Cyber Security Research & Insights: White Papers

Explore our cyber security white papers, data sheets, webinars, videos and more.

White Paper

Continuous Oversight in the Cloud: How to Improve Cloud Security, Privacy and Compliance

This white paper advocates for continuous oversight of the wide variety of cloud services used by organizations—a set of distinct, but related, management and assurance practices that address critical emerging risk domains, including security, privacy and compliance.

White Paper

Explanation of SecurityScorecard's Rating Data

This white paper provides detail on the active and passive collection methods and signal types that are in use by the SecurityScorecard solution.

White Paper

New Phorpiex/Trik Variant Poses Threat Through Remote Access

The newest Phorpiex/Trik variant has the ability to infect machines with ransomware by targeting desktops, laptops, and other endpoints running server-side remote access applications. With increasing numbers of companies offering remote-work options to their employees, many corporate endpoints may be running these applications.

White Paper

Insights into the Auditor’s Perspective

Internal audits lives at the intersection of cybersecurity and best practices while external audit protects organizations from regulatory penalties.

White Paper

The Legality of SecurityScorecard Data Collection

​SecurityScorecard delivers security ratings that empower enterprises to instantly and accurately monitor, assess and understand their own cybersecurity posture as well as the cyberhealth of all vendors and business partners in their ecosystems.

White Paper

Continuous Assurance Using Data Threat Modeling

ISACA & SecurityScorecard teamed up to write about continuous assurance using data threat modeling.

White Paper

The Business Case for Investing in a Security Ratings Platform

Many cyber breaches occur as a result of third-party vendor relationships and these types of attacks are on the rise. The cost factors associated with a breach can include data loss, operational downtime, incident recovery, shareholder and customer lawsuits, regulatory fines and reputational damage.

White Paper

What Financial Institutions Need To Know About Cybersecurity and Audit Controls

Industry reports draw attention to consistent financial audit outcomes from year to year. Learn what you need to know about cybersecurity and audit controls within financial industries.

White Paper

Cyber Insurance & Security Ratings

This whitepaper provides detail on how cyber insurance providers can use security ratings to assess cyber risk as part of issuing cyber liability insurance policies.

White Paper

Operationalizing SecurityScorecard in Your Vendor Risk Management Program

In this paper, we will review key areas to operationalize Vendor Risk Management with SecurityScorecard. This includes the vendor landscape, considerations when conducting the risk assessment as well as what to include in vendor contracts.

Ecosystem Risk Management White Paper

Calculating Total Risk Across Third-Party Portfolios

With cyber crime-related costs to hit $6 trillion annually by 2021 and continued high-profile breaches in news headlines, more and more organizations fear that one cyber-attack could suddenly put a stop to growth and profitability.

White Paper

Understanding Cyber Security Ratings

Security ratings grade your organization on how well it protects information. In a digital world, the importance of data and your company’s protection of that data parallels your income and protection of financial assets.

White Paper

Man-in-the-Browser Attacks Target Coinbase and Blockchain Websites

Cryptocurrency is digital, decentralized currency. In the past, cybercriminals primarily just used cryptocurrency to receive money in an anonymized manner.

Ecosystem Risk Management White Paper

Preserving the Cyber Health of the Vendor Ecosystem

While there are a few steps that can be taken to validate a partner’s cyber readiness, they each have their weaknesses and drawbacks. We show you the primary shortcomings of common assessment techniques, using a real-time, machine learning-driven security platform, the value that a reconnaissance platform can provide, and insights from other companies.

Ecosystem Risk Management White Paper

NIST SP 800-171

NIST SP 800-171 required government contractors to provide “adequate security” to protect protect “controlled but unclassified information” (CUI) by December 31, 2017. While its main objective is to drive better cyber controls to protect CUI in non-federal systems and organizations, navigating the standard requires some understanding of its structure.

White Paper

How Security Ratings Improve Risk Awareness While Delivering a Solid ROI

Combatting cyber security risk is already a difficult challenge given the dynamic cyber security risk landscape and evolving sophistication of cyber attacks. Without visibility into internal and external risk, this battle becomes harder. Organizations lacking awareness of the risks posed to their data are left struggling to find the best steps forward.

Healthcare White Paper

HIPAA Compliance: Risk Analysis & Mitigation Strategies

The Health Insurance Portability and Accountability Act (HIPAA) prompted the HHS to issue the rules on the specific areas of HIPAA. These rules define uniform standards for transferring health information among healthcare providers, health plans, and clearinghouses while securing health information and ensuring patient privacy and confidentiality.

White Paper

Transforming Insights into Cyber Resilience via Technology Integration

Enterprises struggle with the increasingly difficult mandate to consistently improve, maintain, and document cybersecurity in order to protect brand reputation, customer trust, and the bottom line. Top of mind on the cyber security agenda is adopting a more agile approach to managing emerging risks across an organization’s third-party portfolio.

White Paper

The Cost of Complacent Cyber Security

Ever wish you could just give in to despair and stop worrying about imminent security threats and let your network operate on cruise control? It’s a tempting thought given the escalating number of threats and the challenges involved in prioritizing them in terms of business risk cost and time to remediate.

White Paper

The Cost of Doing Nothing

The European Union's (EU) General Data Protection Regulation (GDPR), effective May 25, 2018, reaches far beyond the Continent's borders. GDPR impacts every organization that handles EU resident personal data in order to deliver products or services. Non-compliance with GDPR will yield hefty fines up to 20 million euros.

White Paper

Enable Your Organization’s GDPR Compliance

With the never-ending cycle of new and updated security and privacy regulations and standards, we at SecurityScorecard are continuously monitoring and preparing for impacts of what is sure to be a compliance-heavy tidal wave in 2018. Download now to learn some of the key requirements and controls worth noting.

White Paper

SecurityScorecard Scoring Methodology

SecurityScorecard grades the cybersecurity health of organizations based on the information collected by ThreatMarket, our proprietary data engine, as well as our own internal collection activities. Threatmarket collects information from several sources like data feeds, sensors, honeypots, and sinkholes.

White Paper

Preparing for GDPR

The European Union’s (EU) General Data Protection Regulation (GDPR), effective May 25, 2018, reaches far beyond the Continent’s borders. GDPR imposes legislation on every organization that handles EU citizen data in order to deliver products or services. Inability to demonstrate compliance with GDPR will yield hefty penalties of 20+ million euros.

No waiting, 100% Free

Get your personalized scorecard today

Get your free scorecard and learn how you stack up across 10 risk categories. Answer a few simple questions and we'll instantly send your score to your business email.

Get Your Free Score

Get In Touch

Thank you for contacting us!

Request a Demo

Thank you for requesting a demo!