Resources

Cybersecurity Research & Insights

Explore our cybersecurity white papers, data sheets, webinars, videos and more.

Data Sheet

How Do SecurityScorecard Ratings Work?

SecurityScorecard provides transparency into our ratings methodology and delivers insights into how it aligns with industry standards. Understand the principles, methodology, and process behind how our cybersecurity ratings work.

Data Sheet

Applying Data-Driven Methodologies to Generate More Meaningful Cybersecurity Ratings

After applying machine learning-tuned factor weights to our sample data, we found that organizations with an F rating are 7.7x more likely to sustain a breach than those with an A.

Analyst Report

Implement an Agile Cybersecurity Program: Lessons Learned From the COVID-19 Pandemic

In their latest report, Gartner—the world's leading information technology research and advisory company—examines the lessons learned from the COVID-19 pandemic and discusses implementing an agile cybersecurity marketing program.

Video

[Security DNA] Cybersecurity as a Business Enabler and Contributor to Shareholder Value

Listen to Alex Yampolskiy, CEO and Co-Founder of SecurityScorecard, and Moriah Hara, Founder of Vigilance Cyber Security, as they discuss how security is transforming itself from a cost center to a business enabler.

Analyst Report

The Impact of COVID-19 on Enterprise IT Security Teams

How has COVID-19 impacted enterprise IT security teams? Download the report to learn about the impact on impact of COVID-19 on IT security budgets and personnel, challenges of supporting a remote workforce, and new technology investments.

Video

[Security DNA] How to Establish a Culture of Cybersecurity Transparency

Listen to Alex Yampolskiy and Derek Vadala, CEO and Co-Founder of VisibleRisk and former CISO of Moody's Corporation, as they discuss cyber risk board reporting trends.

White Paper

Applying Machine Learning to Optimize the Correlation of SecurityScorecard Scores with Relative Likelihood of Breach

Learn about how SecurityScorecard applied machine learning to optimize the correlation of SecurityScorecard ratings with relative likelihood of a breach.

SecurityScorecard Report

State of The States' Cybersecurity

This report takes a look at the cybersecurity posture, including election-related infrastructure, of all 56 U.S. states and territories leading up to the presidential election.

Ebook

How Security & IT Teams Can Manage the Shift to the New Normal

Learn how security and IT teams can stay agile, enable business resilience, and manage the shift to the new normal. Download the ebook.

Data Sheet

The Golden Rules for Managing Third-Party Risk in the New Normal

Check out 3 tried and true “golden rules” for third-party risk management in the new normal, and some of the ways SecurityScorecard can help you follow them.

Video

SecurityScorecard’s Fall 2020 Release: Driving Cyber Resilience and Agility

SecurityScorecard’s integrated platform simplifies cybersecurity monitoring and assessment workflows, extends the value of existing investments, and helps grow resilient cybersecurity roots.

Webinar

Driving Cyber Resilience as Security & IT Teams Shift to the New Normal

2020 has brought unprecedented changes to our personal and professional lives, creating new pressures on security & IT teams. How can security and IT teams stay agile, enable business resilience, and manage the shift to the new normal?

Webinar

Third-Party Cyber Risks Are Increasing – Better Bring Your A-Game

Learn how to effectively manage and mitigate vendor risks to secure your organization. Watch the joint webinar with Venminder and SecurityScorecard.

Video

[Security DNA] Cybersecurity Board Reporting & What Public Companies are Talking About

Find out what boards are talking about in regards to cybersecurity, the critical KPIs that boards should be constantly measuring, what is the CISO's role is in the process, and what innovation we can expect from the broader cybersecurity ecosystem.

Case Study

Truphone Value Added Case Study Series

Learn how Truphone utilizes SecurityScorecard's security ratings platform for multiple use cases. Read the case study.

