SecurityScorecard Blog

When organizations think about risk, they're often thinking about the risk they’d be exposed to without any security controls in place at all; a breach that happens in the absence of cybersecurity controls, for example, or a phish... Keep Reading

Updated on December 23, 2020 On December 17, 2020, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) released a follow-up alert regarding the SolarWinds/SUNBURST backdoor and compromises, stating, among other things,... Keep Reading

Leading enterprise-level concerns do not look the same today as they did years ago. As enterprise organizations adopt new technologies for their business, they also expand their digital attack surface and introduce additional netw... Keep Reading

If your organization works with third-party vendors, then it is essential that you establish a vendor risk management (VRM) system. This will help you better identify and respond to vulnerabilities within your vendor ecosystem, im... Keep Reading

Balancing information security with employee productivity and systems access often feels like a Sisyphean task. Just as the IT department manages to gain visibility and a semblance of control over the corporate digital ecosystem, ... Keep Reading

Cybersecurity monitoring is not a one-and-done, as attack surfaces and the methods used by malicious actors are constantly changing. By tracking the right metrics, Chief Information Security Officers (CISOs) can monitor the effect... Keep Reading

Just like many private sector organizations, federal government institutions are undergoing a digital transformation as they move data and applications to the cloud. While this shift can help to optimize and streamline operations,... Keep Reading

Users around the world adopt security ratings to understand risks that their own organization faces or their third parties may introduce. These risks include the threat of a breach. In a recent study, IBM and the Ponemon Institute... Keep Reading

Company leaders — particularly the C-suite and the board of directors — are tasked with deciding how much risk their organization should take on. It’s a natural part of leadership; the job of C-level executives is to guide and pro... Keep Reading

You can’t manage what you can’t measure. That goes for vulnerability management as much as any other part of your organization. Vulnerabilities can be overwhelming to manage. Unlike cyber threats, which come from outside your orga... Keep Reading