Resources

Cybersecurity Research & Insights: White Papers

Explore our cybersecurity white papers, data sheets, webinars, videos and more.

White Paper

Applying Machine Learning to Optimize the Correlation of SecurityScorecard Scores with Relative Likelihood of Breach

Learn about how SecurityScorecard applied machine learning to optimize the correlation of SecurityScorecard ratings with relative likelihood of a breach.

White Paper

PCI DSS Compliance and Security Ratings: Protecting Cardholder Data and Assessing MDR for Merchants and Acquiring Banks

Learn how security ratings enable organizations to enhance and mature their information security and compliance programs by providing an independent, objective review of the companies’ external data breach risk mitigation strategies.

White Paper

A Deep Dive in Scoring Methodology

SecurityScorecard scores provide insights and a detailed analysis of the security posture of an organization. Take a deep dive into our scoring methodology.

White Paper

Continuous Oversight in the Cloud: How to Improve Cloud Security, Privacy and Compliance

This white paper advocates for continuous oversight of the wide variety of cloud services used by organizations—a set of distinct, but related, management and assurance practices that address critical emerging risk domains, including security, privacy and compliance.

White Paper

Explanation of SecurityScorecard's Ratings Data

This white paper provides detail on the active and passive collection methods and signal types that are in use by the SecurityScorecard solution.

White Paper

Next-Gen Scoring: A New Standard in Fair and Transparent Cybersecurity Ratings

​Security ratings can provide insights enabling better security when the companies creating the scores explain the algorithms so that businesses can understand how to use them meaningfully.

White Paper

New Phorpiex/Trik Variant Poses Threat Through Remote Access

The newest Phorpiex/Trik variant has the ability to infect machines with ransomware by targeting desktops, laptops, and other endpoints running server-side remote access applications. With increasing numbers of companies offering remote-work options to their employees, many corporate endpoints may be running these applications.

White Paper

Insights into the Auditor’s Perspective

Internal audits lives at the intersection of cybersecurity and best practices while external audit protects organizations from regulatory penalties.

White Paper

The Legality of SecurityScorecard Data Collection

​SecurityScorecard delivers security ratings that empower enterprises to instantly and accurately monitor, assess and understand their own cybersecurity posture as well as the cyberhealth of all vendors and business partners in their ecosystems.

White Paper

Continuous Assurance Using Data Threat Modeling

ISACA & SecurityScorecard teamed up to write about continuous assurance using data threat modeling.

White Paper

The Business Case for Investing in a Security Ratings Platform

Many cyber breaches occur as a result of third-party vendor relationships and these types of attacks are on the rise. The cost factors associated with a breach can include data loss, operational downtime, incident recovery, shareholder and customer lawsuits, regulatory fines and reputational damage.

White Paper

What Financial Institutions Need To Know About Cybersecurity and Audit Controls

Industry reports draw attention to consistent financial audit outcomes from year to year. Learn what you need to know about cybersecurity and audit controls within financial industries.

White Paper

Cyber Insurance & Security Ratings

This whitepaper provides detail on how cyber insurance providers can use security ratings to assess cyber risk as part of issuing cyber liability insurance policies.

White Paper

Understanding Cybersecurity Ratings

Security ratings grade your organization on how well it protects information. In a digital world, the importance of data and your company’s protection of that data parallels your income and protection of financial assets.

Ecosystem Risk Management White Paper

Preserving the Cyber Health of the Vendor Ecosystem

While there are a few steps that can be taken to validate a partner’s cyber readiness, they each have their weaknesses and drawbacks. We show you the primary shortcomings of common assessment techniques, using a real-time, machine learning-driven security platform, the value that a reconnaissance platform can provide, and insights from other companies.

Ecosystem Risk Management White Paper

NIST SP 800-171

NIST SP 800-171 required government contractors to provide “adequate security” to protect protect “controlled but unclassified information” (CUI) by December 31, 2017. While its main objective is to drive better cyber controls to protect CUI in non-federal systems and organizations, navigating the standard requires some understanding of its structure.

White Paper

How Security Ratings Improve Risk Awareness While Delivering a Solid ROI

Security ratings offer critical insight into vulnerabilities present both in your environment and the environment of your vendors, partners, suppliers, and other third-parties. Aside from providing clarity on the nature of risks in your risk ecosystem, security ratings provide tangible cost savings both in operating expenses and staff time.

Healthcare White Paper

HIPAA Compliance: Risk Analysis & Mitigation Strategies

The Health Insurance Portability and Accountability Act (HIPAA) prompted the HHS to issue the rules on the specific areas of HIPAA. These rules define uniform standards for transferring health information among healthcare providers, health plans, and clearinghouses while securing health information and ensuring patient privacy and confidentiality.

White Paper

Transforming Insights into Cyber Resilience via Technology Integration

Enterprises struggle with the increasingly difficult mandate to consistently improve, maintain, and document cybersecurity in order to protect brand reputation, customer trust, and the bottom line. Top of mind on the cyber security agenda is adopting a more agile approach to managing emerging risks across an organization’s third-party portfolio.

White Paper

The Cost of Complacent Cyber Security

Ever wish you could just give in to despair and stop worrying about imminent security threats and let your network operate on cruise control? It’s a tempting thought given the escalating number of threats and the challenges involved in prioritizing them in terms of business risk cost and time to remediate.

White Paper

Preparing for GDPR

The European Union’s (EU) General Data Protection Regulation (GDPR), effective May 25, 2018, reaches far beyond the Continent’s borders. GDPR imposes legislation on every organization that handles EU citizen data in order to deliver products or services. Inability to demonstrate compliance with GDPR will yield hefty penalties of 20+ million euros.

No waiting, 100% Free

Get your personalized scorecard today

Get your free scorecard and learn how you stack up across 10 risk categories. Answer a few simple questions and we'll instantly send your score to your business email.

Get Your Free Score

Get In Touch

Thank you for contacting us!