logo cyberrisk rating
icon cyberrisk manager

CyberRisk Manager

The basis for your supplier management according to NIS2 and DORA for €480,-*
Your platform for efficient cyber risk management of suppliers in accordance with NIS2. You can access your suppliers' existing information and, if required, ask companies to provide evidence or directly commission CyberRisk Ratings .
Efficiently coordinate cyber risk management according to NIS for numerous suppliers.
Manage evidences, contact suppliers and implement measures all within one platform.
Complete tasks and implement documented measures with unlimited users available.
*Excl. VAT, limited until October 18, 2024.
The CyberRisk Rating Manager automatically renews for another year unless canceled 90 days before the end of the year.
The annual fee of €480,- will automatically be adjusted to the VPI (Verbraucherpreisindex) of Statistik Österreich. The annual fee will be waived in subsequent years if the using company visibly accepts the "CyberRisk Rating by KSV1870" and the "Cyber Trust Label" as IT security evidence for suppliers on its main website.

The Foundation for your Supplier Management

For companies with numerous suppliers, effectively managing the cybersecurity risk of their business partners in a professional, compliant, and efficient manner poses a significant challenge. Therefore, KSV1870 Nimbusec GmbH has developed a solution that allows bundling all essential processes related to supplier cyber risk management according to NIS2 into one platform.

grafik das datenschutz rating


icon database for it certificates
Largest Austrian database of national & international IT certificates
icon unlimited users and suppliers
Create an unlimited number of users and suppliers
icon webrisk indicator
WebRisk Indicator immediately visible per supplier
icon ratings for suppliers worldwide
Creation of individual ratings for suppliers worldwide
icon cyber-security contact
Contact option for the cyber-security responsible individual at your supplier
icon individual module/questionnaires
Individual questionnaires and modules, quarterly review
icon api integration
API integration
The CyberRisk Manager helps with
icon arrow

Managing evidence of the supply chain

The NIS regulations require proof of one's own cybersecurity to customers and vice versa. The CyberRisk Manager enables the uploading and free access of publicly available cybersecurity proofs, including ratings and quality seals, making it indispensable for NIS2 compliance.

Assessing risks internally

Platform users can create, prioritize, and classify suppliers, as not every supplier holds the same significance for the company. This includes creating a supplier directory and grouping companies. Prioritization is based on the importance to the company and the likelihood of cyber risks, in order to establish corresponding security requirements.

Defining measures

After prioritizing the suppliers, corresponding measures need to be defined according to the defined risk classes. In case of inadequate cybersecurity, it is advisable to contact the companies to address the weaknesses.

Creating to-do lists

Users can define measures to minimize cyber risks in the respective area, such as CyberRisk Ratings for high-risk suppliers, contract adjustments, and penetration tests. Efficiently, assignments are made based on measures per risk class rather than per company, automatically generating a to-do list. In the CyberRisk Manager, this list is created, and the status of the measures is documented.

Detecting website risks

The WebRisk Indicator in the CyberRisk Manager describes publicly visible IT security risks and website compliance of companies. It provides free assistance for Third Party Risk Management, which includes all suppliers from the outset. The WebRisk Indicator is available as additional information in the CyberRisk Manager for all suppliers and is created by KSV1870 Nimbusec GmbH.

Requesting suppliers

Companies can directly request suppliers to provide cybersecurity evidence within this platform. The system suggests the appropriate text template, and the user can send it via email (using their personal company account). This makes it immediately apparent to suppliers that the request is coming from a genuine customer and that evidence is indeed required.

Ordering ratings

Companies wishing to order a rating for a supplier can do so in the Manager. Here, there is a choice between two product variants: the Cyber Trust Label (costs borne by the supplier) and the CyberRisk Rating (costs borne by the client). Both are based on the Cyber Risk Rating Schema of the KSÖ and are therefore NIS-compliant.

In Collaboration with