Resource Listing

Blog
A Day in the Life of a CISO: Tackling a Major Vulnerability with Precision
November 18, 2024
A Day in the Life of a CISO: Tackling a Major Vulnerability with Precision
More Details
Blog
A Day in the Life of a CISO: Turning Data into Boardroom Confidence
November 18, 2024
A Day in the Life of a CISO: Turning Data into Boardroom Confidence
More Details
Webinar
From Justification to Implementation: Tips for Deciding on Supply Chain Detection and Response
December 4, 2024
Supply chain detection and response (SCDR) is a new cybersecurity solution for supply chain incident responders that reduces supply chain breaches and increases remediation speed. In this webinar, we will explore what you need to know to make an informed decision when evaluating SCDR solutions.
More Details
SCDR
Webinar
Building a High-Performing Supply Chain Incident Response Team
December 17, 2024
Supply chain security is no longer an afterthought. With increasing threats and the potential for devastating consequences, organizations must proactively address supply chain risks. In this webinar, we will discuss how a well-structured supply chain incident response team can address these challenges and mitigate risks.
More Details
SCDR
Webinar
Securing Your Supply Chain with a Managed Service for Supply Chain Detection and Response
December 10, 2024
Supply chain cyber attacks pose significant risks to businesses of all sizes. A managed service for supply chain detection and response (SCDR) offers a proactive and efficient solution to mitigate these threats.
More Details
SCDR
Canada Faces a Cybersecurity Crisis with Critical Infrastructure at Risk
More Details
Blog
The Botnet is Back: SSC STRIKE Team Uncovers a Renewed Cyber Threat
November 12, 2024
Discover the resurgence of Volt Typhoon, a state-sponsored cyber-espionage group targeting the energy sector. Learn how they exploit legacy systems and outdated devices to embed themselves within critical infrastructure, posing a silent yet significant threat. Stay informed about the evolving tactics, global reach, and implications for national security.
More Details
Ryan Sherstobitoff, SVP, Threat Research & Intelligence
STRIKE Team
Blog
Inside a North Korean Phishing Operation Targeting DevOps Employees
October 29, 2024
Uncover how SecurityScorecard thwarted a sophisticated phishing attack targeting our DevOps team. This blog details a North Korean state actor's attempt to deploy a malicious backdoor through a fake job offer on social media. Learn about the evolving tactics of threat actors and how our swift response blocked potential damage. Stay informed and strengthen your defenses against these persistent cyber threats.
More Details
Ryan Sherstobitoff, SVP Threat Research & Intelligence
Nation State Actors, Phishing, STRIKE Team
Blog
The Job Offer That Wasn’t: How We Stopped an Espionage Plot
October 29, 2024
Discover how SecurityScorecard thwarted a sophisticated cyber-espionage plot disguised as a job offer. Learn about the 'Contagious Interview' campaign, the tactics used by the Famous Chollima group, and essential strategies to protect your organization from targeted attacks. Don't let your next career move become a trap—stay informed and secure!
More Details
Steve Cobb, CISO, SecurityScorecard
STRIKE Team
Research
Third-Party Breaches Are the Top Threat for the U.S. Energy Sector
October 23, 2024
This comprehensive report provides a deep dive into the cybersecurity posture of the U.S. energy sector. We've analyzed 250 top energy companies using SecurityScorecard metrics to identify vulnerabilities and potential threats.
More Details
Supply Chain Cyber Risk, Third-Party Risk Management
Press
67% of Energy Sector Breaches Linked to Software and IT Vendors, SecurityScorecard Reports
October 23, 2024
Energy sector faces surge in supply chain risks amid growing dependence on vendors.
More Details
Supply Chain Cyber Risk, Third-Party Risk Management
Blog, Learning Center
Complete Third-Party Risk Management (TPRM) Guide for 2025
October 16, 2024
Learn effective third-party risk management strategies for 2025 to protect your business from cyber threats, ensure compliance, and secure vendor networks.
More Details
Third-Party Risk Management