Cybersecurity white papers, data sheets, webinars, videos and more

April 8, 2024

SecurityScorecard Unveils the Industry’s Most Predictive Cybersecurity Risk Ratings with Refined Scoring Algorithm

Now more than ever, the specter of cyber threats looms large over organizations of all sizes and sectors. The consequences of a data breach stemming from just one vulnerability can be catastrophic, ranging from financial losses to irreparable reputational damage. As businesses strive… Read More

Security Ratings

April 4, 2024

Examining NIST CSF 2.0: Everything you need to know

In 2014, the National Institute of Standards and Technology (NIST) released its Cybersecurity Framework (CSF) following a presidential executive order to help organizations better understand, reduce, and communicate cybersecurity risk. In the decade since its introduction, NIST CSF has become one of the… Read More

Executive Viewpoint

April 3, 2024

The Cybersecurity of the S&P 500: An in-depth analysis from SecurityScorecard

In fall 2023, the U.S. Securities and Exchange Commission (SEC) adopted landmark cybersecurity regulations, requiring public companies to disclose “material” cybersecurity incidents within four days. Prior to this, there were very few breach reporting requirements, leaving business leaders,… Read More

Security Ratings

Supply Chain Cyber Risk

April 2, 2024

NVD Database Crisis of 2024: What We Learned?

Looking back at 2024, the cybersecurity community faced an unprecedented challenge when the National Vulnerability Database (NVD)—our industry’s most trusted source of vulnerability data for over two decades—experienced a series of critical issues that fundamentally changed how we think about vulnerability intelligence. As someone who’s worked… Read More

Services

March 27, 2024

Breaches Beyond Borders: The global landscape of third-party risk

While the digital landscape evolves, cyber adversaries are also honing their tactics, techniques, and procedures. In recent years, ransomware groups have made major disruptions to the digital supply chain and, by extension, the world economy. What’s more, organizations in all industries and geographies… Read More

Third-Party Risk Management

March 25, 2024

How to Avoid Online Tax Day Scams: Tips to protect your finances and data

As Tax Day in the U.S. looms on the horizon, so too does the risk of falling victim to online scams. In 1986, the first year that e-filing was available, five people filed their returns electronically. Since then, the popularity of… Read More

Tech Center

March 25, 2024

Securing Samba Ports: Essential Practices for Safeguarding Your Network

In the vast and interconnected world of information technology, the security of network services and protocols is paramount for organizations of all sizes. Among these, Samba—a free software re-implementation of the SMB/CIFS networking protocol—plays a crucial role in facilitating file and print services across various operating… Read More

Tech Center

March 22, 2024

Proactive Measures to Prevent Data Theft

As the world becomes more and more digitally intertwined, the significance of data security cannot be overstated. Data theft, a critical threat to organizations worldwide, poses severe challenges, jeopardizing both reputational integrity and financial health. This blog post aims to dissect the concept of data theft, understand… Read More

Tech Center

March 22, 2024

What Is Port 445 (SMB)? Strategies for Secure Network Communication

In the intricate matrix of network communications, TCP port 445 stands as a crucial node, facilitating the swift and efficient exchange of resources like files and printer services between computers on the same network. Yet, its significance as a channel for… Read More

Tech Center

March 22, 2024

How Brand Protection Software Shields Your Reputation

A company’s brand is its most valuable asset. A brand embodies the trust and recognition that has been earned over time. However, this asset is under constant threat from cybercriminals, counterfeiters, and other malicious actors. This is where brand protection software comes into play, offering a critical shield… Read More

Tech Center

March 21, 2024

What is Supply Chain Detection and Response (SCDR)?

