Whitepapers

Outcome-Driven Metrics for Supply Chain Cyber Risk Management

Discover how to create outcome-driven metrics that allow CISOs to demonstrate the benefits of cybersecurity investment by measuring metrics against threats that could impact revenue.

Applying Machine Learning to Optimize the Correlation of SecurityScorecard Scores with Relative Likelihood of Breach

SecurityScorecard ratings provide a means for objectively monitoring the cybersecurity hygiene of organizations (including their vendors) and gauging whether their security posture is improving or deteriorating over time.

A technical analysis of the APT28’s backdoor called OCEANMAP

Late last year, the Computer Emergency Response Team of Ukraine (CERT-UA) released an advisory that reported cyberattacks targeting state organizations attributed to the Russian espionage group APT28, aka Fancy Bear/Sofacy. The advisory listed the use of a new backdoor named “OCEANMAP.” Download this whitepaper to explore a technical analysis of APT28’s tactics, techniques, and procedures.

SecurityScorecardの データ収集方法

A Look Under The Hood: Data Powering Attack Surface Intelligence

In this white paper, understand how we collect the data that powers Attack Surface Intelligence and the tools we use.

Explanation Of Our Data

This white paper provides detail on the active and passive collection methods and signal types that are in use by the SecurityScorecard solution. The breadth and depth of the security data discussed is the foundation from which SecurityScorecard can deliver the most comprehensive cybersecurity ratings in the industry.

How To Manage Third-Party Digital Risk

Addressing data breaches outside your company is vital to managing your third-party digital risk. Download this white paper and learn about the implication of third-party data leaks, how to prevent and manage data leaks, and more.

Security Ratings: A New Horizon

Unveiling a new Security Ratings methodology for Telecommunications, Internet Service Providers, and Cloud Providers

DORA and Cyber Risk: A New Framework for Third-Party Risk in the European Union

DORA is an effort to build resilience within the financial service sector by requiring financial services organizations to establish and monitor networks of trust amongst themselves and their ICT vendors. However, trust requires verification through monitoring and transparency.

How To Increase The Value Of Your GRC Platform With Risk Identification And Quantification

A Detailed Analysis Of The Quantum Ransomware

Expand Your Vendor Intelligence To Identify Active Threats

Research by Ponemon Institute reports that 59% of survey respondents haveconfirmed that their organization has experienced a data breach caused byone of their third parties, with 54% of the incidents occurring in the past12 months. What is more alarming is that only 34% of organizations areconfident their suppliers would notify them of a breach that couldput their business at risk. As the global attack surface continuesto expand, it’s more important than ever to tighten and matureThird- Party Risk Management (TPRM) programs, alsoreferred to as Vendor Risk Management. Staying ahead ofweaponized vulnerabilities and threat actors targetingyour vendors’ assets decreases the chances of acyber disruption to your organization.