resilience into Supplier Ecosystems

Jointly with IBM, we're delivering a programmatic approach to third-party and supplier cyber risk management based on IBM’s world-class Security Services and Prevalent’s industry-leading TPRM platform. Together we combine expert consultancy to design and build a comprehensive solution with a robust TPRM methodology and model, a centralized and integrated view of your vendors to minimize compliance concerns, and real-time data to improve efficiencies.

The joint IBM-Prevalent solution can:

  • Deliver a current state assessment of your third-party risk management function, identifying gaps against leading standards and frameworks
  • Develop an operating model, organizational governance structure, policies and procedures, contract security requirements, inventory, and integrated dashboards for centralized supplier management across your enterprise
  • Automate the end-to-end process of risk assessments with a platform to perform control-based assessments and continuous supplier monitoring
  • Monitor and manage to a steady-state, providing proactive co-source or fully managed outsourcing of your supply chain risk management program

The result? Dimple Ahluwalia, VP & Global Managing Partner, IBM, says, “Supply chains are becoming increasingly more complex and organizations are facing mounting pressure to ensure suppliers at every level of their ecosystem are mitigating the risk of cyber-attacks. IBM Security Services, in conjunction with Prevalent, provide clients the framework, expertise and platform needed to build an optimized and scalable program.”

Next Step: Learn More by Registering for the Webinar

To learn more about this industry-first solution, I invite you to a webinar hosted by IBM and Prevalent, How to Make Supply Chain Cybersecurity a Competitive Advantage. During this on-demand webinar our teams jointly demonstrate:

  • How to identify where your greatest third-party and supplier risk lies
  • Governance models around strategy, new policies and procedures and change management
  • Best practices to identify and mitigate identified third-party risks
  • Technologies to drive efficiencies across the enterprise
  • Metrics to determine whether your program is working

I’m thrilled to announce our joint solution with IBM! For more on our relationship, contact Prevalent and be sure to watch the webinar.

Hickey 119
Kevin Hickey
Chief Executive Officer

Kevin Hickey brings a strong history of software operations, strategy, capital fundraising, and mergers and acquisitions to his position as Chief Executive Officer. He joined Prevalent from BeyondTrust, where he led a successful turnaround that doubled the company’s revenue. Kevin joined BeyondTrust by way of the company’s acquisition of eEye Digital Security, where he served as CEO and Chairman. Under Kevin’s leadership, eEye experienced significant growth, launched several 'market-first' security solutions and brought the company back to category leadership. Prior to joining eEye, Kevin was CEO of NetPro Computing, where he helped grow the business before concluding its very successful sale to Quest Software. Kevin has also served as the president and CEO of, where he secured funding and eventually sold the business to industry leader During his seven years as president and COO at Viasoft Inc., Kevin led the company through a successful initial public offering prior to its sale. Kevin started his IT career at IBM, serving in several key marketing and executive business management roles.

  • Ready for a demo?
  • Schedule a free personalized solution demonstration to see if Prevalent is a fit for you.
  • Request a Demo