SecurityScorecard Report

Listening to Patient Data Security: Healthcare Industry & Telehealth Cybersecurity Risks

SecurityScorecard partnered with DarkOwl to bring insights about the cybersecurity risks of telehealth and an inside look at the way real cybercriminals are discussing ePHI. Read the report.

Webinar

Why the DoD is Prioritizing Continuous Monitoring

Learn about the Cybersecurity Maturity Model Certification (CMMC) and what it means for your organization. Watch the webinar.

White Paper

PCI DSS Compliance and Security Ratings: Protecting Cardholder Data and Assessing MDR for Merchants and Acquiring Banks

Learn how security ratings enable organizations to enhance and mature their information security and compliance programs by providing an independent, objective review of the companies’ external data breach risk mitigation strategies.

Video

[Security DNA] Innovation, Start-ups, and the New Normal for Cybersecurity Ventures

Listen to Alex Yampolskiy, CEO and Co-Founder of SecurityScorecard and Dov Yoran, Senior Director for Cisco's Security Business Group, as they address a variety of topics on the broader cybersecurity ecosystem.

Data Sheet

SecurityScorecard Provides Undisputed Measurable Value

Customers turn to SecurityScorecard for visibility into their risk landscape, enabling them to collaborate more effectively, both internally and externally. This allows customers to optimize their security investments in people, process, and technology.

Tool

SecurityScorecard Value Calculator

See and show how much time and money you can save with your SecurityScorecard investment for third-party risk. This calculator, gives you the economic benefits needed to understand the value you’ll get before you buy.

Video

Make Cybersecurity a Team Sport with SecurityScorecard

SecurityScorecard’s enhanced product suite for effective collaboration empowers Security and Risk Teams to collaborate more effectively. Being collaborative allows stakeholders to work faster, smarter, and win together with internal teams and their third parties.

Webinar

Building a Successful Third Party Risk Management Program for a Modern World with CSA

Learn how to build a successful third-party risk management program in today's climate.

Video

[Security DNA] Rethinking Digital Risk in a New Remote-only World

Listen to Alex Yampolskiy, CEO and Co-Founder of SecurityScorecard and Grant Geyer, Chief Product Officer of Claroty, as they discuss how the nature of risk has changed.

Webinar

Collaborating Effectively on Cyber Risk Management by Making it a Team Sport

Learn how Forrester, Modulr, and Plex Systems have have built modern cyber risk management practices. Watch the webinar.

Video

SecurityScorecard featured in “Behind the Scenes with Laurence Fishburne”

SecurityScorecard was recently featured on a public broadcasting segment of “Behind the Scenes with Laurence Fishburne” on the ubiquity of cyber attacks that affect organizations of all sizes and in every industry.

Webinar

How Short is the Path to Your Most Critical Assets?

Watch this webinar on how malicious actors gain access to your network and the ease at which they can exploit external facing vulnerabilities, gain access to the network, and move laterally until finding their desired targets.

Template Bundle

Cyber Risk Management & Vendor Assessment Template Bundle

You can’t completely eliminate all cybersecurity risk, but you can manage it. Download SecurityScorecard's free cyber risk management and assessment template bundle.

Video

[Security DNA] A CISO Conversation: Managing Security and Private Data in a Global Digital Environment

Listen to Alex Yampolskiy, CEO and Co-Founder of SecurityScorecard and Nuno Teodoro, CISO of Truphone, as they discuss best practices on prioritizing security activities for a global organization.

Case Study

Case Study: Truphone

Learn how SecurityScorecard helps Truphone improve their security posture, gain insight into security risks, and drives a high ROI in time and resource management.

Ebook

Five Steps to a Modern Cyber Risk Management Team

This ebook will give you what we’ve learned from the best security teams in the world and give you the five steps to build a modern risk management team.

Data Sheet

Collaborate More Effectively with your Third-Party Environment

To run an efficient cyber risk management program, security and IT teams need to collaborate even more effectively with their vendors, partners, suppliers, and other third parties. Download the data sheet to learn more.

