Cybersecurity white papers, data sheets, webinars, videos and more

January 10, 2024

What is Third Party Due Diligence? What You Should Know

Due diligence is one of the most important steps before starting a partnership with a third-party business, as it reveals any hidden risks or vulnerabilities that could harm your network. In this blog, we will define third-party due diligence, explore the benefits of conducting cybersecurity due diligence,… Read More

Tech Center

January 10, 2024

JBS Ransomware Attack Started in March and Much Larger in Scope than Previously Identified

SecurityScorecard also found that 1 in 5 of the world’s food processing, production, and distribution companies rated have a known vulnerability in their exposed Internet assets Key insights Using SecurityScorecard’s proprietary tools, our Investigations & Analysis (I&A) team observed the following: The JBS campaign began with a reconnaissance phase in… Read More

Cyber Threat Intelligence

STRIKE Team

January 9, 2024

3 Takeaways: New SEC Cyber Risk Disclosure Rules

New rules require a detailed assessment of supply chain and organizational resilience Yesterday the US Securities and Exchange Commission (SEC) voted 3-2 to issue long-awaited regulations that mandate uniform cyber incident disclosures for public companies. The SEC’s rulemaking progress has been lengthy and controversial, and cybersecurity experts and business advocates have… Read More

Services

January 9, 2024

The Evolution of Cybersecurity Solutions and Threats

In 1970, the world experienced its first “cyber attack” – What first started as a harmless joke, paved the way for a new wave of criminality – cybercrime. Since then, attacks have become more sophisticated with the use of malware, ransomware, and phishing attacks, among … Read More

Cyber Threat Intelligence

Security Ratings

January 9, 2024

Top 5 Security Vulnerabilities of 2023

Why 2023 is a year of ‘digital forest fires’: New Attack Surface Intelligence Research from SecurityScorecard 2023 is a year of “digital forest fires.” The MOVEit and the Barracuda Networks’ email supply chain attacks underscore the massive butterfly effect a single software flaw can have on the threat landscape. Supply… Read More

Cyber Threat Intelligence

Supply Chain Cyber Risk

January 9, 2024

8 Top Strategies for Cybersecurity Risk Mitigation

In recent years, there has been a clear rise in threat volume and sophistication as many cybercriminals shift to techniques that can effectively evade detection and easily go after high-value targets. IoT devices are becoming a focus for threat actors, and threats related to credential harvesting and ransomware are also… Read More

Tech Center

January 9, 2024

What is the CIA Triad? Definition, Importance, & Examples

Confidentiality, Integrity, and Availability. These are the three core components of the CIA triad, an information security model meant to guide an organization’s security procedures and policies. While people outside the information security community might hear the phrase “CIA Triad” and… Read More

Tech Center

January 5, 2024

2025 Third-Party Vendor Risk Management in the Financial Industry

Due to their extensive reliance on third-party vendors, financial institutions face heightened cyber risks in 2024. These vendors are integral to their operations but can also become potential cybersecurity weak points. The growing dependency on these vendor relationships  necessitates robust third-party vendor risk management… Read More

Tech Center

January 5, 2024

What is Cyber Attack Insurance? Best Practices for Protection

Businesses of all sizes are becoming increasingly reliant on technology to conduct their operations efficiently. While technology offers numerous benefits, it also exposes organizations to growing digital threats, including phishing attacks, malware infections, and sophisticated social engineering campaigns. As the frequency and sophistication… Read More

Cyber Insurance

Executive Viewpoint

Tech Center

January 4, 2024

The Most Important Security Metrics to Maintain Compliance: Best Practices for Prioritizing Cyber Resilience

With the recent surge of high-profile data breaches, supply chain vulnerabilities (SolarWinds, Log4j, and  MOVEit, most notably), and targeted cyberattacks, the digital world is becoming increasingly precarious. At the same time, consumers are increasingly sharing sensitive data with companies in exchange for convenience and efficiency. For these reasons, organizations have a growing… Read More

