Cybersecurity white papers, data sheets, webinars, videos and more

Blog

In-Depth Review: How SecurityScorecard Stacks Up Against UpGuard in 2024

In the dynamic world of cybersecurity, choosing the right platform can be pivotal for an organization’s digital safety. As we delve into 2024, two major players, SecurityScorecard and UpGuard, continue to make waves. This in-depth review compares these two companies and highlights how SecurityScorecard’s offerings often outshine those of… Read More

Security Ratings

Press

2024年 サイバーセキュリティに関する予測を発表

Learn more in this resource.

Japanese

Blog

Applying the Churchill Knowledge Audit to Cybersecurity: The Importance of Security Ratings

As a CISO, I am frequently pitched by companies promising to transform or revolutionize my job. I shrug off most pitches because they don’t add any value to what I’m doing. But every once in a while, an organization comes along that offers something new.

Executive Viewpoint

Webinars

The New Normal for CISOs, Security Ratings, and Cyber Warfare

Learn more in this resource.

メディア掲載

サイバーセキュリティ総研: セキュリティVSハッカー　AIによる攻防激化と大規模な情報流出が懸念

セキュリティ企業のSecurityScorecardは、2024年のサイバーセキュリティに関する予測を発表した。

Japanese

Webinars

Navigating the Evolving Supply Chain Threat Landscape

Learn more in this resource.

Research

Cyber Threat Intelligence Update: New Claims of Attacks Against Israeli SCADA Systems

Executive Summary SecurityScorecard’s ongoing collections from hacktivist channels involved in cyber activity provoked by the conflict in Gaza highlight the international scope of the conflict, with hacktivist groups in Indonesia and Malaysia claiming attacks against organizations in Israel and allied states. As in the other channels SecurityScorecard analyzed… Read More

Research

Cyber Risk Intelligence: SecurityScorecard Analysis of Traffic Involving Storm-0558 IoCs

Executive Summary On July 11th, 2023, Microsoft disclosed that a threat actor had obtained a Microsoft private encryption key that allowed attackers to generate tokens enabling access to customers’ Exchange Online and Outlook[.]com accounts. Subsequent research found that the compromised key could have granted access to a wider… Read More

Blog

Optimizing Incident Response with Advanced Threat Intelligence

Here’s how modern threat intelligence tools can refine and improve an organization’s incident response strategies.

Cyber Threat Intelligence

Tech Center

メディア掲載

日経XTECH: 「AI版GitHub」に「生成AI評価ツール」、活用支える技術基盤で新興勢に存在感

生成AI（人工知能）を支える技術基盤でスタートアップ勢の存在感が増している。オープンソースのAIモデルやデータを共有するプラットフォーム、既に数十万種類あるといわれるAIモデルから最適なものを選ぶ評価ツール──。こうした「縁の下の力持ち」の存在も、AI活用には欠かせない。様々な基盤を手掛ける6社の実力を見ていこう。

Japanese

メディア掲載

EnterpriseZine: 2024年はサイバー攻撃者のAI活用でゼロデイ脆弱性増加か

SecurityScorecardは、「2024年 サイバーセキュリティに関する予測」を発表した。

Japanese

Ebook

C-Suite Liability and Cybersecurity: Strategies for Navigating a New Era of Enforcement

The role of the CISO was already a stressful one, with significant retention issues and burnout risk. In short, the personal and professional stakes for CISOs just got higher. A recent survey reveals that 62% of CISOs are concerned about being held personally\r\nliable for cyberattacks that occur on their watch.\r\n \r\nIn the following pages, we’ll explore strategies that CISOs and other C-Suite executives can use to boost their organizations’ cyber resilience while also protecting themselves from legal fallout.

Research

Japan’s Nikkei 225 Index: The State of Cybersecurity in Japan

This research presents an analysis of the cybersecurity landscape of the Nikkei 225 index. Companies were ranked based on various factors, such as network security, potential malware exploits, and patching cadence.

Cyber Threat Intelligence

Security Ratings

メディア掲載

TECH＋: サプライチェーンに対するサイバー攻撃の現状と対策

近年、サプライチェーンの脆弱性を突いたサイバー攻撃が増えている。これについては、世界中の政府が危機感を持っており、例えば、バイデン政権は国家サイバーセキュリティ戦略（National Cybersecurity Strategy）を発表した。本稿では、サプライチェーンに対するサイバー攻撃の現状と対策について説明する。

Japanese

メディア掲載

日本経済新聞: 国内大企業のサイバー防衛、4割弱にリスク

企業のサイバー防衛力の評価ツールを手掛ける米セキュリティ・スコアカード（SSC）日本法人は、日経平均を構成する225社のうち大手業種の企業に対する調査結果をまとめた。

Japanese

メディア掲載

EnterpriseZine: 日経225の製造業と重要インフラに最低評価

SecurityScorecardは、日経225企業の業種別サイバーリスクレーティング調査に関する説明会を開催した。

Japanese

Blog

2025 Guide to Completing a Vendor Risk Management Questionnaire

Vendor risk management is increasingly crucial in 2025 as enterprises integrate more cloud-based solutions into their IT ecosystems. With this shift comes greater compliance risks, making the verification of vendors’ security controls and regular security audits essential. Understanding and managing these risks effectively requires ongoing communication with… Read More

Tech Center

Press

SecurityScorecard Threat Intelligence Reveals 90% of Energy Companies Experienced a Third-Party Breach

New research from SecurityScorecard reveals 90% of the world’s leading energy companies experienced a third-party data breach in the past 12 months.

Research

Cyber Risk Intelligence: Idaho National Laboratory Data Breach

On November 20, a spokesperson for Idaho National Laboratory (INL) confirmed that it had suffered a data breach. The confirmation followed the SiegedSec threat actor group’s circulation of claims that it had “accessed hundreds of thousands of user, employee and citizen data” on social media and hacking forums.

Public Sector

Research

Energy Sector Cybersecurity Report: Navigating Third-Party Cyber Risk

SecurityScorecard threat researchers have identified that 90% of the world’s largest energy companies experienced a third party breach in the past 12 months. Fueling the global economy and daily life, reliance on the energy sector elevates it as a prime target for cyberattacks.

Cyber Threat Intelligence

Press

SecurityScorecard Recognized as One to Watch in Snowflake’s Inaugural Cybersecurity Report

SecurityScorecard has been recognized as one to watch in the Data Enrichment category in Snowflake’s inaugural cybersecurity report.