Resources

Cybersecurity white papers, data sheets, webinars, videos and more

Resource Library

Canadian Centre for Cyber Security and SecurityScorecard Establish Partnership to Strengthen Cyber Resilience and Secure Critical Infrastructure

Press

Canadian Centre for Cyber Security and SecurityScorecard Establish Partnership to Strengthen Cyber Resilience and Secure Critical Infrastructure
Cyber Centre pioneers real-time visibility of national critical infrastructure using nationwide implementation of security ratings, credit scores of the digital world.
North Korean State-Sponsored Cyber Attack: Unveiling the Intricacies of Threat Actor Group Andariel

Research

North Korean State-Sponsored Cyber Attack: Unveiling the Intricacies of Threat Actor Group Andariel
This SecurityScorecard threat research sheds light on a significant cyber attack attributed to North Koreans tate-sponsored actors known as Andariel, emphasizing the critical role that South Korea plays both as a target and a source of infrastructure for these threat actors.
Cyber Threat Intelligence
Vendor Risk Management vs Third Party Risk Management vs Enterprise Risk Management: What’s the Difference?

Blog

Vendor Risk Management vs Third Party Risk Management vs Enterprise Risk Management: What’s the Difference?
Third-Party, Vendor, and Enterprise Risk Management are often used interchangeably, but they are not always the same. Learn which is right for your business.
Tech Center
SecurityScorecard and Industry Leaders Deliver Industry-Specific Security Ratings for Telecommunications, Internet Service Providers, and Cloud Providers

Press

SecurityScorecard and Industry Leaders Deliver Industry-Specific Security Ratings for Telecommunications, Internet Service Providers, and Cloud Providers
SecurityScorecard today announced the industry’s first security ratings developed exclusively for telecommunications, internet service providers, and cloud providers. Through close collaboration with industry leaders, SecurityScorecard sets a new standard for cybersecurity across these critical sectors.
Security Ratings
7 Incident Response Metrics and How to Use Them

Blog

7 Incident Response Metrics and How to Use Them
A robust incident response plan provides quantitative data. Check out these seven incident response metrics and how to use them.
Tech Center
業界大手企業と共同で通信事業者、インターネットサービスプロバイダー、クラウドプロバイダー向けの業種別セキュリティレーティングを提供

Press

業界大手企業と共同で通信事業者、インターネットサービスプロバイダー、クラウドプロバイダー向けの業種別セキュリティレーティングを提供
Learn more in this resource.
Japanese
SecurityScorecard 10 Risk Factors Explained

Blog

SecurityScorecard 10 Risk Factors Explained
Trust begins with transparency. Check out SecurityScorecard’s ten risk factors, which are explained in an easy-to-understand manner that enables business and IT leaders to create meaningful conversations around cybersecurity risk and compliance.
Tech Center
Introducing Security Ratings for Telecommunications, Internet Service Providers, and Cloud Providers: Collaborating on enhancements with industry leaders

Blog

Introducing Security Ratings for Telecommunications, Internet Service Providers, and Cloud Providers: Collaborating on enhancements with industry leaders
Telecommunications, Internet Service Providers, and Cloud Providers are some of the most critical sectors on the planet. But they are also prime targets for nation-state attacks and other threat actor groups. And their reliance on vast networks of third-party vendors, partners, and service providers creates a need for a comprehensive cybersecurity approach tailored specifically to the sector.
Security Ratings
Security Ratings: A New Horizon

White Papers

Security Ratings: A New Horizon
Unveiling a new Security Ratings methodology for Telecommunications, Internet Service Providers, and Cloud Providers
Attack Surface Management
Cyber Threat Intelligence
Enterprise Cyber Risk
SecurityScorecard Reinforces Commitment to Free Security Ratings for All Organizations

