Security Ratings Become a Must-Have as Cyber Attacks Increase in Scale and Scope
NEW YORK, JAN. 19, 2022 — SecurityScorecard, the global leader in cybersecurity ratings, announced a record-setting year for 2021, with growth doubling compared to 2020, accelerated by continued innovation and R&D, international expansion and strategic alliances. As a result, SecurityScorecard now serves the needs of thousands of organizations across 64 countries spanning more than 30 industries, including Liberty Mutual, AXA, St. Charles Health, Domino’s Pizza and multiple government entities. Net customer retention grew to 116% and international sales grew more than 100% in 2021. Current SecurityScorecard users include:
- Nine of the top 10 pharmaceutical companies
Nine of the top 10 banking institutions
- Nine of the top 10 telecommunications companies
- The top eight insurance companies
“You can’t fix what you can’t measure. SecurityScorecard’s ratings provide clear, actionable metrics to communicate to an organization’s board of directors, and it is especially critical to keep your business suppliers accountable,” said Aleksandr Yampolskiy, co-founder and CEO of SecurityScorecard. “We continue to be laser-focused on our customers’ needs and amplifying our R&D to better serve them. With 12 million organizations rated in our database and robust workflow automation, our focus has resonated as we have seen numerous organizations, particularly in heavily regulated industries, select us over competitors.”
In March 2021, SecurityScorecard announced it raised $180 million in a Series E financing round to bring its total funding to $290 million. The company also launched several external initiatives to foster advancement within the cybersecurity industry, including the SecurityScorecard Academy, an online community for advanced cybersecurity certification, education and training, and the Trust and Transparency Awards. The awards highlight people or organizations in cybersecurity that are committed to operating transparently with customers, partners and employees.
The company prioritized the development of several initiatives to improve employee mental health, personal growth and well-being. SecurityScorecard has more than doubled its employee base since 2020 and was named a “Hot 150 Cybersecurity Company to Watch” by CyberCrime Magazine. Additionally, SecurityScorecard released a complementary book by CEO Aleksandr Yampolskiy, “The Perfect Scorecard: Getting An ‘A’ in Cybersecurity From Your Board Of Directors.” The book compiled best practices and lessons from the world’s top security executives to help close the communications gap between security experts and board members.
Trusted Government Partner and Emerging Industry Thought Leader
The company significantly increased its partnerships with multiple congressional committees, federal and state agencies, and local authorities. As a result, the public sector repeatedly recognized both SecurityScorecard and security ratings:
- In the past three months, the company’s research has been identified at three congressional hearings by members of Congress on both sides of the aisle
- In October, after a congressional hearing acknowledging SecurityScorecard’s pipeline report, the Transportation Security Administration (TSA) stated that “[t]ools and services such as [security ratings], if in wider use, could better inform industry of certain vulnerabilities to act upon and decrease gaps in cybersecurity. The SecurityScorecard report does include several of the security measures required by the pipeline security directive.”
SecurityScorecard is emerging as a cybersecurity thought leader and is regularly meeting with government agencies for policy and operational collaboration, often to conduct threat intelligence briefings for major federal agencies. SecurityScorecard is a founding member and the only security ratings provider to participate in the Institute for Security + Technology’s cross-industry Ransomware Task Force, which released an 81-page framework in April 2021, including SecurityScorecard’s research, to combat ransomware.
SecurityScorecard made significant strides in its R&D efforts to rapidly respond to ongoing cybersecurity threats and meet the needs of organizations across more industries and geographies. Among its many advancements include:
- Marketplace, the industry’s first ecosystem for cyber risk ratings. In 2021, 125 new partnerships were added, including Tenable Lumin, Mimecast, Palo Alto Networks, CSC and more. Customers can use the marketplace to optimize security workflows, access security intelligence and accelerate risk mitigation
- Evidence Locker, which makes it easy for vendors to demonstrate good cybersecurity hygiene without having to manually email or share sensitive evidence and collateral via unsecure means. This helps signify compliance with recognized standards (e.g. SOC2, NIST, ISO, PCI)
- Fourth Party Automatic Vendor Detection (AVD) capabilities, which detects millions of vendors and allows VRM teams to quickly identify risks, provide actionable insights and communicate exactly where to focus threat remediation efforts
- Improved Data Collection: SecurityScorecard Sentinel, a next-generation engine that scans 4 billion IPs every week, detecting 300% more CVEs than legacy systems, scaling the company’s threat intelligence capabilities significantly. This engine powers SecurityScorecard’s on-demand ratings and enables businesses to get actionable information faster
- SecurityScorecard’s Attack Surface Engine, which gives a current view of an organization’s entire digital presence and the ability to sort, filter or prioritize specific IPs that most acutely impact its security hygiene. Clear attribution detail helps users understand why a digital asset is included in the footprint, which allows users to quickly refute/challenge if necessary
- FastScore capabilities leverage the power of the SecurityScorecard Sentinel engine, delivering immediate ratings insights in five minutes or less to aid decision making. This is essential in use cases including M&A due diligence, assigning risk for underwriting cyber insurance and more.
- SecurityScorecard added multiple embedded Workflow Automation Apps, including Slack, Jira and Zendesk, enabling customers to take immediate action based on real-time security data
- Integration: Cybersecurity data from dozens of organizations, including Mimecast, Hackerone, CSC and more, are now directly integrated into Scorecards, bringing unparalleled visibility to specific security issues, the ability to pinpoint risk and remediate vulnerabilities along with SecurityScorecard’s strategic partners
Honors and Awards
As a result of its contributions to the cybersecurity industry, SecurityScorecard was recognized by multiple leading organizations in 2021:
- Forrester Research named SecurityScorecard a leader in the Forrester New Wave™: Cybersecurity Risk Rating Platforms, Q1 2021 report
- Gartner Peer Insights ‘Voice of the Customer’: IT Vendor Risk Management Tools named SecurityScorecard as a 2021 Customers’ Choice
- Deloitte Technology Fast 500 and ProcureTech100 lists included SecurityScorecard. For the second consecutive year, SecurityScorecard outranked its competitors on the Deloitte list and is the only cybersecurity ratings firm recognized in the ProcureTech100
- EY named SecurityScorecard CEO Aleksandr Yampolskiy an Entrepreneur Of The Year® 2021 New York award winner, and Cyber Defense Magazine named him a 2021 top 10 cybersecurity expert
“2021 has been filled with milestones, and I am grateful to the SecurityScorecard team’s relentless pursuit to transform the way organizations understand, mitigate and communicate cybersecurity risk,” Yampolskiy added. “We look forward to marching toward IPO to become an enduring public company with ambitious objectives for 2022.”
Funded by world-class investors including Evolution Equity Partners, Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard’s patented rating technology is used by over 25,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every organization has the universal right to their trusted and transparent Instant SecurityScorecard rating. For more information, visit securityscorecard.com or connect with us on LinkedIn.