Video

[Security DNA] Using Threat Intelligence to Secure Your Organization

Listen to Alex Yampolskiy, CEO and Co-Founder of SecurityScorecard and Anuj Goel, CEO and Co-Founder of Cyware, as they discuss the current threat intelligence landscape as well as the reasons why CISOs should invest in relevant tools and solutions.

Video

[Security DNA] Latest Trends in Endpoint Protection & Cybersecurity Asset Management

Listen to Alex Yampolskiy, CEO and Co-Founder of SecurityScorecard, discuss with Lenny Zeltser, CISO of Axonius, the latest trends in the endpoint protection marketplace, what advice he would give cybersecurity entrepreneurs right now, and the definition of cybersecurity asset management.

White Paper

A Deep Dive in Scoring Methodology

SecurityScorecard scores provide insights and a detailed analysis of the security posture of an organization. Take a deep dive into our scoring methodology.

Webinar

Prioritizing Risk and Business Continuity During Times of Uncertainty

Listen to our webinar on prioritizing risk and business continuity during times of uncertainty.

Video

[Security DNA] Driving Security Hygiene Using Traditional and Non-traditional metrics

Listen to Alex Yampolskiy, CEO and Co-Founder of SecurityScorecard, discuss with Ed Amoroso, CEO and Founder of TAG Cyber on the key performance indicators that CISOs should use to measure cybersecurity effectiveness.

Webinar

Managing Supply Chain Risk During Times of Turmoil with CSA

Watch our webinar on managing supply chain risk during times of turmoil.

Webinar

Managing Supply Chain Risk During Times of Turmoil

In the webinar you will explore the current situation from the perspective of the hacker, monitoring and acting on vendor and supply chain risk and how to prioritize your actions to ensure business continuity during these times of turmoil and increased remote work.

Webinar

Prioritizing Risk and Business Continuity During Times of Uncertainty

In this webinar learn how to prioritize risk and ensure business continuity during uncertain times.

Video

[Security DNA] Cyber Insurance in the Era of Expanding Digital Risks

Listen to Alex Yampolskiy discuss with Anthony Dagostino, EVP Global Cyber for Lockton Companies on the cyber insurance underwriting market, how boards rate themselves on their cybersecurity posture and more.

Case Study

Virgin Pulse leverages SecurityScorecard to scale their VRM program

Kal Dhisna, VP, Information Security & SaaS Operations, at Virgin Pulse talks about how using SecurityScorecard has allowed him and his team to automate and scale many of the functions of Virgin Pulse's vendor risk management program.

Data Sheet

SecurityScorecard & RSA Archer® GRC Platform Integration

SecurityScorecard’s integrated solution with the RSA Archer® GRC platform enables you to scale and enhance your vendor risk management (VRM) with SecurityScorecard Ratings.

Case Study

Case Study: RMS

By utilizing the SecurityScorecard platform and products, RMS has made incremental and lasting improvements to their security program, and the security team saw significant time-savings for critical aspects of the security program.

SecurityScorecard Report

2020 Democratic Presidential Candidates Get Smart to Cybersecurity Report

With the 2020 U.S. election on the horizon, SecurityScorecard wanted to know: How secure are the presidential candidates’ campaigns? Download the report.

Webinar

Communicating Cybersecurity to the Board

Communication is critical in the battle against cybersecurity risks to today's business. Learn how to educate and influence the board to get budget buy-in.

SecurityScorecard Report

QSnatch Technical Report

This report details a technical analysis of the malware, details of the discovery, a timeline of QSnatch’s history, and data and indicators of compromise (IoC) about the infected systems.

ebook

Addressing Brazil Lei Geral de Proteção de Dados (LGPD)

Learn how you can achieve, maintain and enable compliance with LGPD and other leading regulations and industry standards in your area.

Case Study

Case Study: Modulr

By using SecurityScorecard, Modulr was also able to decrease operational costs, increase objectivity, reduce human error and more. Read the case study.

