Cybersecurity white papers, data sheets, webinars, videos and more

November 19, 2025

Operation WrtHug, The Global Espionage Campaign Hiding in Your Home Router

Your home router, the device that connects you to the internet, may have been turned into a tool for a global espionage campaign. A new report, “Operation WrtHug,” has uncovered a massive, coordinated effort that has compromised thousands of ASUS routers worldwide. This is a meticulously planned operation… Read More

STRIKE Team

November 14, 2025

Cyber Focus Interview: Dr. Aleksandr Yampolskiy Analyzes the Rise of Third-Party and Supply Chain Cyber Risks

Dr. Aleksandr Yampolskiy, Co-Founder and CEO of SecurityScorecard, joined Frank Cilluffo, Director of Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security, on the Cyber Focus podcast this week to shed light on the rapidly growing risks lurking inside our digital supply chains. Dr. Yampolskiy… Read More

November 12, 2025

Why Singapore’s Cybersecurity Risks are Surging and How To Tackle Third-Party Risk

Singapore’s interconnected digital economy is emerging as a prime target for cyber adversaries in 2025. In SecurityScorecard’s recent webinar, Understanding Third-Party Cyber Risk in Singapore’s Digital Ecosystem, experts analyzed the findings of our July report: The State of Cybersecurity Resilience in… Read More

November 6, 2025

Adversarial AI: When Attackers and Defenders Become Equals

Artificial intelligence has changed the rules of cybersecurity. In SecurityScorecard’s latest fireside chat, Adversarial AI: The New Symmetric Threat Landscape, CEO and Co-Founder Dr. Aleksandr Yampolskiy sat down with Dr. Srinivas Mukkamala, CEO of Securin, to examine what happens when the same technology driving innovation begins empowering attackers. Mukkamala has… Read More

November 6, 2025

Why Every CEO Needs a CISO or CIO on the Board and How to Get a Board Seat if You Are One

Why CEOs need a CISO and CIO on their board to translate tech expertise into boardroom strategy As AI risk and new regulations reshape the economy, boards need technical insight more than ever, yet cybersecurity and technology leaders remain underrepresented on boards. In a recent SecurityScorecard… Read More

November 5, 2025

SecurityScorecard CISO Steve Cobb on CBS: Secret Service Takes Down SIM Farm Threat Near UNGA

As world leaders gathered for the United Nations General Assembly (UNGA) in New York City this September, the United States Secret Service dismantled a telecommunications threat that authorities report could have caused widespread disruption in the city. CBS News New York reported the story, featuring commentary from Steve… Read More

November 5, 2025

How China-Backed Hackers Are Targeting Telecom and What Needs to Happen Next

Chinese nation-state hackers have spent years compromising the telecommunications sector, embedding themselves inside telecommunications networks and lying in wait. They have compromised presidential campaign communications, siphoned up data on high-profile individuals, and remained hidden for years before they were uncovered. In a recent webinar, SecurityScorecard’s Senior… Read More

October 30, 2025

As AI Transforms Business, Dr. Aleksandr Yampolskiy Explains on NASDAQ TradeTalks Why the CISO Role Has Never Been More Complex

As supply chains grow and hackers adopt artificial intelligence, the role of the Chief Information Security Officer (CISO) is undergoing a dramatic transformation. During a recent NASDAQ TradeTalks segment, Dr. Aleksandr Yampolskiy, Co-Founder and CEO of SecurityScorecard, joined host Jill Malandrino and a panel of cybersecurity experts to… Read More

CISO

Cybersecurity

Enterprise Cyber Risk

October 27, 2025

How to Measure a Company’s Cyber Risk with the Breach Susceptibility Indicator

Cyber insurers face rising claims, shifting threats, and limited visibility into what truly drives breach events. The Breach Susceptibility Indicator (BSI) brings clarity to that uncertainty. It helps you quantify the likelihood of breach across your portfolio, using real-world data and modeling you can trust.  The… Read More

