PRESS RELEASE

SecurityScorecard Announces Significant Momentum in 2022, Growing by 49%

Now Delivering Security Ratings, Response, and Resilience Solutions and Services to 73% of Fortune 100 organizations

NEW YORK, Feb 15, 2023 — SecurityScorecard, the global leader in cybersecurity ratings, announced that the company closed its fiscal year ending December 31, 2022, with significant momentum, achieving 49% growth year-over-year. SecurityScorecard now delivers security ratings, response, and resilience solutions and services to 73% of the Fortune 100, with over 12 million organizations continuously rated.

Globally, SecurityScorecard experienced tremendous global expansion of its business outside of North America with 68% year-over-year growth in ending annual recurring revenue. Further, the company acquired LIFARS™, a global leader in digital forensics, incident response, and cyber resiliency services. The company also gained a number of market-leading customers in 2022 including Chubb and NTT.

“Our growth signals an inflection point for the security ratings market worldwide,” said Dr. Aleksandr Yampolskiy, CEO and co-founder of SecurityScorecard. “When attending the World Economic Forum in Davos this year, cyber resilience was clearly top of mind for global leaders across the private and public sector. These organizations are focused on maintaining trust with their ecosystem amidst geopolitical tensions and escalating cybersecurity threats, making the ability to measure cybersecurity a must-have.”

“Boards and business leaders need a far better understanding of cybersecurity visibility and continuous monitoring data, and their relationships to business processes,” said Jon Oltsik, distinguished analyst and ESG Fellow “Without that knowledge, it’s impossible for them to make good cyber-risk management decisions that result in a more cyber resilient organization.”

Trusted by Governments and Insurers

SecurityScorecard has become a trusted, go-to resource for the U.S. government. For example, the company established partnerships with more than eight public sector-related associations, including the New York Department of Financial Services, the U.S. Conference of State Bank Supervisors (the umbrella organization for all 50 state banking regulators), and the U.S. national associations for U.S. counties, state legislators, and state CIOs. In 2022, the U.S. government’s cyber agency, CISA, added SecurityScorecard to the catalog of Free Cybersecurity Services and Tools and publicly partnered with SecurityScorecard via CISA’s Joint Cyber Defense Collaborative.

Additionally, SecurityScorecard’s Threat Research, Intelligence, Knowledge, and Engagement (STRIKE) team led an investigation of nation-state cyber activity leading up to and during Russia’s 2022 invasion of Ukraine, resulting in the discovery of the “Zhadnost” botnet, found to conduct DDoS attacks on Ukrainian and Finnish governments. SecurityScorecard’s Zhadnost research was ultimately cited by the U.S. government as part of CISA’s Shields Up program.

In 2022, SecurityScorecard’s Attack Surface Intelligence solution was added to the Department of Homeland Security (DHS) Continuous Diagnostics and Diagnostics and Mitigation (CDM) Program’s approved products list (APL), providing Government agencies with the ability to leverage SecurityScorecard’s solution to identify, contextualize, and prioritize critical threats across their global attack surface.

SecurityScorecard is also now a trusted standard in cyber insurance and cyber underwriting with insurance organizations, achieving 120% growth of new ARR in its insurance business in 2022. SecurityScorecard’s portfolio is highlighted by relationships with market-leading cyber insurers and insurance brokers including Chubb, AXA, Marsh and McLennan, and Willis Towers Watson.

In Good Company

SecurityScorecard welcomed The Honorable Susan M. Gordon, former Principal Deputy Director of U.S. National Intelligence, to its Board of Directors as an independent director. Ms. Gordon most recently served as the principal deputy director of U.S. national intelligence until 2019 and was a member of the U.S. Cyberspace Solarium Commission, a bipartisan, U.S. congressionally mandated initiative. MSNBC recently described her as “one of the most respected U.S. intelligence officers of her generation” and she has been advising former U.S. Presidents since President Ronald Reagan.

SecurityScorecard also significantly expanded its global partner Marketplace by 80%, to include more than 90 technology and integration partners such as AWS, Coupa, Crowdstrike, CSC, Fortinet, IBM, OneTrust, Palo Alto Networks, Snowflake, and Splunk. SecurityScorecard Marketplace delivers the solutions security leaders need to maximize security investments and more effectively communicate risk and results with their boards and/or key stakeholders.

The World’s Most Comprehensive Platform for Quantifying and Reducing Risk

As a security ratings innovator, SecurityScorecard expanded its capabilities this year to build the world’s most comprehensive platform for quantifying and reducing cyber risk, uniquely enabling organizations to protect their attack surface and their business ecosystem.

SecurityScorecard’s latest offerings and suite of Professional Services below deliver value to security leaders faced with the need for trusted, accurate data to visualize threats, communicate risk, and take decisive action.

Attack Surface Intelligence: The industry’s only global threat intelligence that exposes previously unknown threats with actionable insights to speed remediation across the attack surface, and also that of a third-party ecosystem.
Automatic Vendor Detection: Continuously monitors the cyber hygiene of an organization’s entire digital supply chain with the industry’s most complete and automated view of 3rd and 4th party vendor risk.
Cyber Risk Quantification: Partners with RiskLens and ThreatConnect to deliver instant financial impact assessments for any organization in the world.
Cyber Risk Intelligence: Helps organizations proactively eliminate cyber risk with actionable, tailored intelligence from SecurityScorecard’s Threat Intelligence team, helping customers increase the return on previous investments and drastically improve preventative controls.
Proactive Security Services, Digital Forensics, and Incident Response: Allows customers to battle-test their security controls and respond confidently to a cyber-attack by partnering with industry-leading experts available 24×7.

Unique Research and Industry Recognition

At The World Economic Forum in Davos, SecurityScorecard announced the research paper, “Addressing the Trust Deficit in Critical Infrastructure,” which analyzed the increasing cyberattacks that have undermined the public’s trust in the resilience of our societies and was featured in Bloomberg, Dark Reading and the official World Economic Forum Blog.

Also in 2022, SecurityScorecard issued ground-breaking research with The Cyentia Institute, which analyzed data from more than 1.6 million organizations to measure the speed of vulnerability remediation over a three-year period, revealing that only 60% of organizations have improved their security posture despite a 15-fold increase in cyber-attacks over the last three years.

Additionally, SecurityScorecard was recognized for a number of contributions to the cybersecurity industry in 2022, including:

Inc. Best In Business – Security
Gartner Peer Insights ‘Customer Choice’ – IT Vendor Risk Management Tools
Black Unicorn Winner – Cyber Defense Magazine

About SecurityScorecard

Funded by world-class investors including Evolution Equity Partners, Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard’s patented rating technology is used by over 25,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. SecurityScorecard is listed as a free cyber tool and service as listed by the U.S. Cybersecurity & Infrastructure Security Agency (CISA). Every organization has the universal right to their trusted and transparent Instant SecurityScorecard rating. For more information, visit securityscorecard.com or connect with us on LinkedIn.