Media Case Study

Case Study: Horizon Media

Learn how Horizon Media used SecurityScorecard to make strategic changes to their IT infrastructure and increase cybersecurity hygiene.

Webinar

Transformation of Cybersecurity Risk with CSA

The cyber landscape is continuing to evolve, and we're seeing digital trends continue to change. Digital technologies are accelerating the ability to do business, and really digitizing everything.

SecurityScorecard Report

Data Security in Healthcare Needs Intensive Care

Despite stringent data security, compliance and reporting requirements, the healthcare industry continues to struggle with cybersecurity. Read our report.

Video

Data Lifecycle Protection and Privacy

With privacy regulations brewing across the globe and consumers becoming more knowledgeable than ever about their privacy rights – can we now assume our personal data is now more secure than ever? Watch the video.

Webinar

SecurityScorecard's Mission & The Importance of Cybersecurity Ratings

We take viewers through the journey of SecurityScorecard, what problems we are solving, and why it’s important.

Data Sheet

SecurityScorecard for PCI Compliance

Download our Data Sheet to learn how you can meet evolving PCI requirements by maturing your PCI DSS compliance.

Video

Sam Kassoumeh Discusses New Feature Release: Custom Scorecard

SecurityScorecard is continuously working to deliver enhancements. We recently released a new feature, Custom Scorecard, as a part of the SecurityScorecard Ratings product. Users can now divide and score segments of their company (or a partner’s organization), including business lines, subsidiaries and organizational departments.

SecurityScorecard Report

Assessing Exposure & Organizational Behavior to the BlueKeep Vulnerability

SecurityScorecard researchers have used this BlueKeep event as a way to study companies’, and organizations’ response to this vulnerability over time.​​ Learn more.

Webinar

A Dive Into SecurityScorecard's Scoring Model, Risk Factors, and Data Collections

Take a dive into SecurityScorecard's scoring model, risk factors, and data collections from the likes of our data science and threat intelligence experts.

Webinar

It's a Compliance World: New Standards for Global Privacy Requirements

Learn how the new standards for global privacy requirements and regulations have transformed over time. Download the webinar.

Video

Trust & Transparency, Introducing SecurityScorecard's Trust Portal

CEO and Co-Founder, Alex Yampolskiy, speaks about the fundamental importance of trust and transparency in security ratings.

Webinar

Simplifying Security: Breaking Down the World of Cyber Hygiene

Learn about importance of cyber hygiene in this animated on-demand webinar series with SecurityScorecard and CyberHero Adventures.

White Paper

Continuous Oversight in the Cloud: How to Improve Cloud Security, Privacy and Compliance

This white paper advocates for continuous oversight of the wide variety of cloud services used by organizations—a set of distinct, but related, management and assurance practices that address critical emerging risk domains, including security, privacy and compliance.

White Paper

Explanation of SecurityScorecard's Ratings Data

This white paper provides detail on the active and passive collection methods and signal types that are in use by the SecurityScorecard solution.

SecurityScorecard Report

Analysis of Cyber Risk Exposure for U.S. and European Political Parties Report

How are the political establishments responding to the threat of attack? And, are they prepared to effectively respond to an escalation in cyber activities? FInd out our findings in our report.

Ebook

7 Key Elements to Building a Compliance Program

To remain solvent, companies need to mature their compliance programs to protect themselves from the financial, reputational, and operational risks associated with data breaches. This ebook covers seven key elements of building a compliance program.

SecurityScorecard Report

2019 Payment Card Fraud & the Financial Crime Ecosystem Report

Cybercriminals continue to infiltrate payment card systems to obtain cardholder data. Despite the rigorous compliance requirements set out by the Payment Card Industry Security Standards Council (PCI SSC), merchants and vendors find themselves as prime targets. Download this report to see the most recent findings.

Data Sheet

Global Cyber Security Data Insights

Download this data sheet that outlines our global findings of the cybersecurity of companies in the financial industry, and see which region's results we deem to be concerning.

