Cybersecurity white papers, data sheets, webinars, videos and more

February 5, 2024

Bolstering Cyber Resilience in the US Water Sector: A Call to Action

Tomorrow, February 6, 2024, the House Homeland Security Committee will hold a hearing on securing US water systems from cyberattacks. Following last year’s widely publicized attack on the municipal water system in Aliquippa, Pennsylvania, Congress, the Cybersecurity and Infrastructure Security Agency (CISA), and… Read More

Executive Viewpoint

February 2, 2024

SecurityScorecard introduces new partner certifications

As cited by the new SEC cybersecurity incident disclosure requirements, 98% of organizations have relationships with at least one breached third party. Consequently, many organizations are looking to manage supply chain cyber risk across their third parties and the entire digital ecosystem. Recognizing this challenge, SecurityScorecard is excited to… Read More

Supply Chain Cyber Risk

February 1, 2024

From Confusion to Clarity: Red Sift Breaks Down Google and Yahoo’s Email Security Requirements

Many people around the world right now are confused as to whether their organization is ready for Google and Yahoo’s new requirements for bulk senders.  So don’t worry, you’re not alone.  Back in October the announcement was made that… Read More

Supply Chain Cyber Risk

February 1, 2024

Decoding Cyber Security Innovations with SecurityScorecard CEO Alex Yampolskiy

As part of a multi-part series with NightDragon, Nasdaq, and J.P. Morgan, SecurityScorecard founder and CEO Dr. Aleksandr Yampolskiy sat down with NightDragon CEO Dave DeWalt and unveiled his deep-rooted passion for cybersecurity. Tracing back to an early encounter with a computer virus… Read More

Executive Viewpoint

January 26, 2024

SecurityScorecard Returns to the World Economic Forum’s Annual Meeting: Our Top 5 Insights

Last week, SecurityScorecard was invited back to participate in the World Economic Forum’s Annual Meeting in Davos, Switzerland. It was a tremendous honor and, once again, we were the only security ratings company present (and one of the few cybersecurity companies).   Our team spent the week… Read More

Executive Viewpoint

January 25, 2024

The Evolution of CISOs and Security Ratings

In the CISO community, security ratings are usually loved or hated—there’s rarely a middle ground. I have many friends who want nothing to do with security ratings and others that use them as part of their core strategy. This is understandable in some sense because in the early… Read More

Executive Viewpoint

Security Ratings

January 25, 2024

Leveraging Collaboration and Transparency: How CISOs Can Comply With New SEC Regulations

A standard unit of measurement and transparency helps CISOs create a common language to communicate vulnerabilities in their environment as well as those of their third and fourth parties.   As we kick off 2024, CISOs at public companies will certainly be thinking of… Read More

Services

January 25, 2024

Introducing SecurityScorecard MAX

What keeps CISOs up at night? The extended, often unsecured, ever-changing attack surface of critical supply chain vendors providing an unmonitored pathway into their enterprise.  Emerging zero-day vulnerabilities, like MOVEit and SolarWinds, are time-sensitive issues that require immediate attention by security teams that are often over-burdened with… Read More

Cyber Threat Intelligence

Services

January 23, 2024

A Shared Language to Improve Ecosystem Cybersecurity Risks

Visionaries and innovators, historically, must find a common language to support their futuristic ideas. Long recognized as a financial innovator, Alexander Hamilton was also a technological visionary. In his 1791 Report on Manufactures, Hamilton argued that enabling the manufacturing base would benefit the agricultural community by creating a demand for an… Read More

Cyber Threat Intelligence

January 23, 2024

SecurityScorecard’s Board Trends Report Provides Actionable Insight

With cyber attacks becoming increasingly prevalent, boards of directors and executives need to evaluate those risks and become more involved with cybersecurity. “In Gartner’s 2020 Board of Directors survey, 69% of respondents stated they view digital as the top business challenge for 2020 and 2021. Not only that, but 49%… Read More

Security Ratings

Supply Chain Cyber Risk

January 23, 2024

Decoding the Boardroom: A Fortune 500 CISO’s Guide to Winning Hearts and Budgets

In the high-stakes world of cybersecurity, one of the most daunting challenges faced by CISOs is the task of persuading their organization to invest in security capability. But in an age of worker shortages, cost-cutting measures, and a surge in third-party cyber risk at the enterprise level, CISOs need to get… Read More

Executive Viewpoint

Security Ratings

January 23, 2024

‘The Perfect Scorecard’ Focuses on Communication Between CISOs and the Board

In most companies today, there is a critical divide between the Chief of Information Security (CISO) and their board of directors. Our new book, The Perfect Scorecard: Getting an ‘A’ in Cybersecurity from your Board of Directors, is an attempt to close that gap. The Perfect Scorecard features insights from 17 leading… Read More

Security Ratings

January 23, 2024

Calculating the ROI of Security Ratings.

