New York, NY, USA
Oct 18, 2021   |  By Kasey Hewitt
Today’s business landscape means having various business partners. From contractors to technology vendors, third parties are now part of everyone’s daily operations. However, with every new third-party you onboard, you also add a new risk. Supply chain attacks compromise your data, even if the third-party isn’t providing you a technology solution. To secure your data, you need to identify and classify high-risk third parties.
Oct 13, 2021   |  By Kasey Hewitt
Organized cybercriminals are leaving traditional bank robbers in the dust. Nowadays, the banking sector’s most significant security concerns come in the form of online threats. Banks and other financial institutions process millions of transactions daily, with the majority of the transactions done via digital payment transfer platforms. For that reason, banks have become enticing targets for cybercriminals.
Oct 11, 2021   |  By Kasey Hewitt
As organizations migrate to the cloud and adopt more “as-a-Service” technologies, identity and access have become the perimeter. Remote workforces mean that limiting access according to the principle of least privilege is a fundamental security control. As part of securing applications and networks, organizations need to focus on users with privileged access because they pose greater insider and credential theft risks.
Oct 6, 2021   |  By Kasey Hewitt
Boards of Directors constantly need to be educated about and aware of their organizations’ cybersecurity posture. Regulations hold them responsible for decision-making and governance. Meanwhile, increased ransomware attacks pose a financial risk to their shareholders. To enhance the risk analysis, questions like these can provide visibility into the company’s strategy.
Oct 4, 2021   |  By Sarah Daily
Threat intelligence feeds enable organizations to stay informed about indicators of compromise (IoCs) related to various threats that could adversely affect the network. These feeds also help to inform tools like SecurityScorecard’s Security Data by providing a source of information to collect, analyze and share with customers.
Sep 29, 2021   |  By Kasey Hewitt
The healthcare industry has always been an appealing target for cybercriminals. From high-value patient data to a low tolerance for downtime that could disrupt patient care, cybercriminals continue to find ways to take advantage of healthcare cybersecurity practices. In recent years, the healthcare industry has seen a 55% increase in cybersecurity threats, turning attacks on healthcare providers into a $13.2 billion industry and making it a gold mine for cybercriminals.
Sep 28, 2021   |  By Charlie Moskowitz
On August 27, 2021, the US House Homeland Security Committee released a draft bill that would update the Homeland Security Act of 2002. This proposed bill seeks to establish a Cyber Incident Review Office and publish an interim rule that would outline procedures for reporting cybersecurity incidents.
Sep 27, 2021   |  By Kasey Hewitt
Cloud computing has revolutionized the business and technological landscape of the last decade. More organizations are turning to cloud services to better manage massive volumes of both structured and unstructured data on a daily basis. As organizations move more and more information and applications to the cloud, there are growing concerns for data security and regulatory compliance.
Sep 22, 2021   |  By Sarah Daily
News of ransomware attacks disrupting supply chains has increased recently. As threat actors disrupt businesses and critical infrastructure, they may appear to be working harder. However, cybercriminals treat ransomware as a business, enabling an underground industry. Ransomware-as-a-Service (RaaS) is a growing underground industry that continues to place sensitive information at risk.
Sep 20, 2021   |  By Kasey Hewitt
Connected devices offer healthcare providers ways to remotely monitor patient health. Additionally, hospitals use these devices for enhanced patient care, including medication delivery and vitals monitoring. However, malicious actors often use unsecured IoMT as part of their attack methodologies.
Jul 15, 2021   |  By SecurityScorecard
The consumer goods and retail industry stores customer data in various digital platforms across multiple third-party vendors. This environment is perfect for cybercriminals to look for weak points to gain access to valuable customer data. Oftentimes, cybersecurity teams are focused too much on securing their own organization from the outside. As hacker techniques become more widespread and sophisticated, organizations must be able to see not only their own security posture but also their third parties’ from the viewpoint of the hackers’. What do hackers see and where are the weak points?
Jul 1, 2021   |  By SecurityScorecard
During this workshop, Mike Wilkes (CISO, SecurityScorecard) and Alex Rice (CTO and Co-Founder, HackerOne) discussed more advantages of combining VDPs, bug bounty programs, and continuous external cyber monitoring, including the impact it can have on reducing risk, preventing breaches, and vetting third parties. Watch the recorded workshop to learn.
Jun 22, 2021   |  By SecurityScorecard
Evalúe, comprenda y monitore al instante el riesgo de seguridad de cualquier empresa en todo el mundo, sin intrusiones y desde una perspectiva externa.
Jun 10, 2021   |  By SecurityScorecard
Security leaders are facing a trifecta of challenges: more sophisticated and frequent cyber attacks, expanding regulations and government mandates, and organizational leaders seeking risk management assurances. CISO’s SecOps and VRM teams need complete visibility to threats across their entire attack surface, with insights to take immediate action, and timely reporting for key stakeholders. SecurityScorecard empowers you to see and understand cybersecurity risk in your organization and across your ecosystem with 360° visibility and seamless workflow integration with your security stack.
Jun 2, 2021   |  By SecurityScorecard
Aleksandr Yampolskiy, SecurityScorecard Co-Founder and CEO, introduces Integrate360°, SecurityScorecard's Marketplace of Integrations and Apps. The Marketplace enhances the ability of SecurityScorecard customers to find, manage, and mitigate cybersecurity risk with out-of-the-box apps and integrations to extend the power of SecurityScorecard. We are the first cybersecurity ratings company with over 40 product integrations, security intelligence partners, and professional services. The SecurityScorecard Marketplace brings customers a one-stop shop where they can unlock, discover, and deploy additional trusted partner solutions and pre-built integrations on top of the SecurityScorecard platform.
