Cybersecurity white papers, data sheets, webinars, videos and more

May 11, 2026

A Roadmap to Modern TPRM

Understanding the 4 Stages, the Gaps, and TPRM Priorities for Various Stakeholders Traditional Third-Party Risk Management (TPRM) programs, relying on static data and annual assessments, are failing to secure supply chains, exposing organizations to the 35%+ of breaches originating from third parties. This eBook provides a roadmap to understanding the… Read More

May 27, 2025

Securing the Supply Chain: Building Cyber Resilience in the Modern Era

In this guide, we’ll walk you through the process of building out your organization’s supply chain incident response capabilities with SCDR to enhance its supply chain cyber resilience.

Supply Chain Cyber Risk

Third-Party Risk Management

Threat-Informed TPRM

May 2, 2025

The Definitive Guide to Building a Supply Chain Incident Response Team

This eBook provides a step-by-step guide to building a dedicated supply chain incident response team capable of effectively mitigating and responding to evolving supply chain cybersecurity threats.

Supply Chain Cyber Risk

Third-Party Risk Management

Threat-Informed TPRM

November 25, 2024

Buyer’s Guide: Supply Chain Detection and Response for Financial Services

Supply Chain Detection and Response (SCDR) has emerged as a category of solutions for operationalizing the cybersecurity of financial services organizations’ vendors and partners. This guide helps you make a more informed decision about evaluating the purchase of an SCDR solution.

Financial Services

Third-Party Risk Management

Threat-Informed TPRM

November 25, 2024

Buyer’s Guide: Supply Chain Detection and Response for Healthcare

Supply Chain Detection and Response (SCDR) has emerged as a category of solutions for operationalizing the cybersecurity of healthcare organizations’ vendors and partners. This guide helps you make a more informed decision about evaluating the purchase of an SCDR solution.

Healthcare

Third-Party Risk Management

Threat-Informed TPRM

November 22, 2024

Buyer’s Guide: Supply Chain Detection and Response

Supply Chain Detection and Response (SCDR) has emerged as a category of solutions for operationalizing the cybersecurity of your organization’s vendors or partners. This guide helps you make a more informed decision about evaluating the purchase of an SCDR solution.

Third-Party Risk Management

Threat-Informed TPRM

October 8, 2024

Managed Services for Supply Chain Detection and Response Buyer’s Guide

The time for action is now. A managed service for supply chain detection and response is the solution to identify and mitigate growing threats proactively.

Supply Chain Cyber Risk

Third-Party Risk Management

Threat-Informed TPRM

October 8, 2024

Managed Services for Supply Chain Detection and Response Buyer’s Guide

The time for action is now. A managed service for supply chain detection and response is the solution to identify and mitigate growing threats proactively.

Supply Chain Cyber Risk

Third-Party Risk Management

Threat-Informed TPRM

June 26, 2024

Why the FAIR Model Can Be So Unfair

Explore the benefits and limitations of the Factor Analysis of Information Risk (FAIR) model and what the future holds for cyber risk management.

January 12, 2024

Evolve from Risk Management to Risk Intelligence

Proven Strategies to Drive a Risk Intelligence Program in Your Organization

December 14, 2023

C-Suite Liability and Cybersecurity: Strategies for Navigating a New Era of Enforcement

The role of the CISO was already a stressful one, with significant retention issues and burnout risk. In short, the personal and professional stakes for CISOs just got higher. A recent survey reveals that 62% of CISOs are concerned about being held personally\r\nliable for cyberattacks that occur on their watch.\r\n \r\nIn the following pages, we’ll explore strategies that CISOs and other C-Suite executives can use to boost their organizations’ cyber resilience while also protecting themselves from legal fallout.

September 11, 2023

5 Steps You Can Take To Boost Your Boards Involvement And Stay Compliant

PoshC2 is an open-source C2 framework used by penetration testers and threat actors. It can\r\ngenerate a Powershell-based implant, a C#.NET implant that we analyze in this paper, and a\r\nPython3 implant. The malware retrieves the current Windows user, the network domain name\r\nassociated with the current user, the computer name, the processor architecture, the current\r\nprocess name and id, and the path of the Windows directory. The network communication is\r\nencrypted using the AES algorithm with a hard-coded key that can be changed by the C2\r\nserver. The C# implant can load and execute modules in memory without touching the disk by\r\nusing multiple commands. It can perform post-exploitation activities by loading tools such as\r\nSharpHound, Rubeus, SharpView, and Seatbelt.

September 6, 2023

DORA: A Journey To Cyber Resilience

In January 2023, a pivotal regulation took center stage for the European Union (EU) financial services sector. The Digital Operational Resilience Act (DORA) emerged as a requirement, ushering in a new era of cybersecurity.

DORA

August 30, 2023

5 Tips To Know You Are Using Data You Can Trust

Organizations need to trust their data and be confident that their customers, clients, and vendors can trust it as well. This means knowing that it’s accurate, reliable, and secure. How can this be accomplished?

August 30, 2023

4 Factors To Consider When Evaluating A Cybersecurity Partner

How should you evaluate a partner you work with? This guide can help you make informed choices about business partners.

March 10, 2023

5 Steps to Avoid Cyber Incident

According to a recent Gartner report, by 2025, a lack of talent or human failure will be responsible for over half of significant cyber incidents. And with the average cost of a data breach now at $4.35 million, it’s time for organizations to take proactive measures to protect themselves against cyber threats. This ebook was written with experts from SecurityScorecard’s Digital Forensics and Incident Response team, who have decades of experience working with companies to respond to cyber incidents. Here, these experts provide practical guidance for protecting your organization against cyber threats and mitigating their associated risks for CEOs and CISOs.

Cyber Insurance

February 19, 2023

Boards are from Mars, CISOs are from Venus

Learn more in this resource.

October 20, 2022

Compliance Officer Action Plan

The plan to creating an innovative security program as a Compliance Officer. How can highly regulated companies stay innovative in their security and risk programs if they need to invest significant energy toward the deluge of audits, regulator exams and control assessments?

October 20, 2022

CISO Action Plan

A challenge exists in modern organizations: to improve the quality and effectiveness of formal and informal communications between the Chief Information Security Officer (CISO) and other senior executives, including the C-suite and board members. This ebook presents action plans to help CISOs and senior executives find common ground.

September 7, 2022

5 Ways To Secure Your Organization In Turbulent Times

Learn more in this resource.

March 28, 2022

サードパーティ リスク マネジメント プログラム 構築完全ガイド

Learn more in this resource.