Press

SecurityScorecard Reinforces Commitment to Free Security Ratings for All Organizations
SecurityScorecard today unveiled new capabilities to strengthen cybersecurity trust and transparency across the digital ecosystem. Building on a decade-long commitment to providing free security ratings for all organizations, SecurityScorecard innovations advance the industry’s most transparent, trusted, and accurate security ratings.
Security Ratings
8 Types of Vendor Risks That Are Important to Monitor in 2025

Blog

8 Types of Vendor Risks That Are Important to Monitor in 2025
Discover how to manage vendor risk by understanding and monitoring various threats, ensuring your business stays secure from third-party vulnerabilities.
Tech Center
The Increase in Ransomware Attacks on Local Governments

Research

The Increase in Ransomware Attacks on Local Governments
What makes organizations in the public sector vulnerable to ransomware?
Public Sector
STRIKE Team
Third-Party Data Breaches in the Energy Sector

Research

Third-Party Data Breaches in the Energy Sector
Learn more in this resource.
School District Attack Illustrates Ongoing Threat of Ransomware to Public Education

Research

School District Attack Illustrates Ongoing Threat of Ransomware to Public Education
Interested in reading the report later? Download it. Download Now Executive Summary After a large U.S. school district recently announced that it had suffered a ransomware attack, SecurityScorecard consulted in-house data and strategic partnership sources to enrich the public reporting on the incident. Many of… Read More
Public Sector
A detailed analysis of the Menorah malware used by APT34

Research

A detailed analysis of the Menorah malware used by APT34
Executive summary Menorah malware was used by the APT34 group, which targeted organizations in the Middle East and was discovered by Trend Micro in August this year. The malware creates a mutex to ensure that only one copy is running at a single time. It extracts the hostname and… Read More
Cyber Risk Intelligence Update: Hacktivist Involvement in Israel-Hamas War Reflects Possible Shift in Threat Actor Focus

Research

Cyber Risk Intelligence Update: Hacktivist Involvement in Israel-Hamas War Reflects Possible Shift in Threat Actor Focus
The SecurityScorecard Threat Research, Intelligence, Knowledge, and Engagement (STRIKE) Team has continued its monitoring of threat actors involved in the war between Israel and Hamas and has integrated this monitoring into its ongoing deep and dark web (DDW) collections. Key takeaways Analysis of these collections appears, as of… Read More
A Deep Dive Into ALPHV/BlackCat Ransomware

Research

A Deep Dive Into ALPHV/BlackCat Ransomware
Executive summary ALPHV/BlackCat is the first widely known ransomware written in Rust. The malware must run with an access token consisting of a 32-byte value (–access-token parameter), and other parameters can be specified. The ransomware comes with an encrypted configuration that contains a list of services/processes to be stopped,… Read More
STRIKE Team
Brute Force Attempts May Have Preceded Ransomware Attack on School District

Research

Brute Force Attempts May Have Preceded Ransomware Attack on School District
Executive Summary: Vice Society Ransomware Group Attack Following reports that an attack by the Vice Society ransomware group was responsible for disrupting a US school district’s operations, SecurityScorecard researchers reviewed available data from internal sources and strategic partnerships. SecurityScorecard’s platform revealed that the school district suffered from issues that our… Read More
Public Sector
STRIKE Team
What Is Cybersecurity Risk and How Do You Manage It in 2025?

Blog

What Is Cybersecurity Risk and How Do You Manage It in 2025?
Explore what cybersecurity risk means in 2025 and how organizations can effectively assess, mitigate, and monitor cyber threats across their digital and third-party ecosystems
Tech Center
2025 Third-Party Vendor Risk Management in the Financial Industry

Blog

2025 Third-Party Vendor Risk Management in the Financial Industry
With an established third-party risk management program, financial organizations are better able to identify and address vendor cyber risk. Learn more.
Tech Center
What is Cyber Attack Insurance? Best Practices for Protection

Blog

What is Cyber Attack Insurance? Best Practices for Protection
Cyber attack insurance is increasingly essential to protect your organization from cyber threats and their consequences. Learn more.
Cyber Insurance
Executive Viewpoint
Tech Center