SecurityScorecard Blog

Managing cyber risk is more critical now than ever before. The most challenging part of managing cyber risk is quantifying it to ensure that the organization adequately protects itself from the financial and reputation risk accomp... Keep Reading

How many times have you seen someone act like a cybersecurity threat couldn’t happen simply because it’s never happened before? “This organization has never been the victim of phishing. Our employees aren’t clicking suspicious lin... Keep Reading

As companies increasingly adopt Internet of Things (IoT) devices to enable business operations, they also adopt the risks associated with these technologies. According to research done by members of the IoT Cybersecurity Alliance ... Keep Reading

On May 12, 2021, President Biden issued an executive order (EO) that aims to add more transparency into the software supply chain with recommended best practices and a pilot program for consumer software labeling aimed at improvin... Keep Reading

Executive summary On May 7, 2021, Colonial Pipeline issued a statement that, due to a cyber-attack, they had partially shut down operations of their pipeline that supplies almost 50% of gasoline to the eastern United States. The ... Keep Reading

Organizations can no longer afford to wait until a threat is identified to start worrying about their cybersecurity risk management program. A cyber attack can cause a major business disruption across departments and severely impa... Keep Reading

SecurityScorecard is thrilled to announce that CRN®, a brand of The Channel Company, has named our very own Nicole Stavroff, Vice President of Worldwide Channels, for the second consecutive year to the highly respected Women of th... Keep Reading

Security ratings may seem simple — they provide you with an easy-to-understand assessment of your security posture, and the cybersecurity of other organizations, like vendors and suppliers. However, security ratings can be used ... Keep Reading

Earlier this year, commercial email solutions like Microsoft Exchange made security headlines with “ProxyLogon” vulnerabilities. Now the open-source world has entered its own window of exposure, with newly disclosed vulnerabilitie... Keep Reading

Phishing attacks have been around since the early days of the internet. Cybercriminals propagated the first phishing attacks in the mid-1990s, using the America Online (AOL) service to steal passwords and credit card information. ... Keep Reading