Unveiling TITAN AI: A New Era of Threat-Informed Third-Party Risk Management
Request a demo Get started for free

Resources

Cybersecurity white papers, data sheets, webinars, videos and more

Resource Library

Clear filters

What is Lateral Movement in Cybersecurity?

December 12, 2025

What is Lateral Movement in Cybersecurity?
Lateral movement is a technique used by cybercriminals to progressively move through a network as they search for sensitive data and assets. Once an initial device is compromised, attackers use lateral movement to expand their access, control, and ultimately, the overall impact of the breach. Understanding how lateral… Read More
Operation WrtHug Exposed: The Router Hack You Need to Know

December 10, 2025

Operation WrtHug Exposed: The Router Hack You Need to Know
Why Router Hacking Is Not Just a Patching Issue Your home router can become someone else’s covert infrastructure without you ever noticing. SecurityScorecard’s Field Chief Threat Intelligence Officer Ryan Sherstobitoff, Security Researcher Gilad Maizles, and Signals Collection Engineer Marty Kareem joined SecurityScorecard’s Senior Content Writer Shannon Vavra to… Read More
CISA’s New AI Guidance: The Leadership Imperative for OT Supply Chain Security

December 9, 2025

CISA’s New AI Guidance: The Leadership Imperative for OT Supply Chain Security
The release of the joint CISA-led guidance on integrating Artificial Intelligence (AI) into Operational Technology (OT) marks a pivotal moment in cyber governance. This is more than a technical advisory; it is a clear articulation of federal expectation: the security of critical infrastructure now depends on rigorous, verifiable… Read More
Ho-Ho-Hold On: CISO Steve Cobb Shares Cyber Santa’s Guide to Safe Holiday Shopping

December 8, 2025

Ho-Ho-Hold On: CISO Steve Cobb Shares Cyber Santa’s Guide to Safe Holiday Shopping
What Holiday Scammers Are Doing This Season SecurityScorecard CISO Steve Cobb joined FOX Houston to discuss how shoppers can protect themselves from a growing wave of online holiday scams. During the segment, Cobb outlined the most common scam tactics SecurityScorecard sees emerging this season, from malware to mimicked… Read More
CISO
Proactive TPRM: How To Automate Vendor Risk Management with SecurityScorecard and ServiceNow

December 5, 2025

Proactive TPRM: How To Automate Vendor Risk Management with SecurityScorecard and ServiceNow
How to Shift from Compliance to Continuous Response with SecurityScorecard and ServiceNow For GRC (Governance, Risk, and Compliance) managers, the days of relying on annual assessments for vendor oversight are over. A single breach can unfold in hours, long before the next scheduled audit. Read More
Canada’s Warning on Critical Infrastructure Threats Underscores a Growing North American Challenge

December 5, 2025

Canada’s Warning on Critical Infrastructure Threats Underscores a Growing North American Challenge
A recent report from Industrial Cyber highlights a significant alert issued by the Canadian Centre for Cyber Security: nation-state actors and organized criminal groups are escalating their targeting of critical infrastructure sectors. This concern was reinforced in a November 26, 2025 joint statement… Read More
How To Translate Cyber Risk for the C-Suite with Diligent and SecurityScorecard

December 5, 2025

How To Translate Cyber Risk for the C-Suite with Diligent and SecurityScorecard
How To Translate Technical Data to Board Strategy with SecurityScorecard and Diligent Boards of Directors and the C-Suite demand clear, continuous visibility into cyber risk, particularly across increasingly complex vendor ecosystems. However, the unfortunate reality is that missed third-party risks can lead directly to operational disruptions and financial… Read More
How CMMC 2.0 Sets a New Standard for Cyber Readiness Across the Defense Industrial Base

December 5, 2025

How CMMC 2.0 Sets a New Standard for Cyber Readiness Across the Defense Industrial Base
As 2025 draws to a close, the Cybersecurity Maturity Model Certification (CMMC) 2.0 is no longer just a proposal. The framework that is pushing organizations from periodic compliance checks to ongoing security monitoring is the new reality for the defense industrial base (DIB). Read More
Why Customers Choose SecurityScorecard over Black Kite

December 5, 2025

Why Customers Choose SecurityScorecard over Black Kite
SecurityScorecard Black Kite Limitations Industry Recognition SecurityScorecard is strongly positioned in the “Leaders” category of the Forrester Wave for Cybersecurity Risk Ratings, and is recognized as having a strong market presence. Black Kite failed to reach the “Leaders” category of the Forrester… Read More
Why Customers Choose SecurityScorecard over Upguard

