SecurityScorecard Blog
Read the latest blog posts published weekly.
-
BlogExamining the Concentration of Cyber Risk: How supply chains and global economies can adapt
May 2, 2024This research points to an extreme concentration of cyber risk in just 15 vendors worldwide, while also detailing a surge in adversaries exploiting third-party vulnerabilities.
More DetailsPaul Prudhomme, STRIKE Threat Intelligence Analyst
Third-Party Risk Management -
BlogInsights from the Experts: Legal, Compliance, and Security Perspectives on SEC Regulations
April 26, 2024SecurityScorecard recently hosted a webinar discussing the implications of the new rules and how compliance, security, and legal experts can elevate their game to meet these new regulations.
More DetailsPublic Sector -
BlogCyberattack at Sisense Puts Critical Infrastructure on Alert
April 11, 2024SecurityScorecard details the large-scale cyberattack on Sisense, a major business analytics software company used by both the private and public sectors.
More DetailsTarek Marji, Senior Staff Engineer, INFOSEC
Public Sector -
BlogChange Healthcare Ransomware Attack Spotlights Single Point of Failure with Third-Party Vendor
April 10, 2024The ongoing cyberattack on Change Healthcare, a major player in medical claims processing in the United States, had profound repercussions across the healthcare sector.
More DetailsRob Ames, Senior Staff Threat Researcher
Healthcare, Third-Party Risk Management -
BlogSecurityScorecard Unveils the Industry’s Most Predictive Cybersecurity Risk Ratings with Refined Scoring Algorithm
April 9, 2024As businesses strive to reinforce their defenses against these evolving threats, the need for a reliable and predictive cybersecurity risk assessment tool has never been greater.
More DetailsDr. Bob Sohval, VP & Fellow, Data Science & Madelyn Maletz, Associate Product Marketing Manager
Security Ratings -
BlogHow SecurityScorecard STRIKE Identifies Zero Days in the Wild
April 9, 2024Discover how SecurityScorecard's Zero-Day-as-a-Service (ZDaaS) identifies new and emerging zero-day threats across your third-party vendor landscape.
More DetailsSteve Cobb, VP, Corporate and Product Security
Cyber Threat Intelligence -
BlogExamining NIST CSF 2.0: Everything you need to know
April 4, 2024In 2014, the National Institute of Standards and Technology (NIST) released its Cybersecurity Framework (CSF) to help organizations better understand, reduce, and communicate cybersecurity risk. Ten years later, NIST has released Version 2.0.
More DetailsChris Strand, Global Risk Officer
Executive Viewpoint -
BlogNational Vulnerability Database Updates: How SecurityScorecard’s CVEDetails can help
April 2, 2024Normally NVD analysts manually review and curate CVE data, especially product and version information and, in turn, NVD provides reliable and accurate data. But users have noticed that things have shifted lately. So what happened?
More DetailsSerkan Ozkan, Distinguished Engineer, R&D
Services -
BlogBreaches Beyond Borders: The global landscape of third-party risk
March 27, 2024Read some of the highlights from SecurityScorecard's recent webinar, which examined our Global Third-Party Cyber Breach report.
More DetailsThird-Party Risk Management -
BlogHow to Avoid Online Tax Day Scams: Tips to protect your finances and data
March 25, 2024As Tax Day in the U.S. looms on the horizon, so too does the risk of falling victim to online scams. In 1986, the first year that e-filing was available, five people filed their returns electronically. Since then, the popularity of e-filing has increased so much that 92% of individual tax returns are now e-filed. As online tax filing and payment have become more popular, though, scams targeting unsuspecting taxpayers have as well.
More DetailsRob Ames, Senior Staff Threat Researcher
Tech Center -
BlogWhy metrics—and context—matter: How CISOs can measure and communicate cyber resilience
March 21, 2024Cyberattacks in the digital supply chain are now some of the most common cyber incidents today, with many of the recent major breaches resulting from a single vulnerability. Because of the rapid pace and scale of these attacks, cyber leaders can no longer rely on static analyses of their environments, and must continuously assess cyber risk across their entire supply chain and vendor ecosystem. They must also produce quantitative metrics to measure their organizations’ dynamic risk in a standardized, easy-to-understand way. Here, we’ll discuss several metrics that cyber leaders can use to measure cyber risk and communicate with multiple stakeholders.
More DetailsJim Routh, Senior Advisor, SecurityScorecard
Executive Viewpoint, Security Ratings -
BlogHarnessing the Power of Artificial Intelligence: A closer look at the European Union’s new landmark legislation
March 20, 2024Ethical implications of AI, where and how to use the technology, and understandability demand careful consideration and regulatory oversight to ensure fairness, accountability, and transparency. Against this backdrop, last week lawmakers in the European Union approved a first-of-its-kind law that will govern how businesses and organizations in the EU use artificial intelligence (AI).
More DetailsBrendan Peter, VP, Global Government Affairs, SecurityScorecard
Executive Viewpoint, Public Sector
