• Support
  • Login
  • Contact
  • Blog
  • English
  • French
  • Japanese
  • Support
  • Login
  • Contact
  • Blog
SecurityScorecard SecurityScorecard
  • Products
    PRODUCTS
    • Security Ratings
      Identify security strengths across ten risk factors.
    • Security Data
      Get actionable, data-based insights.
    • Security Assessments
      Automate security questionnaire exchange.
    • Attack Surface Intelligence
      NEW
      On-demand contextualized global threat intelligence.
    • Automatic Vendor Detection
      Uncover your third and fourth party vendors.
    • Cyber Risk Quantification
      Translate cyber risk into financial impact.
    • Reporting Center
      Streamline cyber risk reporting.
    • SecurityScorecard Marketplace
      Discover and deploy pre-built integrations.
    SERVICES
    • Active Security Services
      Test your security controls.
    • Cyber Risk Intelligence
      Partner to obtain meaningful threat intelligence.
    • Digital Forensics & Incident Response
      Prepare to respond to any threat.
    • Third-Party Risk Management
      Reduce risk across your vendor ecosystem.
    BUY NOW
    • Compare All Plans
      Choose a plan that's right for your business.
    • Try Free Account
      Make informed decisions with confidence.
    • Buy Pro Now
      Add automated event responses.
    • Buy Business Now
      Expand on Pro with vendor management and integrations.
    • Request Enterprise Demo
      See the capabilities of an enterprise plan in action.
    icon__SSClogoMark icon__SSClogoMark

    Understand and reduce risk with SecurityScorecard.

    Free account sign up
  • Solutions
    BY USE CASE
    • Compliance
    • Cyber Insurance
    • Digital Forensics
    • Due Diligence
    • Enterprise Cyber Risk
    • Executive-Level Reporting
    • Incident Response
    • Regulatory Oversight
    • Third-Party Risk
    BY INDUSTRY
    • Critical Infrastructure
    • Enterprise
    • Financial Services
    • Government
    • Healthcare
    • Insurance
    • Retail & Consumer
    • Technology
    Help your organization calculate its risk
    View All Solutions
  • Customers
    OUR CUSTOMERS
    • Customer Overview
      Trusted by companies of all industries and sizes.
    • Peer Reviews
      Find out what our customers are saying.
    SUCCESS AND SUPPORT
    • Customer Success
      Receive award-winning customer service.
    • Support
      Get your questions answered by our experts.
    COMMUNITY
    • SecurityScorecard Connect
      Engage in fun, educational, and rewarding activities.
    • Connect Login
      Join our exclusive online customer community.
    icon__SSClogoMark icon__SSClogoMark
    Understand and reduce risk with SecurityScorecard.
    Free account sign up
  • Partners

    Partner Program Overview

    Partner with SecurityScorecard and leverage our global cybersecurity ratings leadership to expand your solution, deliver more value, and win new business.

    Learn more
    • Locate a Partner
      Access our industry-leading partner network.
    • Value-Added Resellers
      Enter new markets, deliver more value, and get rewarded.
    • Managed Service Providers
      Meet customer needs with cybersecurity ratings.
    • ISAC Partner Program
      Learn more about the industries we support and ISAC member benefits.
    • Technology Alliances
      Access innovative solutions from leading providers.
    • SCORE Portal Login
      Use the SCORE Partner Program to grow your business.
    • SecurityScorecard Marketplace
      Find a trusted solution that extends your SecurityScorecard experience.

    Understand and reduce risk with SecurityScorecard.

    Free account sign up
  • Resources
    RESOURCES
    • Resource Center
      Explore our cybersecurity ebooks, data sheets, webinars, and more.
    • SecurityScorecard Blog
      Read the latest blog posts published weekly.
    • Research & Insights Center
      Access our research on the latest industry trends and sector developments.
    • SecurityScorecard Academy
      NEW
      Complete certification courses and earn industry-recognized badges.
    TOOLS AND DOCUMENTATION
    • Free Security Rating
      Get your free ratings report with customized security score.
    • Product Release Notes
      Visit our support portal for the latest release notes.
    • Free Account Signup
      Start monitoring your cybersecurity posture today.
    • Chrome Extension
      NEW
      Show the security rating of websites you visit.
    • Assessments ROI Calculator
      Calculate the ROI of automating questionnaires.
    Trust begins with transparency. Take a look at the data that drives our ratings.
    Learn more
  • Company

    Working at SecurityScorecard

    Committed to promoting diversity, inclusion, and collaboration–and having fun while doing it.

