New York, NY – June 11, 2019 – SecurityScorecard, the leader in security ratings, today announced the completion of its Service Organization Control for Service Organizations (SOC 2) Type 1 Audit highlighting an important barometer of the company’s security and privacy program maturity.
SOC 2 is an auditing procedure that provides an outside perspective to attest that an organization securely manages data to protect the interests of its organization and the privacy and security of its clients.
In partnership with A-LIGN, an accredited CPA firm, SecurityScorecard underwent a comprehensive examination process to verify that the controls stated in the description were suitably designed to provide reasonable assurance that service commitments and system requirements would be achieved based on the applicable trust services criteria. SecurityScorecard released the SOC2 type 1 report for its Security Monitoring and Rating Services System as of March 31, 2019.
“As a trusted partner to our global customer-base, we take our own security posture extremely seriously. Through the completion of audits, such as SOC 2, we can provide our ecosystem with an easy to define litmus test of how we prioritize and measure security within our organization,” said Fouad Khalil, VP of compliance at SecurityScorecard.
In addition to the SOC 2 Type 1 audit completion, SecurityScorecard recently announced the release of the industry’s first Trust Portal, https://trust.securityscorecard.com, which provides transparency and visibility into the methodology and performance of the company’s award-winning security ratings platform. Incorporating trust and transparency into the SecurityScorecard platform is a necessary requirement to be an industry standard for measuring security risk across all industries.
Headquartered in the heart of New York City, SecurityScorecard’s vision is to create a new language for measuring and communicating security risk. The company was founded in late 2013 by Dr. Aleksandr Yampolskiy and Sam Kassoumeh, two former cybersecurity practitioners who had served, respectively, as Chief Information Security Officer and Head of Security and Compliance. With cloud solutions becoming an increasingly integral part of the security technology stack Yampolskiy and Kassoumeh recognized the need to address third- and fourth-party risk as well as better understand the security capabilities of their business partners. Since its founding, the company has grown dramatically and now counts hundreds of leading brands as customers. SecurityScorecard is backed by leading venture capital investors including Sequoia Capital, GV, NGP Capital, Evolution Equity Partners, Boldstart Ventures, AXA Venture Partners among others. For more information, visit securityscorecard.com.