Resources

Case Study
Truphone Case Study
August 28, 2020
Information provided by SecurityScorecard is integral to Truphone’s business continuity management in securing the entirety of its supply chain. Streamlining operations through intuitive, customizable groupings of IPs, vendors, and data points saves time, while the added visibility Nuno Teodoro pointed out, “lets us sleep at night.”
More Details
Blog
Calculating the ROI of Security Ratings.
August 24, 2020
It can be difficult to show leadership metrics that prove that you’re saving money because of incidents that haven’t happened. Fortunately, there are a number of qualitative ways to prove to your board and investors that your investment in security ratings is saving your paying off.
More Details
Security Ratings
Blog, Learning Center
What is a Third-Party Vendor? Tips for Managing Vendor Risk
July 23, 2020
A third-party vendor is any company or entity with a direct written contract to provide goods or services to your customers on your behalf. Explore 3 best practices for third-party risk management.
More Details
Attack Surface Management, Tech Center
Learning Center
How to Use the NIST Cybersecurity Framework to Assess Vendor Security
July 16, 2020
Learn how to use the NIST Cybersecurity Framework to efficiently assess vendor security for your organization. Read more on SecurityScorecard's blog.
More Details
Negin Aminian
Tech Center
Learning Center
8 Effective Vendor Due Diligence Best Practices
July 14, 2020
Vendors often have access to sensitive company information, so vendor due diligence is crucial to mitigating risk. Explore 8 things to consider during the vendor due diligence process.
More Details
Tech Center
Learning Center
The 2 Types of Risk Assessment Methodology
June 15, 2020More Details
Miryam Meir
Tech Center
Learning Center
How to Write Third-Party Risk Management (TPRM) Policies and Procedures
June 3, 2020
As organizations set out to mature their cybersecurity programs, vendor risk management (VRM) is a primary risk mitigation strategy. However, managing third-party risk becomes overwhelming, especially as they incorporate more cloud-based vendors to help streamline business operations. While monitoring used to be based on a “trust but verify” mentality, the modern move towards “verify then trust” requires organizations to pivot their programs and become more proactive. Writing third-party risk management (TPRM) policies and procedures needs to act as the foundational guidelines for creating an effective vendor risk management strategy.
More Details
Tech Center
Learning Center
5 Ways Data Breaches Affect Organizations
May 18, 2020
While organizations often focus their attention on a data breach’s impact on their bottom line, there are several other other ways a cyber attack can impact a company. Read more on SecurityScorecard's blog.
More Details
Tech Center
Learning Center
What Is a Cybersecurity Vendor Due Diligence Questionnaire?
May 5, 2020
A vendor cybersecurity due diligence questionnaire is a written assessment given to a vendor to gain a better understanding of their cybersecurity environment.
More Details
Tech Center
Learning Center
What is the Difference Between Information Security and Cybersecurity?
May 4, 2020
Information security and cybersecurity are often used interchangeably; however, they both address different kinds of security. Learn more.
More Details
Tech Center
Learning Center
Understanding the Importance of Cybersecurity Due Diligence
April 20, 2020
Many organizations rely on third-party vendors for day-to-day operations, which opens them up to higher levels of risks. Learn why the cybersecurity due diligence process is critical.
More Details
Tech Center
Blog, Learning Center
The CISO’s Guide to Reporting Cybersecurity to the Board
April 6, 2020
Being able to effectively report on cybersecurity is a key component to every CISOs job. Learn how CISOs can ensure that their board presentations are beneficial.
More Details
Tech Center