Webinar

The 2019 Forrester Consulting Total Economic Impact™ Of SecurityScorecard Webinar

Watch this webinar with Forrester Consulting to learn about the Total Economic Impact™ (TEI) of SecurityScorecard study and walk through some of the findings.

Analyst Report

The 2019 Forrester Consulting Total Economic Impact™ of SecurityScorecard Report

SecurityScorecard commissioned Forrester to conduct a Total Economic Impact™ (TEI) study and examine the potential return on investment (ROI) enterprises may realize by deploying SecurityScorecard’s Security Ratings Platform

Data Sheet

Atlas Overview

Download this data sheet to see how Atlas cuts the due diligence exchange process in half and augments team capacity by up to 66%.

Webinar

Measuring Cybersecurity through Behavioral Analytics - an Outside-In Approach

This webinar explains the state of cybersecurity in the modern world, and what best practices are for measuring it - differently. It discusses the importance of behavioral analytics, and how to make use of an “outside-in approach” when measuring cybersecurity.

SecurityScorecard Report

2019 Healthcare Cybersecurity Report

SecurityScorecard looked at over 26,000 healthcare companies in 2018-2019. Some struggles continue within the healthcare industry as companies fail to protect patient and organizational data.

Case Study

Case Study: Axcient

Learn how Axcient uses our cyber security ratings to review performance, ensure continuous monitoring and ongoing compliance. Read the case study.

SecurityScorecard Report

Cybersecurity Impact Analysis of US Government Shutdown

SecurityScorecard developed this report to outline observable changes within the external security postures of US federal government entities during the period throughout the US Government Shutdown of 2018 - 2019.

SecurityScorecard Report

2018 Education Cybersecurity Report

In 2018, SecurityScorecard analyzed 2,393 companies with a footprint of 100 IP addresses or more in the education industry. We found the following:

Video

SecurityScorecard Named a Leader in The Forrester New Wave

We started this journey together in 2013. Since then, we have helped hundreds of companies improve the cybersecurity capabilities of their ecosystem. Today, we were named as a Leader in The Forrester New Wave™: Cybersecurity Risk Rating Solutions, Q4 2018 report.

Analyst Report

The Forrester New Wave™: 2018 Cybersecurity Risk Rating Solutions

SecurityScorecard Stands Out for its Core Cyber-Risk Rating Capabilities: Data Collection, Rating Efficacy & Transparency, Vendor Review & Collaboration

Video

SecurityScorecard Vendor Risk Management Video

In this short video, I’ll provide a quick demo of how to use the SecurityScorecard security ratings platform to gain an outside-in hacker view of vendor security, and quickly assess and manage risk in your third-party ecosystem

Video

Score Planner Feature Introduction

Your organization probably has security vulnerabilities it may need to fix, but you struggle to identify which vulnerabilities to prioritize. Additionally, you’ve been told your organization needs to maintain a certain security score within SecurityScorecard to meet your customer’s requirements. All this leads to the question, “How do I get there?”

Video

Event Log Feature Introduction

With SecurityScorecard’s new Issue Level Event Log, we are increasing transparency associated with score changes and enabling you to quickly pinpoint the specific issues that impacted your score.

SecurityScorecard Report

2018 Retail Cybersecurity Report

SecurityScorecard analyzed 1444 domains in the retail industry over a recent six month period. The results display that although hackers have become increasingly clever with stealing credit card data, the retail industry is no better prepared to deal with the threat.

Data Sheet

Next-Gen Cyber Security Scoring Data Sheet

Get a transparent view of cyber security risk

Data Sheet

Score Planner Data Sheet

Take control of your security rating and easily boost your score

White Paper

Next-Gen Scoring: A New Standard in Fair and Transparent Cybersecurity Ratings

​Security ratings can provide insights enabling better security when the companies creating the scores explain the algorithms so that businesses can understand how to use them meaningfully.

