Our Latest Resources
Explore our cybersecurity white papers, data sheets, webinars, videos and more.
-
ResearchInsurance Carriers Face Unprecedented Supply Chain Cyber Threats
February 6, 2025SecurityScorecard's analysis of 150 leading insurance companies exposes a critical weakness: even carriers with robust security are being compromised through their supply chain partners. Our data reveals that threat actors are deliberately exploiting lower-scoring vendors to breach otherwise well-defended insurance organizations.
More Details -
PressSecurityScorecard Report: 59% of Breaches Impacting Insurance Sector Caused by Third-Party Attack Vectors
February 6, 2025Report highlights need to address third-party risks as cybersecurity gaps threaten critical services and policyholder trust.
More Details -
BlogBeyond the Perimeter: Why CISOs Need Supply Chain Detection and Response
February 4, 2025Organizations rely heavily on external vendors and suppliers, creating complex supply chains vital for operations. However, this introduces a new dimension of risk: supply chain attacks. SCDR is a comprehensive security framework that focuses on identifying, assessing, and responding to threats within the supply chain.
More DetailsSCDR, Supply Chain Cyber Risk -
Case StudyVerdane
February 4, 2025How Verdane improved investment decisions and portfolio company cyber support using SecurityScorecard.
More Details -
Data SheetSimplify and Automate DORA TPRM Requirements with SecurityScorecard
January 30, 2025This extended data sheet guides you through DORA's TPRM requirements and how you can use SecurityScorecard to comply. Learn more.
More Details -
Data SheetSimplify and Automate NIS2 TPRM Requirements with SecurityScorecard
January 30, 2025This extended data sheet guides you through NIS2's TPRM requirements and how you can use SecurityScorecard to comply. Learn more.
More Details -
BlogOperation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign
January 29, 2025In December 2024, a routine software update concealed a global threat. Attackers from the Lazarus Group, based in North Korea, infiltrated trusted development tools, compromising hundreds of victims worldwide. This sophisticated campaign, code-named "Phantom Circuit," targeted cryptocurrency and technology developers, employing advanced obfuscation techniques through proxy servers in Hasan, Russia.
More DetailsSTRIKE Team -
Research
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign
January 29, 2025During STRIKE’s investigation of Operation 99, our team identified multiple command-and-control (C2) servers active since September 2024.
More DetailsSTRIKE Team -
WebinarBuilding a High-Performing Supply Chain Incident Response Team
January 28, 2025Supply chain security is no longer an afterthought. With increasing threats and the potential for devastating consequences, organizations must proactively address supply chain risks. In this webinar, we will discuss how a well-structured supply chain incident response team can address these challenges and mitigate risks.
More DetailsSCDR -
Learning CenterThe Top 7 Cyberattacks on U.S. Government: A closer look at the evolving landscape of cybersecurity
January 24, 2025Cyberattacks are an increasingly significant threat to governments worldwide. This blog post examines some of the top cyberattacks on US government.
More DetailsPublic Sector, Tech Center -
Learning Center7 Incident Response Metrics and How to Use Them
January 24, 2025A robust incident response plan provides quantitative data. Check out these seven incident response metrics and how to use them.
More DetailsJeff Aldorisio
Tech Center -
Blog, Learning CenterImplementing Non-Repudiation in Your Security Strategy: Best Practices and Techniques
Explore best practices for implementing non-repudiation in security strategies to ensure transaction authenticity and protect against fraud.
More DetailsTech Center