Unveiling TITAN AI: A New Era of Threat-Informed Third-Party Risk Management
Request a demo Get started for free

Resources

Cybersecurity white papers, data sheets, webinars, videos and more

Resource Library

Clear filters

Cybersecurity leadership in an era of public-private partnerships

May 14, 2024

Cybersecurity leadership in an era of public-private partnerships
SecurityScorecard recently hosted a webinar with our Co-founder and CEO, Dr. Aleksandr Yampolskiy, and Sue Gordon, the former Deputy Director of National Intelligence and SecurityScorecard board member. Gordon drew on her experience as a key advisor to the President and National Security Council… Read More
Public Sector
RSA 2024: The Art of Possible

May 13, 2024

RSA 2024: The Art of Possible
Our cybersecurity community. Stronger together.    “The best part of RSA is all the amazing people in the community trying to make the world a safer place. It’s also very exciting to see all the innovation to make adversaries’ lives harder – competition and collaboration… Read More
SecurityScorecard and Intel: Digging Past the Surface for Enhanced Protection

May 13, 2024

SecurityScorecard and Intel: Digging Past the Surface for Enhanced Protection
State of Affairs Threat actors have responded to better protections in the operating system and improved endpoint detection and response (EDR) capabilities by moving down the stack to find entry points with full visibility and privileges into the stack above. Security leaders implementing a defense-in-depth approach… Read More
Using Metrics that Matter to Protect Critical Infrastructure

May 10, 2024

Using Metrics that Matter to Protect Critical Infrastructure
Critical infrastructure services in North America face accelerating threats from both nation-states and other sophisticated threat actors. Governments globally are grappling with how to best balance incentives, support, and direct oversight. Meanwhile, critical infrastructure owners and operators face significant challenges with technology, staff resources, and expertise to… Read More
Public Sector
Security Ratings
Examining the Concentration of Cyber Risk: How supply chains and global economies can adapt

May 2, 2024

Examining the Concentration of Cyber Risk: How supply chains and global economies can adapt
Company mergers, the consolidation of cloud technologies, and the interconnected nature of digital business have all led to a more efficient, fast-paced digital economy. But these advantages have also ushered in a higher degree of cyber risk concentration that stands to threaten national security and global economies. It’s… Read More
Third-Party Risk Management
Insights from the Experts: Legal, Compliance, and Security Perspectives on SEC Regulations

April 26, 2024

Insights from the Experts: Legal, Compliance, and Security Perspectives on SEC Regulations
In July 2023, the U.S. Securities and Exchange Commission (SEC) announced new cybersecurity rules that require publicly traded companies in the U.S. to disclose material cybersecurity incidents within four business days of determining whether the incident is material to the company’s financial performance. SecurityScorecard recently… Read More
Public Sector
Cyberattack at Sisense Puts Critical Infrastructure on Alert

April 11, 2024

Cyberattack at Sisense Puts Critical Infrastructure on Alert
SecurityScorecard’s Threat Research STRIKE Team is investigating breaking news of a large-scale cyberattack on Sisense, a major business analytics software company used by both the private and public sectors.    The cybersecurity community woke up on Thursday to news of a cyberattack on Sisense… Read More
Public Sector
Change Healthcare Ransomware Attack Spotlights Single Point of Failure with Third-Party Vendor

April 10, 2024

Change Healthcare Ransomware Attack Spotlights Single Point of Failure with Third-Party Vendor
A core claims-processing unit of UnitedHealth Group was hit with a ransomware attack that cost some hospitals millions of dollars a day    The ongoing cyberattack on Change Healthcare, a major player in medical claims processing in the United States, had profound repercussions across the healthcare sector. With… Read More
Healthcare
Third-Party Risk Management
How SecurityScorecard STRIKE Identifies Zero Days in the Wild

April 9, 2024

How SecurityScorecard STRIKE Identifies Zero Days in the Wild
The zero-day vulnerability that emerged in Progress Software’s MOVEit Transfer product last year was a stark reminder of the real-world impact of such vulnerabilities. It wreaked havoc on businesses and governments worldwide, with cyber criminals exploiting it since May of 2023. Read More
Cyber Threat Intelligence
SecurityScorecard Unveils the Industry’s Most Predictive Cybersecurity Risk Ratings with Refined Scoring Algorithm

