Posted on Jun 12, 2019
SecurityScorecard recently released a Trust Portal, a first-of-its-kind resource that invites users and partners to take an inside look at the data that drives our technology. The purpose behind the portal is to provide transparency into our security ratings methodology, and deliver insights into how it aligns with industry standards.
In the spirit of trust and transparency, we recently sat down with SecurityScorecard's COO and Co-Founder Sam Kassoumeh to discuss the importance of these principals. The transcript of our conversation can be found below.
Q: What does Trust mean for you as a value for a company?
A: "Trust equates to having confidence and conviction in the data and analytics in one's technology, and gives direction on how to make risk-based decisions into a company. The more I can trust the data, the faster decisions can be made."
Q: What spurred you to state publicly about trust?
A: "Trust and transparency go together, and both are crucial in to establishing a new market segment. Because the security ratings market is still new, it's important to shed light on the mechanics of the data, the ratings, and analytics. We want to reach a place where trust is inherent, but first we must establish that baseline. In order to earn the trust of our partners, we wanted to be crystal clear about the data behind our security ratings, and how ratings function and are applied - something the Trust site provided."
Q: In a business like security ratings, why is transparency so important?
A: "Transparency provides a level of practical assurance to users, and gives users a chance to have a feedback loop on how to evolve the rating. It gives them insight into the engine, how it functions, and helps to drive and evolve the industry - all while having a say."
Q: What does Trust mean for you to SecurityScorecard?
A: "Trust is an output of confidence from our user and partners. Our security ratings have material value and impact, and allow businesses to move faster and reduce the likelihood of a security incident in their ecosystem. Trust is a representation that customers have been able to give feedback, and we have adequately listened to their comments and feedback - committing to a mature feedback loop with the market to evolve the space."
Check out more in our Trust Portal.
Check out our list of 3 top third party risk management (TPRM) challenges, and the actions you can take to bolster your program. Learn more.
Performing cybersecurity risk assessments is a key part of any organization’s information security management program. Read our guide.
Templates and vendor evaluations are needed to level that playing field, in a time efficient and fair way, so that the best vendors are chosen.
No waiting, 100% Free
Get your free scorecard and learn how you stack up across 10 risk categories. Answer a few simple questions and we'll instantly send your score to your business email.