Unveiling TITAN AI: A New Era of Threat-Informed Third-Party Risk Management
Request a demo Get started for free

Resources

Cybersecurity white papers, data sheets, webinars, videos and more

Resource Library

Clear filters

2025 Security Predictions: The Forces Reshaping Cybersecurity

November 26, 2024

2025 Security Predictions: The Forces Reshaping Cybersecurity
As 2025 approaches, cybersecurity leaders are bracing for a year of intensifying challenges. Regulations are tightening, nation-state attackers are refining their strategies, and CISOs are under growing pressure. Aleksandr Yampolskiy, Co-Founder and CEO, Jeff Le, VP of Global Government Affairs and Public Policy, and Steve Cobb, CISO, all… Read More
Executive Viewpoint
Supply Chain Cyber Risk
Third-Party Risk Management
Vendor Risk Management: The Definitive Guide in 2025

November 22, 2024

Vendor Risk Management: The Definitive Guide in 2025
As businesses grow more dependent on external partners, the risks associated with third-party vendors have emerged as a serious concern. An effective vendor risk management (VRM) program plays a vital role when it comes to identifying, assessing, and addressing these threats. When vendors fail to meet security standards,… Read More
What Is Cyber Risk Management?

November 22, 2024

What Is Cyber Risk Management?
As organizations expand their digital presence, managing cyber risk has become essential across industries. It involves a systematic approach to identifying, analyzing, and controlling risks to safeguard critical assets, infrastructure, and sensitive data. A well-established cyber risk management program allows organizations to enhance their cybersecurity posture,… Read More
Scorecarder Spotlight: Fabio da Cruz Maciel

November 20, 2024

Scorecarder Spotlight: Fabio da Cruz Maciel
Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners.    Name: Fabio da Cruz Maciel Role: Solutions Architect   Tell us a… Read More
A Day in the Life of a CISO: Tackling a Major Vulnerability with Precision

November 18, 2024

A Day in the Life of a CISO: Tackling a Major Vulnerability with Precision
6 AM, and I’m already on my second coffee. A late-night alert from SecurityScorecard flagged a critical vulnerability, SolarWinds-style, with major implications. Thanks to real-time intelligence from the platform, I’ve been able to brief our CIO and execs before the day even starts. Now,… Read More
A Day in the Life of a CISO: Turning Data into Boardroom Confidence

November 18, 2024

A Day in the Life of a CISO: Turning Data into Boardroom Confidence
It’s 7:30 AM, and my inbox greets me with a digital curveball: an email from Alex, our Chairman. He wants a detailed update on how we’re stacking up against our competitors on cybersecurity—complete with specifics, trends, and business unit breakdowns. Great. It’s not even 8 AM, and I’m… Read More
The Botnet is Back: SSC STRIKE Team Uncovers a Renewed Cyber Threat

November 12, 2024

The Botnet is Back: SSC STRIKE Team Uncovers a Renewed Cyber Threat
A silent danger is sweeping through the world’s critical infrastructure. The SecurityScorecard STRIKE Team has uncovered a resurgence of Volt Typhoon—a state-sponsored cyber-espionage group from the Asia-Pacific region, known for its precision and persistence. This is no ordinary attack. Volt Typhoon exploits unprotected, outdated edge devices within targeted… Read More
STRIKE Team
Inside a North Korean Phishing Operation Targeting DevOps Employees

October 30, 2024

Inside a North Korean Phishing Operation Targeting DevOps Employees
Interested in the personal story behind the attack? Read the firsthand account here Sophisticated threat actors are increasingly targeting organizations with tailored phishing campaigns. Recently, SecurityScorecard detected a similar attempt against our team—and stopped it in its tracks. We’re sharing our findings to support the InfoSec community… Read More
Nation State Actors
Phishing
STRIKE Team
The Job Offer That Wasn’t: How We Stopped an Espionage Plot

October 30, 2024

The Job Offer That Wasn’t: How We Stopped an Espionage Plot
In cybersecurity, transparency matters—because none of us are immune. Increasingly, we’re seeing threat actors hone in on specific organizations. When we detected the recent “Contagious Interview” campaign targeting one of our own, our team acted fast to stop it in its tracks. We’re sharing this story so others… Read More
STRIKE Team
Complete Third-Party Risk Management (TPRM) Guide for 2025