    Join our team
    • About Us
      SecurityScorecard is the global leader in cybersecurity ratings.
    • Leadership
      Meet the team that is making the world a safer place.
    • Press
      Explore our most recent press releases and coverage.
    • Events
      Join us at any of these upcoming industry events.
    • Policy Insights
      Raising the bar on cybersecurity with security ratings.
    • Careers
      APPLY TODAY
      Come join the SecurityScorecard team!
    • Contact Us
      Contact us with any questions, concerns, or thoughts.
    • Trust Portal
      Take an inside look at the data that drives our technology.
    • Help Center
      We are here to help with any questions or difficulties.
Request a demo
SecurityScorecard SecurityScorecard
  • Support
  • Login
  • Contact
  • Blog
  • English
  • French
  • Japanese
  • Support
  • Login
  • Contact
  • Blog
SecurityScorecard SecurityScorecard
  • Products
    PRODUCTS
    • Security Ratings
      Identify security strengths across ten risk factors.
    • Security Data
      Get actionable, data-based insights.
    • Security Assessments
      Automate security questionnaire exchange.
    • Attack Surface Intelligence
      NEW
      On-demand contextualized global threat intelligence.
    • Automatic Vendor Detection
      Uncover your third and fourth party vendors.
    • Cyber Risk Quantification
      Translate cyber risk into financial impact.
    • Reporting Center
      Streamline cyber risk reporting.
    • SecurityScorecard Marketplace
      Discover and deploy pre-built integrations.
    SERVICES
    • Active Security Services
      Test your security controls.
    • Cyber Risk Intelligence
      Partner to obtain meaningful threat intelligence.
    • Digital Forensics & Incident Response
      Prepare to respond to any threat.
    • Third-Party Risk Management
      Reduce risk across your vendor ecosystem.
    BUY NOW
    • Compare All Plans
      Choose a plan that's right for your business.
    • Try Free Account
      Make informed decisions with confidence.
    • Buy Pro Now
      Add automated event responses.
    • Buy Business Now
      Expand on Pro with vendor management and integrations.
    • Request Enterprise Demo
      See the capabilities of an enterprise plan in action.
    icon__SSClogoMark icon__SSClogoMark

    Understand and reduce risk with SecurityScorecard.

    Free account sign up
  • Solutions
    BY USE CASE
    • Compliance
    • Cyber Insurance
    • Digital Forensics
    • Due Diligence
    • Enterprise Cyber Risk
    • Executive-Level Reporting
    • Incident Response
    • Regulatory Oversight
    • Third-Party Risk
    BY INDUSTRY
    • Critical Infrastructure
    • Enterprise
    • Financial Services
    • Government
    • Healthcare
    • Insurance
    • Retail & Consumer
    • Technology
    Help your organization calculate its risk
    View All Solutions
  • Customers
    OUR CUSTOMERS
    • Customer Overview
      Trusted by companies of all industries and sizes.
    • Peer Reviews
      Find out what our customers are saying.
    SUCCESS AND SUPPORT
    • Customer Success
      Receive award-winning customer service.
    • Support
      Get your questions answered by our experts.
    COMMUNITY
    • SecurityScorecard Connect
      Engage in fun, educational, and rewarding activities.
    • Connect Login
      Join our exclusive online customer community.
    icon__SSClogoMark icon__SSClogoMark
    Understand and reduce risk with SecurityScorecard.
    Free account sign up
  • Partners

    Partner Program Overview

    Partner with SecurityScorecard and leverage our global cybersecurity ratings leadership to expand your solution, deliver more value, and win new business.

    Learn more
    • Locate a Partner
      Access our industry-leading partner network.
    • Value-Added Resellers
      Enter new markets, deliver more value, and get rewarded.
    • Managed Service Providers
      Meet customer needs with cybersecurity ratings.
    • ISAC Partner Program
      Learn more about the industries we support and ISAC member benefits.
    • Technology Alliances
      Access innovative solutions from leading providers.
    • SCORE Portal Login
      Use the SCORE Partner Program to grow your business.
    • SecurityScorecard Marketplace
      Find a trusted solution that extends your SecurityScorecard experience.

    Understand and reduce risk with SecurityScorecard.

