Resources

Cybersecurity white papers, data sheets, webinars, videos and more

Resource Library

SOX Compliance Checklist: What Security Teams Need to Know in 2025

Blog

SOX Compliance Checklist: What Security Teams Need to Know in 2025
Explore our 2025 SOX compliance checklist for cybersecurity leaders. Learn key requirements, reporting timelines, and how to secure third-party risk.
Enterprise Cyber Risk
GRC
Third-Party Risk Management
Secure More, Pay Less: Up to 25% Off Cyber Insurance Premiums with SecurityScorecard

Resources

Secure More, Pay Less: Up to 25% Off Cyber Insurance Premiums with SecurityScorecard
Strengthen Your Security, Lower Your Costs: Save Up to 25% on Cyber Insurance with SecurityScorecard
How Much Do Healthcare Data Breaches Really Cost?

Blog

How Much Do Healthcare Data Breaches Really Cost?
Learn from the most devastating healthcare data breaches in U.S. history—and how to protect your organization’s PHI, PII, and patient trust.
Cyber Threat Intelligence
Enterprise Cyber Risk
Third-Party Risk Management
Navigating Systemic Risks: Strengthening Third-Party & Supply Chain Resilience

Webinars

Navigating Systemic Risks: Strengthening Third-Party & Supply Chain Resilience
Learn more in this resource.
Cybersecurity Laws in the UK: What Businesses Need to Know in 2025

Blog

Cybersecurity Laws in the UK: What Businesses Need to Know in 2025
Understand how evolving UK regulations shape your cyber strategy—and how to stay compliant and resilient across your digital ecosystem.
Compliance
Cybersecurity
Enterprise Cyber Risk
CISOs: The Perfect SCORE With Your Board

Blog

CISOs: The Perfect SCORE With Your Board
Boards don’t operate in threat models and tech stacks. They operate in risk, revenue, and accountability. And if you want their support, you need to meet them there. SecurityScorecard created the SCORE framework to help CISOs turn cybersecurity into a board-level conversation that gets results.
Executive Viewpoint
SIM Card Hacking: What It Is, How It Works, and How to Protect Yourself

Blog

SIM Card Hacking: What It Is, How It Works, and How to Protect Yourself
SIM cards might seem like harmless pieces of plastic, but they’re often a gateway for serious cyber attacks. When hackers take over your mobile number, they can intercept private data, bypass security controls, and even drain your bank account.\r\n
Cyber Threat Intelligence
Enterprise Cyber Risk
Government
EnterpriseZine: 日本企業のアキレス腱、サプライチェーンをどう守る

メディア掲載

EnterpriseZine: 日本企業のアキレス腱、サプライチェーンをどう守る
Learn more in this resource.
Japanese
Scorecarder Spotlight: Noor Al-Baker

Blog

Scorecarder Spotlight: Noor Al-Baker
Our series “Scorecarder Spotlight” showcases our talented employees and the incredible work they do. Meet Noor Al-Baker!
Scorecarder Spotlight
SecurityScorecard Advisory: Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability (CVE-2025-21590) Added to CISA KEV

STRIKE

SecurityScorecard Advisory: Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability (CVE-2025-21590) Added to CISA KEV
SecurityScorecard Advisory: Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability (CVE-2025-21590)
STRIKE Alert
SecurityScorecard In The News Q1 2025

Blog

SecurityScorecard In The News Q1 2025
Catch up on SecurityScorecard press coverage from Q1 2025, including TV interviews, global report-driven media coverage, North America, EMEA, and APAC press mentions, and executive bylines examining third-party breach trends, software supply chain attacks, nation-state cyber activity, and regulatory readiness.
SecurityScorecard Announces Strategic Partnership with Willis

Press

SecurityScorecard Announces Strategic Partnership with Willis
SecurityScorecard announced today a strategic partnership with Willis (a WTW business), a leading global advisory, broking and solutions company. Building on a long-standing relationship, this collaboration aims to enhance cyber risk quantification, improve insurance modeling, and strengthen enterprise security strategies for organizations worldwide.
ITmedia: 北朝鮮の「Lazarus」による世界規模の攻撃 最新調査で「4つの事実」が判明

メディア掲載

ITmedia: 北朝鮮の「Lazarus」による世界規模の攻撃 最新調査で「4つの事実」が判明
Learn more in this resource.
Japanese
北朝鮮による世界規模のデータ窃取攻撃に関する最新調査レポート「Operation Phantom Circuit」を発表

Press

北朝鮮による世界規模のデータ窃取攻撃に関する最新調査レポート「Operation Phantom Circuit」を発表
Learn more in this resource.
Japanese
SecurityScorecard 2025 Global Third-Party Breach Report Reveals Surge in Vendor-Driven Attacks

Press

SecurityScorecard 2025 Global Third-Party Breach Report Reveals Surge in Vendor-Driven Attacks
SecurityScorecard today released the 2025 Global Third-Party Breach Report. Using the world’s largest proprietary risk and threat data set, SecurityScorecard’s STRIKE Threat Intelligence Unit analyzed 1,000 breaches across industries and regions to uncover key attack patterns, measure the impact of third-party security failures and identify the most commonly exploited vendor relationships.
Global Third Party Breach Report

Resources

Global Third Party Breach Report
Global Third Party Breach Report
Simplify and Automate APRA Prudential Standard CPS 230 TPRM Requirements with SecurityScorecard

White Papers

Simplify and Automate APRA Prudential Standard CPS 230 TPRM Requirements with SecurityScorecard
Learn more in this resource.
北朝鮮による世界規模のデータ窃取攻撃

Research Reports

北朝鮮による世界規模のデータ窃取攻撃
Learn more in this resource.
Japanese
What is Supply Chain Detection and Response (SCDR)?

Blog

What is Supply Chain Detection and Response (SCDR)?
Supply Chain Detection and Response (SCDR) is a new cybersecurity framework that identifies, prioritizes, and remediates vulnerabilities across an organization’s vendor ecosystem. Its purpose is preventing supply chain attacks from threat actors and mitigating concentration risk when critical providers experience outages or security failures.
Threat-Informed TPRM
Automating Vendor Risk Management and Assessments

Blog

Automating Vendor Risk Management and Assessments
Automated vendor risk assessments provide visibility into third-party vendors’ cybersecurity and enhance the third-party risk management process. Learn more.
CPE | Cyber Risk Quantification: Measuring and Managing the Unseen Threats

Webinars

CPE | Cyber Risk Quantification: Measuring and Managing the Unseen Threats
Learn more in this resource.