Similarweb streamlines time spent on security questionnaires, boosting agility and impact with Vendict.

Introduction‍

Similarweb provides a platform for digital intelligence, delivering a trusted, comprehensive view of the digital world that empowers the company's customers to be competitive in their markets. The company's proprietary technology analyzes digital interactions and daily transactions  from websites and apps and turns these digital signals into actionable insights. With the company's platform, everyone from business leaders, strategy teams, analysts, marketers, category managers, salespeople and investors can quickly and efficiently discover the best business opportunities, identify potential competitive threats and make critical decisions to capture market share and grow revenues.

Tomer Maman, CISO at Similarweb, brings over 20 years of expertise in cybersecurity, specializing in strategy, innovation, and emerging trends, with a deep understanding of market knowledge and leading ventures.

He guides Similarweb’s cybersecurity team in navigating the complexities of cybersecurity, GRC, and security initiatives. Under his leadership, the team remains at the forefront of evolving threats, ensuring robust security measures as technology advances.

The Problem‍

To foster greater efficiency within the team, Tomer sought an automated solution to streamline the management of security questionnaires and DDQs (Due Diligence Questionnaires). Those questionnaires were demanding and time-consuming, pulling his team away from focusing on more strategic priorities. ‍

“Dealing with DDQs and security questionnaires, finding the latest documents, following up on questions and answers—it’s incredibly time-consuming and takes away from the many other important tasks a security team needs to handle.”

Initially, Tomer’s team relied on manual methods, which created a constant burden. He explained, “In the past, we did everything manually. It was a lot of work to keep answers up to date, and that process was a huge drain on resources, time, and money.”

The Solution‍

Leveraging the Vendict platform has significantly enhanced operations by providing immediate relief through efficient time management and ensuring that all documents are up to date, organized, and easily accessible.

The AI engine has proven to be highly beneficial for the team. The Vendict platform is easy to use and configure, and its AI enrichment capabilities have further improved its effectiveness. Vendict’s technology has enabled us to save significant time by automating the comprehensive process of completing questionnaires.

The introduction of Vendict’s TPRM solution also provided additional necessary support, as the solution solved another piece of the puzzle. It further reduced our time spent on managing compliance by allowing us to implement a more intricate overall strategy.” Additionally, “the TPRM solution enabled us to leverage framework analysis features, such as those for ISO 27001 and SOC 2, which streamlined our compliance process and saved us considerable time during the review.

%%quote-1%%

Vendict's GRC Mentor offers detailed reviews and ratings of individual questions as well as entire questionnaires, helping to benchmark responses against industry standards. With intelligent suggestions for improvement, it enhances the quality of each and every response. “The GRC Mentor effectively identifies any missing data or potential issues, which improves the overall quality of our responses," Tomer added.‍

The Results

‍Since the implementation of Vendict, Tomer has observed a significant reduction in the time his team dedicates to completing security questionnaires.

%%quote-2%%

Vendict’s comprehensive approach, which covers both security questionnaires and TPRM, has delivered significant value to Similarweb’s operations.

As a CISO, focusing on tool consolidation is crucial; you want to avoid the hassle of switching between multiple applications. Having a single platform that manages security questionnaires, due diligence questionnaires (DDQs), and third-party risk management (TPRM) all in one place is incredibly valuable.

What’s Next for Similarweb and Vendict

‍Looking ahead, Tomer plans to expand Vendict’s use within SimilarWeb, extending its capabilities to the legal team to further streamline operations across departments.