Cybersecurity white papers, data sheets, webinars, videos and more

January 23, 2024

SecurityScorecard’s Board Trends Report Provides Actionable Insight

With cyber attacks becoming increasingly prevalent, boards of directors and executives need to evaluate those risks and become more involved with cybersecurity. “In Gartner’s 2020 Board of Directors survey, 69% of respondents stated they view digital as the top business challenge for 2020 and 2021. Not only that, but 49%… Read More

Security Ratings

Supply Chain Cyber Risk

January 23, 2024

Decoding the Boardroom: A Fortune 500 CISO’s Guide to Winning Hearts and Budgets

In the high-stakes world of cybersecurity, one of the most daunting challenges faced by CISOs is the task of persuading their organization to invest in security capability. But in an age of worker shortages, cost-cutting measures, and a surge in third-party cyber risk at the enterprise level, CISOs need to get… Read More

Executive Viewpoint

Security Ratings

January 23, 2024

‘The Perfect Scorecard’ Focuses on Communication Between CISOs and the Board

In most companies today, there is a critical divide between the Chief of Information Security (CISO) and their board of directors. Our new book, The Perfect Scorecard: Getting an ‘A’ in Cybersecurity from your Board of Directors, is an attempt to close that gap. The Perfect Scorecard features insights from 17 leading… Read More

Security Ratings

January 23, 2024

Calculating the ROI of Security Ratings.

Calculating the return on investment (ROI) of any cybersecurity investment can be both overly simple and very complicated. While a good rule of thumb is to multiply the average cost of a data breach by the number of breaches an organization might reasonably expect within a certain amount of time,… Read More

Security Ratings

January 23, 2024

6 Cybersecurity Metrics Every CISO Should Monitor

Cybersecurity monitoring is not a one-and-done, as attack surfaces and the methods used by malicious actors are constantly changing. By tracking the right cybersecurity metrics, Chief Information Security Officers (CISOs) can monitor the effectiveness of security controls over time… Read More

Cyber Threat Intelligence

Security Ratings

Tech Center

January 17, 2024

Introducing Security Ratings for Telecommunications, Internet Service Providers, and Cloud Providers: Collaborating on enhancements with industry leaders

Telecommunications, Internet Service Providers, and Cloud Providers are some of the most critical sectors on the planet. They enable global connectivity, provide access to a wealth of information in real time, and transform business operations. As the foundation of modern communication, these industries have ushered in countless innovations and propelled… Read More

Security Ratings

January 17, 2024

The Ultimate Vendor Risk Management Checklist

Digital transformation increases the number of vendors that your organization incorporates into its IT ecosystem. Each third-party, however, increases your company’s cybersecurity risk. What used to be considered “trust but verify” has now become “verify then maybe trust.” Vendor due diligence is one of… Read More

Attack Surface Management

Tech Center

January 17, 2024

Cybersecurity Risk is a Business Risk: Upcoming SEC Regulations Make Security Transparency Mandatory

Nasdaq Trade Talks: Regulations Shine a Light on the CISO The upcoming cybersecurity regulations from the U.S. Securities and Exchange Commission (SEC) deliver a clear message: Cyber risk is a business risk. Slated to be finalized this fall, the regulations will directly link financial performance to cybersecurity through required public… Read More

Services

January 17, 2024

What is Cyber Risk Quantification? A Comprehensive Guide

As cybercriminals discover new ways to expand the threat landscape, cyber security professionals need to be able to predict their next move and stay ahead of evolving cyber threats. But in order to do so, businesses must be aware of their vulnerabilities, have a clear view of their cybersecurity… Read More

Cyber Insurance

Executive Viewpoint

Tech Center

January 17, 2024

SecurityScorecard Achieves FedRAMP® ‘Ready’ Designation

U.S. federal agencies positioned to adopt A to F letter-grade rating system SecurityScorecard is proud to announce that it has achieved the Ready Designation under the Federal Risk and Authorization Management Program (FedRAMP). This designation demonstrates SecurityScorecard’s commitment to the rigorous security standards required by the U.S. government for cloud… Read More