Webinar

Take Control of Your Rating and Easily Boost Your Score with Score Planner

Transparent understanding of what issues to prioritize in order to improve your score is now a key component of the SecurityScorecard Platform!

SecurityScorecard Report

Top 15 Chief Information Security Officers 2018

SecurityScorecard looked into the top 15 CISOs and the programs that have pushed their organizations forward in terms of cybersecurity; We ran an analysis looking at the security ratings of organizations over a six month period and identified which organizations improved those scores the most; whether overall or within a specific risk area.

White Paper

New Phorpiex/Trik Variant Poses Threat Through Remote Access

The newest Phorpiex/Trik variant has the ability to infect machines with ransomware by targeting desktops, laptops, and other endpoints running server-side remote access applications. With increasing numbers of companies offering remote-work options to their employees, many corporate endpoints may be running these applications.

White Paper

Insights into the Auditor’s Perspective

Internal audits lives at the intersection of cybersecurity and best practices while external audit protects organizations from regulatory penalties.

White Paper

The Legality of SecurityScorecard Data Collection

​SecurityScorecard delivers security ratings that empower enterprises to instantly and accurately monitor, assess and understand their own cybersecurity posture as well as the cyberhealth of all vendors and business partners in their ecosystems.

White Paper

Continuous Assurance Using Data Threat Modeling

ISACA & SecurityScorecard teamed up to write about continuous assurance using data threat modeling.

Case Study

Case Study: Cadence Bank

Find out how SecurityScorecard helps Cadence Bank perform thorough security vendor risk assessments, and improves accountability. Learn more.

White Paper

The Business Case for Investing in a Security Ratings Platform

Many cyber breaches occur as a result of third-party vendor relationships and these types of attacks are on the rise. The cost factors associated with a breach can include data loss, operational downtime, incident recovery, shareholder and customer lawsuits, regulatory fines and reputational damage.

White Paper

What Financial Institutions Need To Know About Cybersecurity and Audit Controls

Industry reports draw attention to consistent financial audit outcomes from year to year. Learn what you need to know about cybersecurity and audit controls within financial industries.

White Paper

Cyber Insurance & Security Ratings

This whitepaper provides detail on how cyber insurance providers can use security ratings to assess cyber risk as part of issuing cyber liability insurance policies.

Webinar

Forrester Webinar: Security Ratings Set the Standard

Listen to Heidi Shey, Forrester Senior Analyst - Security and Risk, as she discusses Forrester’s recently released study, “Security Ratings Set the Standard.” Watch the webinar.

Analyst Report

The Expanding Role of Security Ratings

In its Top Recommendations For Your Security Program, 2018 report, Forrester Research reports that “New cyber risk ratings and increased senior executive scrutiny require you to prove your security practices are solid. Often, this means tightening your practices with third parties or suffering their fate if they fail.”

Analyst Report

Security Ratings Set the Standard

In this Forrester report, commissioned by SecurityScorecard, Forrester found that, “Enterprises need robust platforms that can score and rate ecosystem risk to provide visibility into risks and help organizations improve their security posture more effectively.”

Case Study

Case Study: Gunderson Dettmer

Learn how SecurityScorecard helped Gunderson Dettmer enhance their cyber security posture and maintain client confidence. Read the case study.

SecurityScorecard Report

2018 Government Cybersecurity Report

Government agencies must leverage cybersecurity best practice tools and technologies and tailor risk mitigation strategies to address the unique requirements of election security and integrity.

White Paper

Understanding Cybersecurity Ratings

Security ratings grade your organization on how well it protects information. In a digital world, the importance of data and your company’s protection of that data parallels your income and protection of financial assets.

No waiting, 100% Free

Get your personalized scorecard today

Get your free scorecard and learn how you stack up across 10 risk categories. Answer a few simple questions and we'll instantly send your score to your business email.

Get Your Free Score

Get In Touch

Thank you for contacting us!