A New Framework for Supplier Ecosystem Security What Is SCDR? Supply Chain Detection and Response (SCDR) is a new cybersecurity framework that identifies, prioritizes, and remediates vulnerabilities across an organization’s vendor ecosystem. Its purpose is preventing supply chain attacks from threat actors and mitigating concentration… Read More

Threat-Informed TPRM

March 21, 2024

Why metrics—and context—matter: How CISOs can measure and communicate cyber resilience

Cyberattacks in the digital supply chain are now some of the most common cyber incidents today, with many of the recent major breaches resulting from a single vulnerability. Because of the rapid pace and scale of these attacks,… Read More

Executive Viewpoint

Security Ratings

March 20, 2024

From Brackets to Breaches: Securing Your Network Against March Madness Scams

As March Madness sweeps across the nation, the excitement and frenzy associated with the NCAA Basketball Tournament also ushers in a season ripe for cyber threats. This annual college basketball tournament, beloved by millions, creates a unique environment that cybercriminals exploit to launch sophisticated social engineering… Read More

Supply Chain Cyber Risk

March 20, 2024

Harnessing the Power of Artificial Intelligence: A closer look at the European Union’s new landmark legislation

Artificial intelligence (AI) has become one of the most transformative forces of our time. From the mundane tasks of everyday life to the complexities of global industries, artificial intelligence continues to permeate every aspect of society, reshaping how we live, work, and interact. The growing importance of AI is not… Read More

Executive Viewpoint

Public Sector

March 19, 2024

Celebrating Cybersecurity Excellence: Forbes Most Cybersecure Banks, 2024

To recognize best-in-class consumer financial institutions and their Chief Information Security Officers (CISOs), Forbes just released its 2024 list of the top 50 consumer banks with the most robust cybersecurity. Together with Forbes, we are proud to recognize top CISOs and their dedication to safeguarding customer data. … Read More

Security Ratings

March 18, 2024

What are Security Ratings?

A security rating (also known as a cybersecurity rating) is a quantifiable measurement of an organization’s security posture, enabling insightful and data-driven decisions around the security performance of an organization and their third-party vendors. SecurityScorecard offers easy-to-understand A-F security ratings driven by ten groups of risk factors. As the economy moves… Read More

Tech Center

March 13, 2024

Third-party Cybersecurity Incident Response Readiness Plan

Software supply chain flaws help attackers scale Given recent massive one-to-many breaches like MOVEit, a company’s ability to respond effectively to supply chain vulnerabilities is critical. Software supply chain flaws help threat actors scale, and attackers will go directly through your vendors if they can’t access… Read More

Third-Party Risk Management

March 12, 2024

Infosys McCamish Systems Third-Party Breach: Possible Attack Vectors and Infrastructure

In response to the identification of Infosys McCamish Systems (IMS) as the point of origin for a third-party data breach claimed by the LockBit ransomware group, SecurityScorecard researchers reviewed findings on the security hygiene of IMS. Our investigation identified attack vectors that the perpetrators could have used in… Read More

Cyber Threat Intelligence

March 12, 2024

Forrester Includes SecurityScorecard in Cybersecurity Risk Ratings (CRR) Landscape Report

Recent high-profile data breaches attributed to SolarWinds, Log4j, MOVEit, and more have demonstrated that the world still lacks a standard framework to measure cyber risk. Cybercriminals continue to exploit the trusted relationships between companies and their third-party suppliers and vendors… Read More

Security Ratings

March 8, 2024

Choosing Your Code Repository: Navigating the Security Landscape of Bitbucket vs GitHub

Why Code Repository Security Is Under Scrutiny in 2025 Source code is one of the most valuable digital assets an enterprise owns. In 2025, the risks tied to exposed, leaked, or tampered code are higher than ever. From supply chain compromise to intellectual property (IP) theft, code… Read More

Tech Center

March 8, 2024

Defender for Endpoint: Transforming Endpoint Security with Advanced Threat Protection

In an era where cyber threats are becoming increasingly sophisticated and pervasive, securing endpoints is paramount. Microsoft Defender for Endpoint emerges as a key player in the cybersecurity arena, offering comprehensive protection against a wide array of threats. This blog post delves into how Defender for Endpoint… Read More

Tech Center