SecurityScorecard Blog

Media attention to high profile breaches has left consumers questioning whom they can trust. According to Privacy Rights Clearinghouse's Chronology of Data Breaches, the total number of records breached containing personal and oth... Keep Reading

As a business owner, you often work with vendors or third-party suppliers whose information technology solutions ease your business processes.. For example, you might need a web application to provide employees with remote working... Keep Reading

By Aleksandr Yampolskiy(Originally published on LinkedIn on June 12) Summer is a great time to catch up on reading at the beach. Here are my six recommendations for books, related to cyber security, which I couldn’t put down. ... Keep Reading

Organizations conduct due diligence into the third-party's ecosystem and security, but to truly protect themselves, they must audit and continuously monitor their vendors. Not only do organizations audit their vendors, but standar... Keep Reading

Level the Playing Field with a Vendor Risk Assessment Template Two facts have radically transformed vendor risk management and the need for templates in third party risk assessments: There’s increased awareness that vendors are ... Keep Reading

As third party breaches rise, so does fourth party risk. Visibility into "fourth party" risks is a must-have part of a mature VRM program. So you have prioritized your vendor assessments and established a centralized vendor risk ... Keep Reading

Fouad Khalil, Head of Compliance at SecurityScorecard, reflects on the preparedness of organizations on the day GDPR officially goes into effect. ... Keep Reading

Formulating an IT security risk assessment methodology is a key part of building a robust and effective information security program. Formal methodologies have been created and accepted as industry best practice when standing up a... Keep Reading

Point-in-time assessments are outdated as soon as they're made. They don't take into account changes in security posture. If a vendor is breached, you might not know until your vendor decides to alert you—or until the next a... Keep Reading

The vendor risk management (VRM) process is broken. Vendor security risk management continuously evaluates and monitors third parties ensuring alignment with an organization’s security requirements while holding them accountable f... Keep Reading