Public Sector

Security Ratings

January 16, 2024

Introducing the Cyber Resilience Scorecard: SecurityScorecard Finds Global Cyber Risk and GDP Closely Linked

This week at the World Economic Forum Annual Meeting, SecurityScorecard published the first Cyber Resilience Scorecard, offering leaders and decision-makers a comprehensive and global view of global cyber risk. SecurityScorecard identified a strong correlation between a country’s cyber risk exposure and GDP, which… Read More

Cyber Threat Intelligence

January 12, 2024

Threat Intelligence Research: Volt Typhoon Compromises 30% of Cisco RV320/325 Devices in 37 Days

As part of our effort to make the world safer, SecurityScorecard has been tracking threat actor groups conducting cyberattacks on behalf of nation states. The SecurityScorecard Threat Research, Intelligence, Knowledge, and Engagement (STRIKE) Team has been investigating covert infrastructure linked to Volt Typhoon (also known as Bronze Silhouette) following reports of new activity attributed… Read More

Cyber Threat Intelligence

January 10, 2024

Best Practices for Compliance Monitoring in Cybersecurity

Compliance is a key component to any cybersecurity program. However, due to the complex nature of laws and industry regulations, ensuring compliance is often very difficult for organizations. As non-compliance can result in considerable fines, organizations must be able to align their cybersecurity and compliance efforts. One way to do… Read More

Services

Tech Center

January 10, 2024

What is Continuous Cybersecurity Monitoring?

Moving away from on-premises applications and IT infrastructures as part of digital transformation strategies increases your digital footprint. The more connected cloud applications and services you add to your IT stack, the more potential risks you introduce because you’re expanding your attack surface. Cyber attacks… Read More

Tech Center

January 10, 2024

Top 7 Security Risks of Cloud Computing

Many businesses are shifting workloads to the cloud in an effort to increase efficiency and streamline workloads. In fact, according to the Flexera 2021 State of the Cloud Report, roughly 90% of enterprises anticipate cloud usage will expand even further as a result of COVID-19. While cloud computing… Read More

Tech Center

January 10, 2024

What Is a Cybersecurity Audit and Why Does it Matter?

As organizations embrace new digital technologies, the risk of cybersecurity threats is growing steadily. Digital transformation is increasing network complexity, which often creates security weaknesses and potential entry points for cyber adversaries to exploit. If left unaddressed, these cyber risks can disrupt business processes and harm goals. Therefore,… Read More

Tech Center

January 10, 2024

2025 Guide to Completing a Vendor Risk Management Questionnaire

Vendor risk management is increasingly crucial in 2025 as enterprises integrate more cloud-based solutions into their IT ecosystems. With this shift comes greater compliance risks, making the verification of vendors’ security controls and regular security audits essential. Understanding and managing these risks effectively requires ongoing communication with… Read More

Tech Center

January 10, 2024

Fortinet Fortigate Vulnerability CVE-2023-27997: How to Surface Exposed Devices and Mitigate the Threat

Recently, a critical vulnerability tracked as CVE-2023-27997 was identified in Fortinet Fortigate appliances. Fortinet makes some of the most popular firewall and VPN devices on the market, which makes them an attractive target for threat actors. This vulnerability has been exploited by the Chinese APT group Volt Typhoon, among others, targeting… Read More

Cyber Threat Intelligence

January 10, 2024

8 Types of Vendor Risks That Are Important to Monitor in 2025

Outsourcing operations to third-party vendors has become a popular business strategy as it allows organizations to save money and increase operational efficiencies. As the role of third-party vendors expands, having vendor management processes in place becomes key to organizational success. Effective vendor management processes ensure not only cost efficiency but also… Read More

Tech Center

January 10, 2024

5 Ways to Meet Regulatory Compliance and Standards Requirements

Compliance isn’t easy: it’s expensive, time consuming, and regulations are constantly changing. It may be hard to get buy-in from employees or leadership who see compliance as a barrier to productivity, and it may also be difficult to know when your organization falls out of compliance. But if you’re doing… Read More

Tech Center