April 8, 2024

SecurityScorecard Unveils the Industry’s Most Predictive Cybersecurity Risk Ratings with Refined Scoring Algorithm
Now more than ever, the specter of cyber threats looms large over organizations of all sizes and sectors. The consequences of a data breach stemming from just one vulnerability can be catastrophic, ranging from financial losses to irreparable reputational damage. As businesses strive… Read More
Security Ratings
Examining NIST CSF 2.0: Everything you need to know

April 4, 2024

Examining NIST CSF 2.0: Everything you need to know
In 2014, the National Institute of Standards and Technology (NIST) released its Cybersecurity Framework (CSF) following a presidential executive order to help organizations better understand, reduce, and communicate cybersecurity risk. In the decade since its introduction, NIST CSF has become one of the… Read More
Executive Viewpoint
The Cybersecurity of the S&P 500: An in-depth analysis from SecurityScorecard

April 3, 2024

The Cybersecurity of the S&P 500: An in-depth analysis from SecurityScorecard
In fall 2023, the U.S. Securities and Exchange Commission (SEC) adopted landmark cybersecurity regulations, requiring public companies to disclose “material” cybersecurity incidents within four days. Prior to this, there were very few breach reporting requirements, leaving business leaders,… Read More
Security Ratings
Supply Chain Cyber Risk
NVD Database Crisis of 2024: What We Learned?

April 2, 2024

NVD Database Crisis of 2024: What We Learned?
Looking back at 2024, the cybersecurity community faced an unprecedented challenge when the National Vulnerability Database (NVD)—our industry’s most trusted source of vulnerability data for over two decades—experienced a series of critical issues that fundamentally changed how we think about vulnerability intelligence. As someone who’s worked… Read More
Services
Breaches Beyond Borders: The global landscape of third-party risk

March 27, 2024

Breaches Beyond Borders: The global landscape of third-party risk
While the digital landscape evolves, cyber adversaries are also honing their tactics, techniques, and procedures. In recent years, ransomware groups have made major disruptions to the digital supply chain and, by extension, the world economy. What’s more, organizations in all industries and geographies… Read More
Third-Party Risk Management
How to Avoid Online Tax Day Scams: Tips to protect your finances and data

March 25, 2024

How to Avoid Online Tax Day Scams: Tips to protect your finances and data
As Tax Day in the U.S. looms on the horizon, so too does the risk of falling victim to online scams. In 1986, the first year that e-filing was available, five people filed their returns electronically. Since then, the popularity of… Read More
Tech Center
Securing Samba Ports: Essential Practices for Safeguarding Your Network

March 25, 2024

Securing Samba Ports: Essential Practices for Safeguarding Your Network
In the vast and interconnected world of information technology, the security of network services and protocols is paramount for organizations of all sizes. Among these, Samba—a free software re-implementation of the SMB/CIFS networking protocol—plays a crucial role in facilitating file and print services across various operating… Read More
Tech Center
Proactive Measures to Prevent Data Theft

March 22, 2024

Proactive Measures to Prevent Data Theft
As the world becomes more and more digitally intertwined, the significance of data security cannot be overstated. Data theft, a critical threat to organizations worldwide, poses severe challenges, jeopardizing both reputational integrity and financial health. This blog post aims to dissect the concept of data theft, understand… Read More
Tech Center
What Is Port 445 (SMB)? Strategies for Secure Network Communication

March 22, 2024

What Is Port 445 (SMB)? Strategies for Secure Network Communication
In the intricate matrix of network communications, TCP port 445 stands as a crucial node, facilitating the swift and efficient exchange of resources like files and printer services between computers on the same network. Yet, its significance as a channel for… Read More
Tech Center
How Brand Protection Software Shields Your Reputation

March 22, 2024

How Brand Protection Software Shields Your Reputation
A company’s brand is its most valuable asset. A brand embodies the trust and recognition that has been earned over time. However, this asset is under constant threat from cybercriminals, counterfeiters, and other malicious actors. This is where brand protection software comes into play, offering a critical shield… Read More
Tech Center
What is Supply Chain Detection and Response (SCDR)?

March 21, 2024

What is Supply Chain Detection and Response (SCDR)?
A New Framework for Supplier Ecosystem Security What Is SCDR? Supply Chain Detection and Response (SCDR) is a new cybersecurity framework that identifies, prioritizes, and remediates vulnerabilities across an organization’s vendor ecosystem. Its purpose is preventing supply chain attacks from threat actors and mitigating concentration… Read More
Threat-Informed TPRM