CORL Technologies was founded in early 2012 based on occurring trends in the healthcare industry, with respect to vendor security risk management. We noticed an increasing number of breaches associated with third parties that wasn't being supported by efficient processes or technology. The processes organizations had employed varied from doing nothing, to requesting lengthy questionnaires for vendors, to teams of auditors doing full blown assessments. The technology in place for this area was focused on supporting these types of functions. In speaking with clients and reflecting on our experiences at HITRUST, we just didn't feel this was sustainable.
Expenses were growing, but for what? The risk information that organizations were getting for 95% of their vendors wasn’t being used, and it was because it either ultimately had no material impact or there were not enough resources to actually review it and make sense of it.
So when we started CORL Technologies, we set out with the mission of creating a platform to provide intelligence behind the vendor security risk management function, achieved through in depth research and responsible sharing within the community. This way, organizations can focus on the right vendors at the right times, and collectively we can spark change in the vendor community to take security seriously.