Resources
Cybersecurity white papers, data sheets, webinars, videos and more
Resource Library
Research
Close Encounters in the Public Sector
SecurityScorecard and the Cyentia Institute recently teamed up to analyze data collected on over 230,000 organizations for clues about the underlying conditions exacerbating third- and fourth-party risk. We measured the extent of digital supply chains, investigated the prevalence of security incidents among third- and fourth-party vendors, and explored the effects of that exposure to gain insights on better managing risk.\r\n\r\nThis document summarizes key findings from that research using a subset of the data focusing on 7,347 public sector organizations.
Public Sector
Research
Close Encounters in the Finance Sector
It’s often said that cyber defenses are only as strong as\r\nthe weakest link, which applies equally to individual\r\norganizations and their supply chains. Headlines of\r\nbreaches stemming from third (and fourth) parties\r\nroutinely testify to the truth behind the adage. As a result,\r\nmost finance firms know the risks imposed by these\r\n“close encounters” with third and fourth parties. But what\r\ncan be done about those risks?\r\nSecurityScorecard and the Cyentia Institute recently\r\nteamed up to analyze data collected on over 230,000\r\norganizations for clues about the underlying conditions\r\nexacerbating third- and fourth-party risk. We measured\r\nthe extent of digital supply chains, investigated the\r\nprevalence of security incidents among third- and fourthparty vendors, and explored the effects of that exposure\r\nto gain insights on better managing risk.
Research
A Deep Dive Into Medusa Ransomware
Medusa ransomware appeared in June 2021, and it became more active this year by launchingthe “Medusa Blog” containing data leaked from victims that didn’t pay the ransom. The malwarestops a list of services and processes decrypted at runtime and deletes the Volume ShadowCopies.
Blog
SecurityScorecard’s Partnership with the TSA Helping to Secure the Nation’s Critical Infrastructure
As part of our continued commitment to making the world a safer place, SecurityScorecard recently partnered with the Transportation Security Administration (TSA). This partnership will enable the agency to more accurately monitor and assess the cyber health of the nation’s pipeline, rail, and aviation transportation systems.
Press
SecurityScorecard Achieves AWS Level 1 Managed Security Service Provider Competency Status
SecurityScorecard is the First SaaS Provider to Achieve Competency in Business Continuity and Ransomware Readiness Specification Category.
AWS
Press
Transportation Security Administration Chooses SecurityScorecard to Deliver New Era of Resiliency for Critical Infrastructure
TSA partners with SecurityScorecard to enhance critical infrastructure resilience through automated cyber ratings and threat intelligence.
Webinars
Beyond the Breach: Partnering with the FBI to fight Cybercrime
Learn more in this resource.
Public Sector
Webinars
Building a Sustainable Cyber Insurance Market
Learn more in this resource.
Cyber Insurance
Webinars
Building a Sustainable Cyber Insurance Market
Learn more in this resource.
Cyber Insurance
Research
How To Analyze Java Malware – A Case Study Of Strrat
STRRAT is a Java-based malware that executes multiple commands transmitted by the C2\r\nserver. The JAR file was obfuscated using the Allatori obfuscator. It establishes persistence on\r\nthe host by copying to the Startup folder and creating a scheduled task and a Run registry entry.
Webinars
Being Proactive with Security: Deep Dive into Security Testing
Learn more in this resource.
Press
SecurityScorecard Launches First and Only Security Ratings Platform with Natural Language Processing Capabilities, Providing Customers with Faster Security Insights
APRIL 25 — SAN FRANCISCO — SecurityScorecard, the global security ratings, response, and resilience company, today announced at RSA the launch of the first and only security ratings platform to integrate with generative AI capabilities. With this natural language processing capability, cybersecurity leaders can find immediate answers to high… Read More
Security Ratings
Data Sheet
SecurityScorecard
Learn more in this resource.
Security Ratings
Third-Party Risk Management
Webinars
Reduce Cyber Threat Exposure with a 360-degree Solution
Learn more in this resource.
Blog
Prepare for Zero-Day Threats: Military and Private Sector Leaders Share Their Insights
Leading cybersecurity experts Major General John F. Wharton, (US Army retired); Oleg Strizhak, Shell’s Digital Supply Chain Risk Manager; and Sam Curry, the CISO of Zscaler, recently sat down with SecurityScorecard’s President of International Operations Matthew McKenna to discuss how organizations can prepare themselves and their supply chains for zero-day attacks, preventing and responding to them, as well as best practices for supply chain risk management.
Cyber Threat Intelligence
Public Sector
メディア掲載
日本経済新聞: 転ばぬ先の「サイバー査定」 情報漏洩のリスク軽減
M&A(合併・買収)に乗り出す前に情報漏洩などの可能性を調べる「サイバーデューデリジェンス(査定)」に注目が集まっている。買収先が抱えるリスクの大きさを金額で評価する会計監査大手KPMG系のサービスは2022年の調査依頼が前年の2倍に増えた。産業界ではリスクを見極めて事前に対策を打ち、「転ばぬ先の杖」とする動きが広がっている。「サイバー対策上の課題が多すぎる
Japanese
Webinars
Mitigating Cyber Risk: Insights from the Front Lines of Cyber Insurance
Learn more in this resource.
Cyber Insurance
Webinars
Mitigating Cyber Risk: Insights from the Front Lines of Cyber Insurance
Learn more in this resource.
Cyber Insurance
Blog
7 Factors that Drive Cyber Risk: New Research from Marsh McLennan and SecurityScorecard
Cyber risk is dynamic and influenced by a wide range of variables, quantifying it requires numerous, continuously updated data points.
Cyber Insurance
Blog
7 Factors that Drive Cyber Risk: New Research from Marsh McLennan and SecurityScorecard
Cyber risk is dynamic and influenced by a wide range of variables, quantifying it requires numerous, continuously updated data points.
Cyber Insurance
Webinars
The Current State of Critical Infrastructure
Learn more in this resource.
Public Sector