Resources

Webinar
The CEO’s Take: Bridging the Cybersecurity Divide To Address Cyber Risk
February 4, 2025More Details
Data Sheet
Simplify and Automate DORA TPRM Requirements with SecurityScorecard
January 30, 2025
This extended data sheet guides you through DORA's TPRM requirements and how you can use SecurityScorecard to comply. Learn more.
More Details
Data Sheet
Simplify and Automate NIS2 TPRM Requirements with SecurityScorecard
January 30, 2025
This extended data sheet guides you through NIS2's TPRM requirements and how you can use SecurityScorecard to comply. Learn more.
More Details
Blog
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign
January 29, 2025
In December 2024, a routine software update concealed a global threat. Attackers from the Lazarus Group, based in North Korea, infiltrated trusted development tools, compromising hundreds of victims worldwide. This sophisticated campaign, code-named "Phantom Circuit," targeted cryptocurrency and technology developers, employing advanced obfuscation techniques through proxy servers in Hasan, Russia.
More Details
STRIKE Team
Research
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign
January 29, 2025
During STRIKE’s investigation of Operation 99, our team identified multiple command-and-control (C2) servers active since September 2024.
More Details
STRIKE Team
Webinar
Building a High-Performing Supply Chain Incident Response Team
January 28, 2025
Supply chain security is no longer an afterthought. With increasing threats and the potential for devastating consequences, organizations must proactively address supply chain risks. In this webinar, we will discuss how a well-structured supply chain incident response team can address these challenges and mitigate risks.
More Details
SCDR
Learning Center
The Top 7 Cyberattacks on U.S. Government: A closer look at the evolving landscape of cybersecurity
January 24, 2025
Cyberattacks are an increasingly significant threat to governments worldwide. This blog post examines some of the top cyberattacks on US government.
More Details
Public Sector, Tech Center
Learning Center
7 Incident Response Metrics and How to Use Them
January 24, 2025
A robust incident response plan provides quantitative data. Check out these seven incident response metrics and how to use them.
More Details
Jeff Aldorisio
Tech Center
Blog, Learning Center
Implementing Non-Repudiation in Your Security Strategy: Best Practices and Techniques
Explore best practices for implementing non-repudiation in security strategies to ensure transaction authenticity and protect against fraud.
More Details
Tech Center
Webinar
The CISO’s Take: Securing the Future of Financial Services & More
January 23, 2025Watch On-Demand
Press
SecurityScorecard Report: 58% of Breaches Impacting Leading U.S. Federal Contractors Caused by Third-Party Attack Vectors
January 22, 2025
Report highlights the urgent need for federal contractors to address third-party risks as cybersecurity gaps threaten national security
More Details
Blog
5 Reasons to Integrate Continuous Monitoring into Your TPRM Program
January 21, 2025
Learn 5 reasons your organization should integrate continuous monitoring into their third-party risk management program. Read SecurityScorecard's blog
More Details