December 5, 2025

Why Customers Choose SecurityScorecard over Upguard
SecurityScorecard  UpGuard Industry Recognition SecurityScorecard is strongly positioned in the “Leaders” category of the Forrester Wave for Cybersecurity Risk Ratings, and is recognized as having a strong market presence. Upguard failed to reach the “Leaders” category of the… Read More
Why Customers Choose SecurityScorecard over Bitsight

December 5, 2025

Why Customers Choose SecurityScorecard over Bitsight
SecurityScorecard  Bitsight Ratings Quality & Coverage Superior ratings quality with broader assessment capabilities; real-time updates and published accuracy data daily. Refresh Periods can be 30 days or longer unless manually requested; resulting in less frequent updates to issues and findings. Data Ownership Owns and… Read More
Dr. Aleksandr Yampolskiy’s Advice to Columbia University’s Future Cyber Leaders

December 5, 2025

Dr. Aleksandr Yampolskiy’s Advice to Columbia University’s Future Cyber Leaders
As cybersecurity threats grow in complexity and scale, so does the importance of resilient leaders who can think critically, adapt quickly, and build solutions that can stand the test of time. During a recent Lunch & Learn hosted at SecurityScorecard’s New York City headquarters, CEO and Co-Founder Dr. Read More
SecurityScorecard Applauds House Passage of the PILLAR Act as a Milestone for National Cyber Resilience

December 4, 2025

SecurityScorecard Applauds House Passage of the PILLAR Act as a Milestone for National Cyber Resilience
The U.S. House of Representatives has officially passed the PILLAR Act, a landmark effort aimed at strengthening America’s cyber resilience across federal, state, local, tribal, and territorial (SLTT) partners. SecurityScorecard is proud to see growing bipartisan and industry support for a bill that prioritizes continuous… Read More
Bolstering Supply Chain Security with Enhanced Japanese Language Support

December 2, 2025

Bolstering Supply Chain Security with Enhanced Japanese Language Support
SecurityScorecard has significantly expanded Japanese language support across key areas of the platform. This strategic enhancement empowers our customers and users in Japan to navigate the platform and address critical issues faster by fully utilizing more features in their native language. The Japanese economy is deeply… Read More
How SecurityScorecard Enhances AuditBoard’s RiskOversight and TPRM

November 25, 2025

How SecurityScorecard Enhances AuditBoard’s RiskOversight and TPRM
The Need to Look Beyond Assessments in GRC Enterprise risk today demands continuous, comprehensive vigilance. Today’s Governance, Risk, and Compliance (GRC) professionals must constantly monitor security posture, not just that of external vendors, but also the security health of their own organization, to… Read More
Third-Party Risk Management
How Global Enterprises Use GRC Platforms to Translate Security Ratings Into Business Risk

November 24, 2025

How Global Enterprises Use GRC Platforms to Translate Security Ratings Into Business Risk
Why Fragmented Cyber and Business Risk Data Slows Down Enterprise Risk Management (ERM) As global enterprises expand their vendor ecosystems, the disconnect between technical cybersecurity ratings and business risk metrics has become a… Read More
How GRC Professionals Can Integrate SecurityScorecard into Every Phase of TPRM Programs

November 24, 2025

How GRC Professionals Can Integrate SecurityScorecard into Every Phase of TPRM Programs
Why TPRM Requires a Continuous, Always-On Lifecycle The Governance, Risk, and Compliance (GRC) Manager’s mandate today is to govern the organization’s risk exposure across an ever-expanding ecosystem of third parties. Yet treating Third-Party Risk Management (TPRM) as a… Read More
Third-Party Risk Management
Why GRC Programs Fail Without Continuous Cyber Risk Intelligence

November 21, 2025

Why GRC Programs Fail Without Continuous Cyber Risk Intelligence
Why Cyber Risk Data Must Power the Future of GRC GRC Needs Evidence, Not Assumptions Supply chains now shape enterprises, which increasingly rely on an expanding ecosystem of vendors, partners, and suppliers. For Governance, Risk, and Compliance (GRC) professionals, managing this sprawling… Read More
GRC
Why a $50 Billion Investment Will Propel Rural Health Cyber Transformation

November 20, 2025

Why a $50 Billion Investment Will Propel Rural Health Cyber Transformation
The U.S. government just launched a $50 billion initiative to modernize rural healthcare infrastructure. The federal government is now reviewing states’ funding applications and by the end of the year will announce funding awards, which may include support for expanding and securing digital systems. States will… Read More
Operation WrtHug, The Global Espionage Campaign Hiding in Your Home Router

November 19, 2025

Operation WrtHug, The Global Espionage Campaign Hiding in Your Home Router
Your home router, the device that connects you to the internet, may have been turned into a tool for a global espionage campaign. A new report, “Operation WrtHug,” has uncovered a massive, coordinated effort that has compromised thousands of ASUS routers worldwide. This is a meticulously planned operation… Read More
STRIKE Team