7 Chord

7 Chord Inc is an independent provider of predictive pricing and analytics to fixed-income traders. BondDroid®, its proprietary AI platform, extracts valuable signals from any vendor, public, and client's proprietary data when installed in the client's corporate environment.

For its clients unwilling to manage AI in-house, 7 Chord offers BondDroid® Cloud, a fully-managed pricing solution powered by data curated by 7 Chord’s research team.

Problem

7 Chord services a broad array of institutional clients such as banks, dealers, asset managers, fintechs, and financial intermediaries. Many of them are heavily regulated and have rigorous procurement processes managed by sophisticated risk teams. Many prospects require 7 Chord to have a minimum cybersecurity rating, a formal third-party vendor management policy, and evidence that 7 Chord conducts ongoing monitoring of its third-party vendors. 

In 2019, one of the prospects made signing a contract conditional on a satisfactory TPRM policy and its implementation. This sent Kristina Fan, CEO of 7 Chord, on a hunt for a comprehensive cyber-security monitoring solution. She was intrigued when she learned that UpGuard offered TPRM monitoring and attack surface management solutions as part of the same package at a fraction of the price of UpGuard’s leading competitor in the US. 

“If we were to conduct due diligence on each one of our vendors manually, we would need to hire at least one full-time employee. With UpGuard, we would be able to automate this process completely,” said Kristina Fan.

Solution

7 Chord’s team signed up for a free trial to better understand UpGuard’s ability to meet their business objectives. After several weeks of testing the UpGuard’s BreachSight and Vendor Risk solutions, the team decided to go ahead with UpGuard. Three features motivated their decision.

1. Real-time scoring updates

Before onboarding UpGuard, the team couldn’t track the effectiveness of their actions in real-time. UpGuard allowed them to see the immediate effect of their remediation efforts. 

“UpGuard’s real-time security scoring system is beneficial. I get immediate feedback after releasing new functionality or responding to a highlighted risk. Seeing your security score go up is gratifying, almost like winning in a video game. Hence, it provides a psychological incentive to take care of the otherwise mundane task.” said Kadeem Walsh, 7 Chord’s Software Engineer. 

UpGuard integrates with 7 Chord’s plan and code management tools via webhooks. UpGuard sends status change alerts, which the team can address immediately.

Similarly, if the UpGuard platform detects a change in the vendor’s security posture, 7 Chord can automatically request remediation.

2. Fourth party vendor risk scans

In today's interconnected world, your vendors may be using the same cloud, the same payment processing platform, or a domain name server (DNS) provider. If any of these fourth-party providers experiences an outage, so will many of your vendors. 

In November 2020, Amazon Web Services (AWS) experienced a prolonged outage due to a problem with Kinesis, a service that processes large data streams. AWS clients which relied on this service were down all at once. 

“UpGuard platform automatically identifies pockets of our exposure to 4th party vendor risk. For example, even if we don’t use AWS when a major outage is announced, we know in a matter of minutes how this could affect our critical vendors and, in turn, our ability to serve our clients”, says Kristina Fan.

3. Clean user interface and shortened learning curve

7 Chord’s team was instantly impressed by UpGuard's clean and intuitive interface. It took less than half an hour to onboard over 20 vendors and to start monitoring them immediately without the need for a lengthy questionnaire review. 

“We found UpGuard’s design very clean and very intuitive – more intuitive than the UI of its competitors, making it an easy decision to go with UpGuard,” said Kadeem Walsh.

Results

With UpGuard, 7 Chord was able to satisfy the procurement requirement of its prospective client on time and on budget. However, once this immediate problem had been solved, 7 Chord continued to discover other benefits of the UpGuard platform.

Out-of-the-box risk governance framework and executive reporting

UpGuard’s BreachSight and Vendor Risk products establish an industry-accepted governance framework and educate the team about the potential risks they may not have considered. 

“UpGuard automatically classifies the severity of identified risks. We can set quantifiable surface attack management goals, triage issues, and measure our performance against these goals at the end of a sprint,” said Kristina Fan. “Most importantly, it provides executive reporting that even the business teams can easily interpret.” 

Benchmarking against the competitors

An unexpected benefit of the UpGuard platform was 7 Chord’s improved market positioning. UpGuard benchmarks 7 Chord’s security posture to its competitors and identifies the remedial efforts required to come out on top. 

“I love the way UpGuard benchmarks our security posture against other similarly situated firms in our industry. We operate in a very competitive space, and like any young firm, strive for differentiation, scale, and trust,” said Kristina Fan. “UpGuard helps us achieve all three,” she added.

Closing thoughts

All in all, 7 Chord’s team has been pleased with UpGuard. 7 Chord recently renewed their UpGuard subscription and can now monitor an increasing number of vendors as they expand their business to cover EMEA and APAC fixed income markets.

“UpGuard is a must for any start-up servicing institutional clients in our industry,” said Kristina Fan.