October 16, 2024

Complete Third-Party Risk Management (TPRM) Guide for 2025
Third-party risk management (TPRM) is the structured process of identifying, assessing, and mitigating cybersecurity risks posed by external vendors, suppliers, and service providers. These risks can include cyber threats, data breaches, regulatory violations, and financial instability, all of which can severely impact your organization’s security and compliance posture. Read More
Third-Party Risk Management
Scorecarder Spotlight: Segev Eliezer & David Mound

October 10, 2024

Scorecarder Spotlight: Segev Eliezer & David Mound
Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners.  This month, we’re highlighting two Scorecarder’s who both attended DEFCON at the end of the summer!    … Read More
The Road Taken: Pathways to Better Compliance

September 30, 2024

The Road Taken: Pathways to Better Compliance
Ralph Waldo Emerson, the renowned American writer, lecturer and philosopher, is often credited with the phrase “It’s not the destination, it’s the journey.” Legal, Compliance, Risk and Security professionals would be wise to consider Emerson’s wise words and philosophy. The path to optimal compliance outcomes and… Read More
How the U.S. Department of Justice Can Improve Its Approach to Combat Ransomware Attacks

September 28, 2024

How the U.S. Department of Justice Can Improve Its Approach to Combat Ransomware Attacks
Earlier this month, the U.S. Department of Justice’s Office of the Inspector General released a report on how the Department could improve its approach to combat ransomware attacks. The report included an audit and evaluated the Department’s strategy to respond and counter ransomware… Read More
Public Sector
Supply Chain Cyber Risk
Women in Cyber 2024: Key Themes from AT&T’s Inaugural Conference

September 26, 2024

Women in Cyber 2024: Key Themes from AT&T’s Inaugural Conference
Earlier this week, SecurityScorecard had the pleasure of sponsoring AT&T’s inaugural Women in Cyber conference. From folks earlier on in their career to more seasoned professionals with 20+ years under their belt, there was a diverse group of 750+ attendees who were all interested in learning more about… Read More
Scorecarder Spotlight: David Mound

September 18, 2024

Scorecarder Spotlight: David Mound
Our series “Scorecarder Spotlight” showcases our talented employees and the incredible work they do.    Name: David Mound Job: Senior Penetration Tester Location: UK   Where do you live, and what do you do in your free time?  I was… Read More
Scorecarder Spotlight: Anna Livingston

September 11, 2024

Scorecarder Spotlight: Anna Livingston
Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners.    Name: Anna Livingston Role: Senior Solutions Architect   Tell us a… Read More
Billington 2024: Key Cybersecurity Takeaways from the AI Age

September 9, 2024

Billington 2024: Key Cybersecurity Takeaways from the AI Age
SecurityScorecard had the pleasure of participating in the 15th Annual Billington CyberSecurity Conference—a key convening of policymakers and industry thought leaders in our Nation’s Capital. This year’s edition—Advancing Cybersecurity in the AI Age—included over 4,000 registrants and 200 speakers participating in… Read More
Public Sector
Supply Chain Cyber Risk
CISA’s Secure By Design: A Year Later

September 5, 2024

CISA’s Secure By Design: A Year Later
In April this year, the CISA Secure By Design initiative turned one. The initiative calls for the public and private sectors to work together to challenge and encourage software manufacturing companies to adopt principles to ensure their software is developed and produced as… Read More
Supply Chain Cyber Risk
Reimagining Supply Chain Cybersecurity

August 28, 2024

Reimagining Supply Chain Cybersecurity
From ransomware attacks to data breaches, the threats lurking within supply chains are more pervasive than you might realize. Many security teams aren’t aware of the various supply chain cyber risks lurking within their network, most of which are difficult to detect, manage, and mitigate. Let’s explore how… Read More
Supply Chain Cyber Risk
Third-Party Risk Management
Building a Resilient Supply Chain in the Face of Cyber Threats

August 27, 2024

Building a Resilient Supply Chain in the Face of Cyber Threats
Supply chain resilience has never been more critical. Recent cyber outages have underscored a harsh reality—supply chains are vulnerable, and disruptions can have far-reaching impacts. But what does it mean to be supply chain resilient, especially in the context of cyber threats? In this post, we will explore… Read More
Professional Services
Supply Chain Cyber Risk
Third-Party Risk Management