Resources

Case Study
ADT
June 27, 2025
"SecurityScorecard helps us monitor vendors that are outside of our systems, and it also gives us visibility into our own vulnerabilities. Many vendors are under a continuous monitoring portfolio, and we’ve been able to use the tool during issues like MOVEit and the Log4j vulnerability."
More Details
Research, Research Reports
2025 Supply Chain Cybersecurity Trends: Why Visibility Is the Next Competitive Advantage
Against this backdrop of rising systemic risk, SecurityScorecard set out to assess how enterprises are managing their third-party risk. The responses from nearly 550 CISOs and cybersecurity leaders worldwide reveal a dangerous gap in organizational preparedness.
More Details
Supply Chain Cyber Risk, Third-Party Risk Management
Press
SecurityScorecard Report Reveals 5 in 6 Organizations at Risk Due to Immature Supply Chain Security
June 25, 2025
SecurityScorecard today released its 2025 Supply Chain Cybersecurity Trends Survey, revealing that 88% of cybersecurity leaders are concerned about supply chain cyber risks.
More Details
Learning Center
What is the Difference Between IT Risk Management and Cybersecurity?
June 25, 2025
Explore how IT risk management and cybersecurity differ—and where they overlap. Learn how to align both for a stronger, more resilient organization.
More Details
Learning Center
Building a Vendor Risk Management Program: Strategies for Success
June 24, 2025
Learn how to build a vendor risk management (VRM) program that aligns with modern cyber threats. Discover essential steps, tools, and continuous monitoring strategies for supply chain protection.
More Details
Learning Center
Understanding Third-Party Risk: Identifying and Mitigating External Threats
June 23, 2025
Learn how to identify, assess, and mitigate third-party cybersecurity risks. Discover the most common vulnerabilities, threat actor behavior, and how to monitor threats in 2025.
More Details
Blog, Learning Center, STRIKE
Unmasking A New China-Linked Covert ORB Network: Inside the LapDogs Campaign
June 23, 2025
SecurityScorecard’s STRIKE team uncovered a new China-Nexus ORB Network targeting the United States and Southeast Asia. Read the report to gain an in-depth look at the LapDogs ORB network, its custom malware, and its role in cyberespionage.
More Details
STRIKE Team
Learning Center
What Is FIPS 140-3 and Why Does It Matter for Security Compliance?
June 23, 2025
Learn what FIPS 140-3 certification entails, why it’s critical for federal and industry cybersecurity compliance, and how to ensure your cryptographic modules meet the standard.
More Details
Learning Center
What Does the Gramm-Leach-Bliley Act (GLBA) Require?
June 20, 2025
Learn the core requirements of the Gramm-Leach-Bliley Act (GLBA), including the Safeguards Rule, privacy notices, and cybersecurity responsibilities for financial institutions.
More Details
Learning Center
Sender Policy Framework (SPF): How It Stops Email Spoofing
June 20, 2025
Learn how SPF works to prevent email spoofing, how to configure SPF records, and why it’s critical for securing your domain from phishing campaigns.
More Details
Learning Center
What’s the Difference Between Authenticity and Non-Repudiation in Cybersecurity?
June 19, 2025
Understand the difference between authenticity and non-repudiation in cybersecurity, and how both play key roles in identity verification, encryption, and data integrity.
More Details
Learning Center
What Are Best Practices for Data Security for Sensitive Data?
June 19, 2025
Learn best practices to secure sensitive data, including encryption, access control, and continuous monitoring. Discover how organizations reduce breach risks while staying compliant.
More Details