Cybersecurity threats are on the rise. Over the past year, we’ve observed a 148% increase in ransomware attacks and an 85% increase in phishing attacks targeting remote users. Worse still, these attacks are growing increasingly sophisticated, with threat actors using eight or more vectors in the same attack, often deploying multiple vectors within minutes of one another. In short: it’s pretty bad out there, and effective cybersecurity has never been more important—especially to the nation’s critical infrastructure and global supply chains.
That’s why SecurityScorecard is announcing an ambitious new goal to train and certify 25,000 supply chain risk professionals by the end of 2023. SecurityScorecard is proud to join organizations like Microsoft, Google, IBM, and Amazon in pledging new investment in cybersecurity training to support the White House’s national and international cybersecurity initiatives.
The threat landscape is expanding
Supply chain attacks are on the rise, and attackers have had considerable success breaching organizations through their partners and vendors. Many of this year’s major breaches fall into this category, including the SolarWinds attack and the Kaseya incident. In the case of SolarWinds, attackers purposefully targeted them to breach both public and private organizations across the world. And this is not a small-scale problem: Kaspersky estimates that today, as high as 75% of cyber attacks happen due to vulnerabilities in third-party applications.
“SolarWinds was a wake-up call for a lot of organizations,” says Mark Weatherford, former Deputy Under Secretary for Cybersecurity at DHS. “Third-party attacks are notoriously difficult to stop, but providing employees with the proper education and training can make a significant difference. Today, it isn’t just about having the right tools—it’s also about having the right knowledge and knowing how and where to apply it.”
This is an area where SecurityScorecard can help. To protect themselves from third-party attacks, organizations need two things: the resources to continuously monitor their supply chains and the training to effectively use those resources to remediate any vulnerabilities that they find. The SecurityScorecard platform can help with the former, but now it’s time to address the latter.
Introducing the SecurityScorecard Academy
SecurityScorecard Academy offers live and self-paced certification courses about supply chain risk management for large enterprises, small and mid-sized businesses, and government agencies.


Courses range from 1-4 hours and are priced between $195 and $695. At the end of each course, students take a certification exam, after which they can post a certification badge on their LinkedIn profile.
The courses will be offered in four languages (English, French, Portuguese and Japanese) with live training days taught in virtual classrooms in local time zones.
As part of our mission to train and certify 25,000 people by the end of 2023, SecurityScorecard courses are being made available for free to employees at government agencies in the U.S., at the federal, state, and local level. Registration is open now for these free government courses:


Get started with Academy
Self-paced certification courses will be available through SecurityScorecard Academy when it opens on November 16th, with live classes beginning in January. Whether you are an organizational leader seeking to improve your enterprise’s security posture or a cybersecurity expert seeking professional development opportunities, these courses will provide the education and training needed to address today’s most dangerous supply chain threats.

