Resources
Cybersecurity white papers, data sheets, webinars, videos and more
Resource Library
Webinars
The CEO’s Take: Bridging the Cybersecurity Divide To Address Cyber Risk
Learn more in this resource.
Data Sheet
Simplify and Automate NIS2 TPRM Requirements with SecurityScorecard
This extended data sheet guides you through NIS2’s TPRM requirements and how you can use SecurityScorecard to comply. Learn more.
Data Sheet
Simplify and Automate DORA TPRM Requirements with SecurityScorecard
This extended data sheet guides you through DORA’s TPRM requirements and how you can use SecurityScorecard to comply. Learn more.
Research
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign
During STRIKE’s investigation of Operation 99, our team identified multiple command-and-control (C2)\r\nservers active since September 2024.
STRIKE Team
Blog
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign
In December 2024, a routine software update concealed a global threat. Attackers from the Lazarus Group, based in North Korea, infiltrated trusted development tools, compromising hundreds of victims worldwide. This sophisticated campaign, code-named “Phantom Circuit,” targeted cryptocurrency and technology developers, employing advanced obfuscation techniques through proxy servers in Hasan, Russia.
STRIKE Team
Webinars
Building a High-Performing Supply Chain Incident Response Team
Supply chain security is no longer an afterthought. With increasing threats and the potential for devastating consequences, organizations must proactively address supply chain risks. In this webinar, we will discuss how a well-structured supply chain incident response team can address these challenges and mitigate risks.
Threat-Informed TPRM
メディア掲載
MONOist: 製造業のサプライチェーンセキュリティ対策に欠かせない「TPRM」とは?
Learn more in this resource.
Japanese
事例
日東工業株式会社 様
株式会社ネットワークバリューコンポネンツによる導入事例
Japanese
Webinars
The CISO’s Take: Securing the Future of Financial Services & More
Learn more in this resource.
Press
SecurityScorecard Report: 58% of Breaches Impacting Leading U.S. Federal Contractors Caused by Third-Party Attack Vectors
Report highlights the urgent need for federal contractors to address third-party risks as cybersecurity gaps threaten national security
Blog
5 Reasons to Integrate Continuous Monitoring into Your TPRM Program
Learn 5 reasons your organization should integrate continuous monitoring into their third-party risk management program. Read SecurityScorecard’s blog
Research
Security Assessment of the Top 100 U.S. Gov’t Contractors
Federal contractors are critical to the U.S. Government’s (USG) supply chain, yet their cybersecurity postures reveal significant weaknesses. This report evaluates the SecurityScorecard ratings and publicly available breach histories of the top 100 federal contractors for FY2023, highlighting problems and patterns that pose substantial third-party cyber risks to the USG. A breach at one of these contractors could expose USG data, compromise infrastructure, or disrupt essential products
Blog
What is the Threat Landscape?
Discover the current threat landscape and learn how to identify, assess, and mitigate evolving cyber risks to protect your organization from potential attacks.
Blog
What Is an Attack Vector? 20 Common Ways Hackers Break In and How to Prevent Them
Learn the 20 most common attack vectors hackers use to breach organizations and the best prevention strategies cybersecurity teams can adopt today.
Attack Surface Management
Tech Center
Blog
Operation 99: North Korea’s Cyber Assault on Software Developers
On January 9, the SecurityScorecard STRIKE team uncovered Operation 99, a cyberattack by the Lazarus Group, North Korea’s state-sponsored hacking unit.
STRIKE Team
Blog
How Security Ratings Help Build Strong Business Relationships
See how security ratings allow you to strengthen business relationships by giving you the information you need to enable stronger business outcomes. Learn more about security ratings for business.
Blog
Securing Patient Data: A Guide to Managed Services for Supply Chain Detection and Response in Healthcare
Patient data is among the most sensitive and valuable information in the healthcare industry. A single breach can have devastating consequences. Learn how a managed service for SCDR can help.
Threat-Informed TPRM
Blog
Securing Your Financial Ecosystem: A Guide to TPRM Managed Services
Learn more about the critical role of Managed Services for Third-Party Risk Management (TPRM) for your financial institution.
Threat-Informed TPRM
メディア掲載
MONOist: サイバーリスク管理が進まない! 製造業サプライチェーンの深刻な現実
Learn more in this resource.
Japanese
Blog
Day in the Life of a CISO: A Vendor Breach: Assessing Our Exposure
Day in the Life of a CISO: A Vendor Breach: Assessing Our Exposure
Webinars
Cyber Santa: 2024’s Naughty List
Learn more in this resource.