Cybersecurity white papers, data sheets, webinars, videos and more

June 30, 2025

What is a Whaling Attack in Cybersecurity?

What is a whaling attack? See how phishing attacks aimed at executives and whaling attacks work, and how cybercriminals steal sensitive information.

June 30, 2025

What is DNSSEC and Why Is It Important?

Understand how DNSSEC secures the domain name system with cryptographic methods to verify the authenticity of DNS records and boost DNS security.

June 27, 2025

10 Cybersecurity Criteria for Smarter Vendor Selection

Learn the 10 most critical cybersecurity criteria to include in your vendor selection process. Make smarter, risk-informed decisions before onboarding third parties.

June 26, 2025

What Is Residual Risk and How Do You Mitigate It?

Learn what residual risk is in cybersecurity, how to measure and reduce it, and why complete risk elimination is a myth. Understand strategies to manage what remains after controls are applied.

June 25, 2025

What Does CIRCIA Require—and How Can You Prepare for Reporting Cyber Incidents?

Learn what the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) requires, who it applies to, and how your organization can prepare for faster, smarter breach response.

June 25, 2025

What is the Difference Between IT Risk Management and Cybersecurity?

Explore how IT risk management and cybersecurity differ—and where they overlap. Learn how to align both for a stronger, more resilient organization.

June 25, 2025

Why Education is a Growing Cyber Target

Why educational institutions face rising cyberattacks and what they can do to improve their cybersecurity posture.

Cybersecurity

June 24, 2025

What Is Triage in Cybersecurity Incident Response?

Discover how cybersecurity triage works during incident response. Learn best practices for assessing and prioritizing threats before they escalate.

June 24, 2025

Building a Vendor Risk Management Program: Strategies for Success

Learn how to build a vendor risk management (VRM) program that aligns with modern cyber threats. Discover essential steps, tools, and continuous monitoring strategies for supply chain protection.

June 23, 2025

What Is MXToolbox and How Can You Use It Securely?

Discover how MXToolbox works for DNS, SPF, and blacklist monitoring, and learn how to use it securely without leaking email infrastructure insights to threat actors.

June 23, 2025

What Is FIPS 140-3 and Why Does It Matter for Security Compliance?

Learn what FIPS 140-3 certification entails, why it’s critical for federal and industry cybersecurity compliance, and how to ensure your cryptographic modules meet the standard.

June 23, 2025

Unmasking A New China-Linked Covert ORB Network: Inside the LapDogs Campaign

SecurityScorecard’s STRIKE team uncovered a new China-Nexus ORB Network targeting the United States and Southeast Asia. Read the report to gain an in-depth look at the LapDogs ORB network, its custom malware, and its role in cyberespionage.

STRIKE Team

June 23, 2025

Understanding Third-Party Risk: Identifying and Mitigating External Threats

Learn how to identify, assess, and mitigate third-party cybersecurity risks. Discover the most common vulnerabilities, threat actor behavior, and how to monitor threats in 2025.

June 20, 2025

Sender Policy Framework (SPF): How It Stops Email Spoofing

Learn how SPF works to prevent email spoofing, how to configure SPF records, and why it’s critical for securing your domain from phishing campaigns.

June 20, 2025

What Does the Gramm-Leach-Bliley Act (GLBA) Require?

Learn the core requirements of the Gramm-Leach-Bliley Act (GLBA), including the Safeguards Rule, privacy notices, and cybersecurity responsibilities for financial institutions.

June 19, 2025

How to Build an OPSEC Culture in Your Organization

Discover how to build an OPSEC (Operational Security) culture that protects sensitive information, counters social engineering, and reduces third-party risk exposure across your workforce.

June 19, 2025

What Are the Key Steps to Achieve PCI DSS 4.0 Compliance?

Explore step-by-step guidance to comply with PCI DSS 4.0, including new 2025 requirements, technical controls, and vendor accountability measures.

June 19, 2025

What Are Best Practices for Data Security for Sensitive Data?

Learn best practices to secure sensitive data, including encryption, access control, and continuous monitoring. Discover how organizations reduce breach risks while staying compliant.

June 19, 2025

What’s the Difference Between Authenticity and Non-Repudiation in Cybersecurity?

Understand the difference between authenticity and non-repudiation in cybersecurity, and how both play key roles in identity verification, encryption, and data integrity.

June 18, 2025

How SSL Certificates Work—and Why They Still Matter

SSL certificates remain foundational to online trust and encryption. This blog explains how SSL/TLS certificates work, the risks of poor certificate management, and why organizations must maintain certificate hygiene in 2025.

June 18, 2025

What Is a Zero-Day Exploit and Why Is It So Dangerous?

Learn what a zero-day exploit is, why it poses such a severe risk, and how organizations can detect and mitigate zero-day attacks using proactive threat intelligence.