SecurityScorecard Blog

While Vendor Risk Management (VRM) and Third Party Risk Management (TPRM) are often used interchangeably, they’re not always the same thing. And what about Enterprise Risk Management (ERM)?Risk management is extremely important wh... Keep Reading

As organizations adopt new digital technologies, their risk of being targeted in cyberattacks grows. The increased network complexity that comes as a result of digital innovation often creates new network gaps for cyber adversarie... Keep Reading

Third parties are a necessary part of most organizations’ business. They often provide crucial services — like billing, data storage, or sometimes mission-critical services — becoming an indispensable part of a company’s extended ... Keep Reading

With the Department of Defense (DoD) reporting annual losses of $600 billion in intellectual property through its digital supply chain, the need for a unified cybersecurity standard has become increasingly urgent. The soon-to-be-i... Keep Reading

Nearly all cybersecurity regulations and industry standards start with a risk assessment process. However, for many organizations, formalizing their series of risk reviews into an enterprise cyber risk management framework can fee... Keep Reading

The pharmaceutical industry has access to some of the most critical data available. That coupled with the industry’s strict privacy guidelines regarding the safeguarding of protected health information (PHI) highlights the sector’... Keep Reading

Way back in 2010, John Kindervag, Principal Analyst of Forrester Research, founded the Zero Trust Network model. Now, over a decade later, corporate executives around the world are increasingly implementing this innovative system ... Keep Reading

SecurityScorecard is thrilled to be partnering with Udacity to bring easily accessible cybersecurity education to the public and enterprises through the Introduction to Cybersecurity Nanodegree Program, Udacity’s first cybersecuri... Keep Reading

Engaging in due diligence before contracting with a vendor can be an overwhelming process, particularly as more cybersecurity laws enforce continuous monitoring. What used to consist solely of a point-in-time question and answer s... Keep Reading

Data breaches and ransomware attacks are constantly making news headlines yet C-suites are giving these risks little to no mind share. One survey found that more than three-quarters (76%) of C-level executives say that a cybersecu... Keep Reading