Calculating the return on investment (ROI) of any cybersecurity investment can be both overly simple and very complicated. While a good rule of thumb is to multiply the average cost of a data breach by the number of breaches an organization might reasonably expect within a certain amount of time,… Read More

Security Ratings

January 23, 2024

6 Cybersecurity Metrics Every CISO Should Monitor

Cybersecurity monitoring is not a one-and-done, as attack surfaces and the methods used by malicious actors are constantly changing. By tracking the right cybersecurity metrics, Chief Information Security Officers (CISOs) can monitor the effectiveness of security controls over time… Read More

Cyber Threat Intelligence

Security Ratings

Tech Center

January 17, 2024

Introducing Security Ratings for Telecommunications, Internet Service Providers, and Cloud Providers: Collaborating on enhancements with industry leaders

Telecommunications, Internet Service Providers, and Cloud Providers are some of the most critical sectors on the planet. They enable global connectivity, provide access to a wealth of information in real time, and transform business operations. As the foundation of modern communication, these industries have ushered in countless innovations and propelled… Read More

Security Ratings

January 17, 2024

The Ultimate Vendor Risk Management Checklist

Digital transformation increases the number of vendors that your organization incorporates into its IT ecosystem. Each third-party, however, increases your company’s cybersecurity risk. What used to be considered “trust but verify” has now become “verify then maybe trust.” Vendor due diligence is one of… Read More

Attack Surface Management

Tech Center

January 17, 2024

Cybersecurity Risk is a Business Risk: Upcoming SEC Regulations Make Security Transparency Mandatory

Nasdaq Trade Talks: Regulations Shine a Light on the CISO The upcoming cybersecurity regulations from the U.S. Securities and Exchange Commission (SEC) deliver a clear message: Cyber risk is a business risk. Slated to be finalized this fall, the regulations will directly link financial performance to cybersecurity through required public… Read More

Services

January 17, 2024

What is Cyber Risk Quantification? A Comprehensive Guide

As cybercriminals discover new ways to expand the threat landscape, cyber security professionals need to be able to predict their next move and stay ahead of evolving cyber threats. But in order to do so, businesses must be aware of their vulnerabilities, have a clear view of their cybersecurity… Read More

Cyber Insurance

Executive Viewpoint

Tech Center

January 17, 2024

SecurityScorecard Achieves FedRAMP® ‘Ready’ Designation

U.S. federal agencies positioned to adopt A to F letter-grade rating system SecurityScorecard is proud to announce that it has achieved the Ready Designation under the Federal Risk and Authorization Management Program (FedRAMP). This designation demonstrates SecurityScorecard’s commitment to the rigorous security standards required by the U.S. government for cloud… Read More

Public Sector

Security Ratings

January 16, 2024

Introducing the Cyber Resilience Scorecard: SecurityScorecard Finds Global Cyber Risk and GDP Closely Linked

This week at the World Economic Forum Annual Meeting, SecurityScorecard published the first Cyber Resilience Scorecard, offering leaders and decision-makers a comprehensive and global view of global cyber risk. SecurityScorecard identified a strong correlation between a country’s cyber risk exposure and GDP, which… Read More

Cyber Threat Intelligence

January 12, 2024

Threat Intelligence Research: Volt Typhoon Compromises 30% of Cisco RV320/325 Devices in 37 Days

As part of our effort to make the world safer, SecurityScorecard has been tracking threat actor groups conducting cyberattacks on behalf of nation states. The SecurityScorecard Threat Research, Intelligence, Knowledge, and Engagement (STRIKE) Team has been investigating covert infrastructure linked to Volt Typhoon (also known as Bronze Silhouette) following reports of new activity attributed… Read More

Cyber Threat Intelligence