Resources

Case Study
Truphone One-Page Case Study
December 2, 2020
Now that Truphone relies on SecurityScorecard for continuous monitoring, there is peace of mind. “With SecurityScorecard it’s fire and forget, because we know the platform will catch everything and surface all of our assets,” said Nuno Teodoro. Having SecurityScorecard has brought benefits across all of the Security and IT team’s responsibilities.
More Details
White Paper
Applying Machine Learning To Optimize The Correlation Of Securityscorecard Scores With Relative Likelihood Of Breach
October 15, 2020
We conducted a study, investigating the use of Machine Learning (ML) to tune the weighting of each of the risk factors so that the total score is optimally correlated with the relative likelihood of incurring a data breach. Download the white paper to learn more.
More Details
Security Ratings
Data Sheet
How Do Security Ratings Work?
October 15, 2020
SecurityScorecard provides transparency into our ratings methodology and delivers insights into how it aligns with industry standards. Understand the principles, methodology, and process behind how our cybersecurity ratings work.
More Details
Security Ratings
Learning Center
Cybersecurity Audit vs. Cybersecurity Assessment: What’s the Difference?
October 7, 2020
Cybersecurity assessments and audits are often discussed interchangeably. While the two are related, assessments and audits are distinct cybersecurity and compliance evaluation mechanisms. It’s important for security leaders to understand exactly how the two function in order to drive organizational cyber maturity and meet industry-specific regulatory requirements.
More Details
Tech Center
Learning Center
What’s the Role of Cybersecurity in Procurement?
September 23, 2020
As a company’s IT stack adds more e-procurement tools, the role of cybersecurity in the procurement process becomes integral to protecting sensitive corporate data and mitigating the risks within a supply chain. Learn more on SecurityScorecard's blog.
More Details
Tech Center
Learning Center
7 Essential Third-Party Risk Management (TPRM) Tools
September 16, 2020
Organizations that still rely on inefficient manual processes face a higher risk of a cyber breach, as well as reputational or regulatory repercussions. With the right TPRM tools in place, IT and security teams can streamline, and maximize the effectiveness of their tools and procedures so they can keep up with the demands of their businesses. While multiple factors will determine the exact needs of a particular organization, here are seven tools that are essential to managing any vendor ecosystem.
More Details
Tech Center
Learning Center
How to Justify Your Cybersecurity Budget
September 14, 2020
Organizations know they need cybersecurity, but security leaders still struggle to get the funding necessary. CISOs looking to justify their cybersecurity budgets need ways to prove return on investment, provide metrics for measuring success, and ensure continued year-over-year value.
More Details
Tech Center
Learning Center
A Security Operations Center (SOC) Report Template for the C-Suite
September 2, 2020More Details
Tech Center
Case Study
Truphone Case Study
August 28, 2020
Information provided by SecurityScorecard is integral to Truphone’s business continuity management in securing the entirety of its supply chain. Streamlining operations through intuitive, customizable groupings of IPs, vendors, and data points saves time, while the added visibility Nuno Teodoro pointed out, “lets us sleep at night.”
More Details
Blog
Calculating the ROI of Security Ratings.
August 24, 2020
It can be difficult to show leadership metrics that prove that you’re saving money because of incidents that haven’t happened. Fortunately, there are a number of qualitative ways to prove to your board and investors that your investment in security ratings is saving your paying off.
More Details
Security Ratings
Learning Center
8 Effective Vendor Due Diligence Best Practices
July 14, 2020
Vendors often have access to sensitive company information, so vendor due diligence is crucial to mitigating risk. Explore 8 things to consider during the vendor due diligence process.
More Details
Tech Center
Learning Center
How to Write Third-Party Risk Management (TPRM) Policies and Procedures
June 3, 2020
As organizations set out to mature their cybersecurity programs, vendor risk management (VRM) is a primary risk mitigation strategy. However, managing third-party risk becomes overwhelming, especially as they incorporate more cloud-based vendors to help streamline business operations. While monitoring used to be based on a “trust but verify” mentality, the modern move towards “verify then trust” requires organizations to pivot their programs and become more proactive. Writing third-party risk management (TPRM) policies and procedures needs to act as the foundational guidelines for creating an effective vendor risk management strategy.
More Details
Tech Center