October 20, 2025

Fox News Chicago Interview with Dr. Aleksandr Yampolskiy on the AWS Outage

As a massive Amazon Web Services (AWS) outage October 20, 2025, disrupted internet connectivity around the globe, Dr. Aleksandr Yampolskiy, Co-Founder and CEO of SecurityScorecard, joined Fox News Chicago to explain the outage and highlight how fragile our digital interconnectedness has become. SecurityScorecard does not currently… Read More

October 17, 2025

How Security Ratings Drive Actionable Risk Reduction, From Findings to Resolution

Cybersecurity teams face an enormous amount of pressure to manage risk with limited time, tools, and people. And as organizations grow and vendors shift, risks change constantly. Security scores about your supply chain cybersecurity highlight where attention is needed, helping you brief the board and insurers with clear… Read More

Cybersecurity

Security Ratings

October 14, 2025

How SecurityScorecard and Crowe Are Helping Organizations Strengthen Third-Party Cyber Risk Management

Third-party risk has become one of the most pressing challenges for organizations everywhere. Vendor ecosystems are growing fast, but so are the threats hiding within them. These blind spots can disrupt operations, slow compliance efforts, and erode customer trust. That’s why SecurityScorecard and Crowe LLP have… Read More

October 14, 2025

It Takes More Than Awareness: Building a Resilient Cybersecurity Culture

Canada has built an impressive cybersecurity foundation. The Communications Security Establishment (CSE) and its Canadian Centre for Cyber Security (CCCS) have developed tools, systems, frameworks, and the partnerships needed to establish an impressive foundation for its cyber defence posture. But the gap between their alert and support system,… Read More

October 10, 2025

What Is Digital Supply Chain Management

Modern businesses operate through intricate networks of relationships that extend far beyond their immediate control. While traditional supply chain approaches focused on physical goods and services moving through warehouses and distribution centers, today’s organizations face a fundamentally different challenge. Every software provider, cloud service partner, and digital technology… Read More

October 10, 2025

Protecting Patient Lives Through Cybersecurity in Healthcare

The healthcare industry faces an unprecedented cyber threat landscape that constantly risks patient safety and business operations. As healthcare providers increasingly rely on interconnected digital systems, the need for robust cybersecurity practices has never been more critical. Recent data from our 2025 SecurityScorecard… Read More

October 10, 2025

Dark Web Monitoring Against Invisible Cyber Threats

The digital underground operates 24/7, and your company’s sensitive information might already be for sale in corners of the internet you never knew existed. While most businesses focus on preventing cyber attacks, data breaches often go undetected for months, leaving stolen credentials and personally identifiable information circulating freely… Read More

October 10, 2025

SIEM vs SOAR: The Key Differences for Modern Security Teams

Security teams receive thousands of alerts every day. Most of these alerts require manual investigation, creating bottlenecks that slow down threat response and exhaust analyst resources. The average security operations center manages dozens of different tools, each generating its own alerts and requiring specialized knowledge to operate effectively. Read More

October 10, 2025

The Importance of Email Security

In today’s connected world, email is the main way companies communicate. This widespread use makes email security a top concern for businesses. Cybercriminals are increasingly targeting email systems to break into networks and steal sensitive information. Because of this, it is essential to understand and use strong email… Read More

September 23, 2025

Clarification on npm Supply Chain Incident

Recently, SecurityScorecard sent a customer communication that incorrectly described the npm supply chain incident as a “CrowdStrike breach.” This was inaccurate, and we want to correct the record. What actually happened A large npm supply chain attack (“Shai-Hulud”) trojanized over 150 JavaScript packages. The… Read More

September 15, 2025

SecurityScorecard Acquires HyperComply

SecurityScorecard has acquired HyperComply, bringing AI-powered questionnaire automation to our platform. We welcome Amar Chahal, CEO and Co-Founder, and Cody Wright, CTO and Co-Founder, along with the entire HyperComply team to SecurityScorecard. This acquisition addresses one of the most persistent challenges in vendor security management. Read More