Security Ratings

Tech Center

January 3, 2024

In-Depth Review: How SecurityScorecard Stacks Up Against UpGuard in 2024

In the dynamic world of cybersecurity, choosing the right platform can be pivotal for an organization’s digital safety. As we delve into 2024, two major players, SecurityScorecard and UpGuard, continue to make waves. This in-depth review compares these two companies and highlights how SecurityScorecard’s offerings often outshine those of… Read More

Security Ratings

December 14, 2023

Optimizing Incident Response with Advanced Threat Intelligence

In today’s cyber landscape, rapid and effective incident response is crucial for organizations to mitigate the impact of cyber attacks. Advanced Threat Intelligence (ATI) is emerging as a key player in enhancing incident response strategies. This blog post aims to elucidate how modern threat intelligence tools refine and improve these strategies, equipping… Read More

Cyber Threat Intelligence

Tech Center

November 9, 2023

What are Tabletop Exercises?

According to the latest IBM Cost of a Data Breach Report, the average breach costs $4.35M per incident, climbing by 12.7% (from 3.86 million USD) in IBM’s 2020 report. This does not account for lost business opportunities and lingering reputational damage. One of the best ways to prepare your… Read More

Services

Tech Center

October 12, 2023

SecurityScorecard Cybersecurity Data Incorporated into S&P Global Market Intelligence’s Newly Launched Supplier Risk Indicator™

Harnessing Metrics to Minimize Supply Chain Risk The world around us is often a reflection of who we are and what we value. The same can be said for businesses. It’s no longer enough to be resilient, trustworthy, and secure your own organization; the companies you do business… Read More

Services

September 28, 2023

Qualitative vs. Quantitative Cybersecurity Risk Assessment: What’s the Difference?

Risk mitigation is at the heart of cybersecurity. By connecting to the Internet, implementing upgraded IT systems, or adding a new vendor to your organization, you are automatically exposing your business to some level of cyber risk. With outsourcing on the rise and a growing reliance on vendors who are… Read More

Tech Center

September 20, 2023

What is the Cost of Cyber Liability Insurance?

In today’s digital age, where businesses rely heavily on technology and data, the risk of cyberattacks and data breaches has become a constant concern. These incidents can lead to significant financial losses, damage to a company’s reputation, and even legal liabilities. To mitigate these risks, many businesses turn to cyber liability insurance. But… Read More

Cyber Insurance

Executive Viewpoint

Tech Center

September 12, 2023

Using a Standardized Approach for Measuring Cybersecurity in Government

Last week at the annual Billington CyberSecurity Summit in Washington, DC, officials from government agencies gathered with industry leaders to discuss cyber threats, as well as geopolitics and issues of national security. One of the highlights was a fireside chat on Friday with Anne Neuberger, deputy national security adviser for… Read More

Public Sector

August 15, 2023

6 Myths About Cybersecurity Ratings (and 1 Truth): The Current State Of The Cybersecurity Ratings Industry And Where It Can Improve

Today, electricity is so ubiquitous that it’s difficult to perform even basic tasks without it. But when electricity was first introduced, it took decades for broad acceptance and adoption because it was misunderstood and misused. Slowly, the benefits began to outweigh the cons. As with any innovation, there are setbacks,… Read More

Security Ratings

July 12, 2023

What is Cyber Threat Hunting?

Cyber threat hunting is a proactive security strategy that involves searching for threats within a network before they can cause significant damage. Unlike traditional methods, which are reactive and wait for an alert before taking action, threat hunters seek to actively identify and mitigate hidden threats that have… Read More

Cyber Threat Intelligence

Tech Center

June 20, 2023

SecurityScorecard Identifies Infrastructure Linked to Widespread MOVEit Vulnerability Exploitation

Executive Summary Following our initial efforts to identify detections and mitigations for the new vulnerability affecting the MOVEit file transfer service, SecurityScorecard has continued investigating the potential impacts of the exploit and identified a population of MOVEit servers that threat actors likely compromised. Our continued investigation revealed the presence of the… Read More

Cyber Threat Intelligence