Resources

Blog, Learning Center
What is a Third-Party Vendor? Tips for Managing Vendor Risk
July 23, 2020
A third-party vendor is any company or entity with a direct written contract to provide goods or services to your customers on your behalf. Explore 3 best practices for third-party risk management.
More Details
Attack Surface Management, Tech Center
Learning Center
How to Use the NIST Cybersecurity Framework to Assess Vendor Security
July 16, 2020
Learn how to use the NIST Cybersecurity Framework to efficiently assess vendor security for your organization. Read more on SecurityScorecard's blog.
More Details
Negin Aminian
Tech Center
Learning Center
8 Effective Vendor Due Diligence Best Practices
July 14, 2020
Vendors often have access to sensitive company information, so vendor due diligence is crucial to mitigating risk. Explore 8 things to consider during the vendor due diligence process.
More Details
Tech Center
Learning Center
The 2 Types of Risk Assessment Methodology
June 15, 2020More Details
Miryam Meir
Tech Center
Learning Center
How to Write Third-Party Risk Management (TPRM) Policies and Procedures
June 3, 2020
As organizations set out to mature their cybersecurity programs, vendor risk management (VRM) is a primary risk mitigation strategy. However, managing third-party risk becomes overwhelming, especially as they incorporate more cloud-based vendors to help streamline business operations. While monitoring used to be based on a “trust but verify” mentality, the modern move towards “verify then trust” requires organizations to pivot their programs and become more proactive. Writing third-party risk management (TPRM) policies and procedures needs to act as the foundational guidelines for creating an effective vendor risk management strategy.
More Details
Tech Center
Learning Center
5 Ways Data Breaches Affect Organizations
May 18, 2020
While organizations often focus their attention on a data breach’s impact on their bottom line, there are several other other ways a cyber attack can impact a company. Read more on SecurityScorecard's blog.
More Details
Tech Center
Learning Center
What Is a Cybersecurity Vendor Due Diligence Questionnaire?
May 5, 2020
A vendor cybersecurity due diligence questionnaire is a written assessment given to a vendor to gain a better understanding of their cybersecurity environment.
More Details
Tech Center
Learning Center
Understanding the Importance of Cybersecurity Due Diligence
April 20, 2020
Many organizations rely on third-party vendors for day-to-day operations, which opens them up to higher levels of risks. Learn why the cybersecurity due diligence process is critical.
More Details
Tech Center
Blog, Learning Center
The CISO’s Guide to Reporting Cybersecurity to the Board
April 6, 2020
Being able to effectively report on cybersecurity is a key component to every CISOs job. Learn how CISOs can ensure that their board presentations are beneficial.
More Details
Tech Center
Learning Center
What is Cybersecurity Analytics? Definition & Use Cases
April 3, 2020
Cybersecurity analytics is an approach that uses data aggregation, attribution, and analysis to extract the information needed for proactive cybersecurity. Explore benefits and use cases.
More Details
Security Ratings, Tech Center
Learning Center
What are the Key Drivers of Enterprise Risk Management (ERM)?
March 26, 2020
Learn the key drivers of enterprise risk management and why business and security leaders might not be communicating well when it comes to risk and threats.
More Details
Tech Center
Blog, Learning Center
What is Cyber Threat Intelligence? A Complete Guide
March 12, 2020
Continued cyber threat intelligence monitoring has become imperative to business success. Learn more about cyber threat intelligence and its various use cases.
More Details
Cyber Threat Intelligence, Tech Center