    Free account sign up
  • Resources
    RESOURCES
    • Resource Center
      Explore our cybersecurity ebooks, data sheets, webinars, and more.
    • SecurityScorecard Blog
      Read the latest blog posts published weekly.
    • Research & Insights Center
      Access our research on the latest industry trends and sector developments.
    • SecurityScorecard Academy
      NEW
      Complete certification courses and earn industry-recognized badges.
    TOOLS AND DOCUMENTATION
    • Free Security Rating
      Get your free ratings report with customized security score.
    • Product Release Notes
      Visit our support portal for the latest release notes.
    • Free Account Signup
      Start monitoring your cybersecurity posture today.
    • Chrome Extension
      NEW
      Show the security rating of websites you visit.
    • Assessments ROI Calculator
      Calculate the ROI of automating questionnaires.
    Trust begins with transparency. Take a look at the data that drives our ratings.
    Learn more
  • Company

    Working at SecurityScorecard

    Committed to promoting diversity, inclusion, and collaboration–and having fun while doing it.

    Join our team
    • About Us
      SecurityScorecard is the global leader in cybersecurity ratings.
    • Leadership
      Meet the team that is making the world a safer place.
    • Press
      Explore our most recent press releases and coverage.
    • Events
      Join us at any of these upcoming industry events.
    • Policy Insights
      Raising the bar on cybersecurity with security ratings.
    • Careers
      APPLY TODAY
      Come join the SecurityScorecard team!
    • Contact Us
      Contact us with any questions, concerns, or thoughts.
    • Trust Portal
      Take an inside look at the data that drives our technology.
    • Help Center
      We are here to help with any questions or difficulties.
Request a demo
SecurityScorecard SecurityScorecard

Policy Insights

Partnering to Raise the Bar on Cybersecurity with Security Ratings.

Transforming the way organizations understand, mitigate, and communicate cybersecurity risk.
View Insights
The SEC's Evolving Approach to Cyber Risk Management

The U.S. Securities & Exchange Commission recently proposed rules to strengthen the ability of public companies, funds, and advisors to combat cybersecurity threats and implement risk mitigation processes.

Here’s a sample of SecurityScorecard’s discussion with Kristy Littman, U.S. Securities and Exchange Commission Chief of the Crypto Assets and Cyber Unit, Michael Daniel, President & CEO of the Cyber Threat Alliance and Friso van der Oord, Senior Vice President, Content with the National Association of Corporate Directors discussing the importance of the proposed rules.

Click here to hear the full discussion and learn more.

Security Ratings Quantify Cyber Risk

The U.S. House of Representative’s Committee on Homeland Security entered research by SecurityScorecard into the congressional record at a joint hearing, “A Whole-of-Government Approach to Combatting Ransomware: Examining DHS’s Role.”

The report from SecurityScorecard used machine learning across 10 different factors to correlate with the relative likelihood of a ransomware attack. Subsequently, SecurityScorecard developed a sophisticated machine learning model that estimates the relative likelihood of a company falling victim to ransomware attack, based on non-intrusive observations of its cybersecurity posture. The predicted likelihood could be used to warn at-riskorganizations and to assist insurance carriers offering cyber-insurance policies.

 
Fireside Chat with N.Y. Department of Financial Services' Cyber Chief

In a Feb. 2 webinar, SecurityScorecard hosted Justin Herring, Executive Deputy Superintendent, Cybersecurity Division of the New York Department of Financial Services (DFS), and Luke Dembosky, Partner and Co-Chair of the Data Strategy & Security practice at Debevoise & Plimpton, to discuss DFS’s top cybersecurity priorities this year, current enforcement and examination trends, and the regulatory environment around cybersecurity in 2022.

In this conversation, Mr. Herring, the first Executive Deputy Superintendent of Cybersecurity at DFS. described the Cybersecurity Division’s aim to protect consumers and industries from cyber threats, including their recent adoption of security ratings to support their regulatory oversight.

Download Case Study
Raising the bar on cybersecurity through key partnerships.
Making the world a safer place

“Tools and services such as [security ratings], if in wider use, could better inform industry of certain vulnerabilities to act upon and decrease gaps in cybersecurity. The SecurityScorecard report does include several of the security measures required by the pipeline security directive. As such, TSA’s security directives and the implementation of required measures could be validated by the SecurityScorecard or similar tools to readily identify potential security gaps.”

David PekoskeAdministrator of the Transportation Security Administration

"The emergence of security ratings has increased the use of cyber risk quantification to calculate and measure cyber risk exposure. These security ratings provide a starting point for companies’ cybersecurity capabilities and help elevate cyber risk to the level of board decision-making."