Jun 2, 2021   |  By SecurityScorecard
SecurityScorecard transforms the way organizations understand and communicate cyber risk. This animated video provides an introduction to SecurityScorecard and how organizations around the world use it to transform the way they understand, communicate, and report cyber risk.
Jun 2, 2021   |  By SecurityScorecard
Is your team truly collaborative both inside and outside your organization when it comes to cybersecurity? Most organizations don't realize they lack a necessary cybersecurity solution to collaborate effectively and are not actually getting maximum value out of their existing investments. SecurityScorecard’s enhanced product suite for effective collaboration empowers Security and Risk Teams to collaborate more effectively. Being collaborative allows stakeholders to work faster, smarter, and win together with internal teams and their third parties around the globe
May 21, 2021   |  By SecurityScorecard
Whichever way you look at it, the talk around cyber has been gathering steam. Plenty of commentators on the insurance market have predicted that 2021 will be the year that cyber insurance comes into its own. Cyber risks are constantly shifting and personal and commercial insurance is fast becoming a must-have. However, it’s hard to draw the line between the two as remote working becomes more common so insurers are finding it difficult to write cyber in a general sense. Demand won’t drop off though. Nor will the threats.
Apr 24, 2021   |  By SecurityScorecard
At Infocom Security Greece virtual event on April 23, 2021, Nadji Raib (Regional Sales Director, SecurityScorecard), Matthew McKenna (President of International Sales, SecurityScorecard), and Panagiotis Pierros (Managing Director, TICTAC LABORATORIES) presented how important it is not only to monitor your own security posture but also to monitor your 3rd party, 4th party, and your entire ecosystem of vendors and partners. The demo section shows how easy it is to instantly rate a company's current security posture and to prioritize what are the issues that need to be fixed to get a better security rating.
Aug 19, 2021   |  By SecurityScorecard
Corporate board members are known for their relentless focus on the bottom line -- and with good reason. CISOs and other security executives are often mired in technical language and many times, unable to communicate the business impact that cybersecurity has on the bottom line. This helps explain why the average tenure of a CISO is roughly two years.
Jun 26, 2021   |  By SecurityScorecard
In this ebook, we will highlight three principles that are key to implementing a world-class TPRM program. Taken together, these practices will move your organization toward a full 360° view of organizational risk-both internally and across your ecosystem: see risk, solve problems, report results.
Jun 26, 2021   |  By SecurityScorecard
The COVID-19 pandemic has disrupted businesses in ways that few had planned for, resulting in shutdowns, global economic downturn, supply chain volatility, and a sudden uptick in e-commerce and remote work. The disruption is straining security and IT teams who have to quickly respond and adapt to a series of unanticipated business events. How can security and IT teams stay agile, enable business resilience, and manage the shift to the new normal?
Jun 1, 2021   |  By SecurityScorecard
A company-wide cybersecurity strategy is absolutely essential to combat today's evolving risk landscape. This means breaking down silos and encouraging the engagement of security experts throughout different business units. By leveraging collective understanding to expose unknown threats, you can amplify the effectiveness of your security program and technology stack. We call this "Modern Cyber Risk Management".
May 1, 2021   |  By SecurityScorecard
As cybercriminals continue to evolve their threat methodologies, industry standards and governments have revised their compliance programs and audit criteria. Regulators and auditors have increasingly begun requiring organizations to mature their programs in order to ensure continuous monitoring as well as senior management and board-level oversight.
Apr 1, 2021   |  By SecurityScorecard
Whether it's about cutting costs, reducing third-party incidents, regulatory or internal scrutiny, it's likely that you are looking to mature your vendor risk management (VRM) program. This ebook will show you how to improve your vendor risk management program in three parts and how to take it to a mature state, ready to handle the modern risk that lies ahead. Download the complete guide to building your vendor risk management program.

Constantly emerging sophisticated cyber attacks jeopardize your business every minute of every day. SecurityScorecard instantly identifies vulnerabilities, active exploits, and advanced cyber threats to help you rigorously protect your business and strengthen your security posture – from an outside-in perspective, enabling you to see what a hacker sees.

Get your free scorecard and learn how you stack up across 10 categories of risk. Answer a few simple questions and instantly receive your score in your business email.

Best-of-breed capabilities for tech-forward organizations:

  • Third-Party Risk Management: Get instant visibility into the security posture of your vendors and business partners.
  • Enterprise Cyber Risk Management: Discover, monitor, and report on the security vulnerabilities in your data centers and systems.
  • Cyber Insurance: Accurately assess the security posture of insureds and continuously monitor your portfolio.
  • Executive-Level Reporting: Effectively communicate your cybersecurity strategy and risk to the Board and C-Suite.
  • Due Diligence: Gain insight into the cyber risk of any company, make data driven business decisions, and reduce financial risk.
  • Compliance: SecurityScorecard enables organizations to easily prove and maintain compliance with leading regulation and standards mandates including PCI, NIST, SOX, GDPR, and many others.

Cybersecurity risk management for tech companies.