Bob KolaskyAssistant Director for the National Risk Management Center, Cybersecurity and Infrastructure Security Agency

"For even trusted sources, program managers should maintain continuous awareness of source compromises and be prepared to respond to sudden loss of trust in a repository."

John B. ShermanChief Information Officer, Department of Defense
There are a number of third party tools similar to Security Scorecard… in use by industry operators and industry security service providers. These “scorecards” provide a rating of cybersecurity postures of corporate entities through a non-intrusive “outside-in” view of security metrics and cyber threat intelligence signals. Tools and services such as this, if in wider use, could better inform industry of certain vulnerabilities to act upon and decrease gaps in cybersecurity. The Security Scorecard report does include several of the security measures required by the pipeline security directive. As such, TSA’s security directives and the implementation of required measures could be validated by the Security Scorecard or similar tools to readily identify potential security gaps.
TSAPart of the House Committee on Homeland Security
Previous
Next
Cybersecurity Information Sharing & Scorecards | WWD Weekly Digest

In Jan. 2022, SecurityScorecard’s Vice President for Policy & Public Sector, Charlie Moskowitz, joined Water and Waste Senior Managing Editor Bob Crossen for a video interview to discuss water security cybersecurity. Together, they discussed recent Biden Administration regulatory action affecting the water sector, sector-wide cyber vulnerabilities, and the resource challenges facing small and rural community water utilities to defend against online threat actors.

Moving beyond the problems, Charlie also discussed two core solutions: continuous monitoring and information sharing, to help water utilities develop and raise threat awareness across the water sector utilities, and how a security ratings platform, like SecurityScorecard’s, can provide real-time, continuous monitoring to small and large water utility companies and help improve their overall cybersecurity.

SecurityScorecard named a
Leader in Cybersecurity Risk Ratings Platforms
By The Forrester New Wave™: Cybersecurity Risk Rating Platforms
Download Free Copy
Proactive Security Measures for Global Maritime Shipping

New research from SecurityScorecard analyzed the cybersecurity health of 100 global shipping container companies and found that high severity cyber vulnerabilities pose a significant risk to U.S. maritime security and major supply chain risks. Read more in the report here, including what the industry can do to combat these issues.

View The Research Report
SecurityScorecard stands with CISA and its partners in responding to ongoing Russian state-sponsored cyber activity in connection with Russia's attack on Ukraine.
For the latest from SecurityScorecard’s Global Investigations, go to CISA’s “Shields Up Technical Guidance”
Read More Here
Cybersecurity for the New Frontier: Reforming the Federal Information Security Management Act

The U.S. House of Representatives Committee on Oversight and Reform included testimony from SecurityScorecard at a hearing titled, “Cybersecurity for the New Frontier: Reforming the Federal Information Security Management Act.”

SecurityScorecard’s Statement for the Record advocated for Federal networks to include quantitative, data-driven metrics and real-time, continuous monitoring to build industry best practices into Federal network monitoring and risk management.

Log4j Vulnerability Technical Report

The recently discovered security flaw related to Log4j enables threat actors to remotely execute commands via remote code execution (RCE) on nearly any machine using Log4j.

Read the report to find out what SecurityScorecard’s Research team found on the implications of this vulnerability and what organizations can do to combat it.

View The Research Report
Explore more resources

SecurityScorecard leverages our extensive industry and sector knowledge to deliver reports and insights for our partners.

All Resources

WHITE PAPERS

Adjusting to a New Era in Ransomware Risk

GOVERNMENT

Videos

Excerpt from Hearing: “20 Years After 9/11: The State of the Transportation Security Administration”

GOVERNMENT

Resources

NIST Standards and Guidelines for Enhancing Software Supply Chain Security Include Security Ratings

GOVERNMENT
Interested in seeing SecurityScorecard first-hand? Request a 1:1 demo.
Request demo
Products
Solutions
Customers
Marketplace
 
Partners
Resources
Company
Trust Portal
Security Ratings
Login
Blog
Contact
Careers
SecurityScorecard Tower 49 12 E 49th St Suite 15-100 New York, NY 10017 [email protected]
United States: (800) 682-1707
International: +1(646) 809-2166
Social-linkedin Social-facebook Twitter Instagram Youtube
  • Terms of Use
  • Privacy Policy
  • Patents
  • Cookies
© 2023 SecurityScorecard