|
By SecurityScorecard
The cybersecurity community woke up on Thursday to news of a cyberattack on Sisense, a major business analytics software company. It’s thought that the breach may have exposed hundreds of Sisense’s customers to a supply chain attack and provided the attacker with a door into the company’s customer networks.
|
By SecurityScorecard
The ongoing cyberattack on Change Healthcare, a major player in medical claims processing in the United States, had profound repercussions across the healthcare sector. With the company forced to disconnect over 100 systems, medical claims processing ground to a halt. This disruption, termed by the president and chief executive of the American Hospital Association as “the most serious incident of its kind” in healthcare, brought many medical providers to the brink of closure.
|
By SecurityScorecard
Now more than ever, the specter of cyber threats looms large over organizations of all sizes and sectors. The consequences of a data breach stemming from just one vulnerability can be catastrophic, ranging from financial losses to irreparable reputational damage. As businesses strive to reinforce their defenses against these evolving threats, the need for a reliable and predictive cybersecurity risk assessment tool has never been greater.
|
By SecurityScorecard
SecurityScorecard STRIKE threat researchers discovered 12 zero-days in customer environments in the last year. Attacks are increasingly targeting third-party software. The zero-day vulnerability that emerged in Progress Software’s MOVEit Transfer product last year was a stark reminder of the real-world impact of such vulnerabilities. It wreaked havoc on businesses and governments worldwide, with cyber criminals exploiting it since May of 2023.
|
By SecurityScorecard
In 2014, the National Institute of Standards and Technology (NIST) released its Cybersecurity Framework (CSF) following a presidential executive order to help organizations better understand, reduce, and communicate cybersecurity risk. In the decade since its introduction, NIST CSF has become one of the most widely recognized and utilized frameworks globally, built upon five key functions: Identify, Protect, Detect, Respond, and Recover.
|
By SecurityScorecard
The National Vulnerability Database (NVD), the world’s most widely used vulnerability data source, has been having some problems recently, causing uncertainty and anxiety for everyone dealing with security vulnerabilities. Many organizations, including cybersecurity vendors, rely on CVE data provided by NVD. As a government organization operated by the U.S.
|
By SecurityScorecard
While the digital landscape evolves, cyber adversaries are also honing their tactics, techniques, and procedures. In recent years, ransomware groups have made major disruptions to the digital supply chain and, by extension, the world economy. What’s more, organizations in all industries and geographies continue to grapple with third-party threats, zero-day vulnerabilities, and more.
|
By SecurityScorecard
As Tax Day in the U.S. looms on the horizon, so too does the risk of falling victim to online scams. In 1986, the first year that e-filing was available, five people filed their returns electronically. Since then, the popularity of e-filing has increased so much that 92% of individual tax returns are now e-filed. As online tax filing and payment have become more popular, though, scams targeting unsuspecting taxpayers have as well.
|
By SecurityScorecard
Cyberattacks in the digital supply chain are now some of the most common cyber incidents today, with many of the recent major breaches resulting from a single vulnerability. Because of the rapid pace and scale of these attacks, cyber leaders can no longer rely on static analyses of their environments, and must continuously assess cyber risk across their entire supply chain and vendor ecosystem.
|
By SecurityScorecard
As March Madness sweeps across the nation, the excitement and frenzy associated with the NCAA Basketball Tournament also ushers in a season ripe for cyber threats. This annual college basketball tournament, beloved by millions, creates a unique environment that cybercriminals exploit to launch sophisticated social engineering attacks.
|
By SecurityScorecard
Today we learn about SecurityScorecard's MAX and how it single-handedly prevented a MAJOR Zero-Day Vulnerability. With SecurityScorecard MAX, you no longer have to worry about your supply chain being at risk. SecurityScorecard is the global leader in cybersecurity ratings and the only service with over 12 million companies continuously rated. The company is headquartered in New York and operates in 64 countries around the globe.
|
By SecurityScorecard
Is the "Website References Object Storage" issue type bringing your rating down and you don't know what to do about it? Watch this short video which explains what these are and what you can do to improve them. SecurityScorecard is the global leader in cybersecurity ratings and the only service with over 12 million companies continuously rated. The company is headquartered in New York and operates in 64 countries around the globe.
|
By SecurityScorecard
Is the "HTTP Proxy Service Detected" issue type bringing your rating down and you don't know what to do about it? Watch this short video which explains what these are and what you can do to improve them. SecurityScorecard is the global leader in cybersecurity ratings and the only service with over 12 million companies continuously rated. The company is headquartered in New York and operates in 64 countries around the globe.
|
By SecurityScorecard
Is the "Telephony/VoIP Device Accessible" issue type bringing your rating down and you don't know what to do about it? Watch this short video which explains what these are and what you can do to improve them. SecurityScorecard is the global leader in cybersecurity ratings and the only service with over 12 million companies continuously rated. The company is headquartered in New York and operates in 64 countries around the globe.
|
By SecurityScorecard
SecurityScorecard is the global leader in cybersecurity ratings and the only service with over 12 million companies continuously rated. The company is headquartered in New York and operates in 64 countries around the globe.
|
By SecurityScorecard
Discover how Horiens enhanced its cybersecurity with SecurityScorecard. Watch our customer testimonial to see how they achieved an A rating, reduced security monitoring time by 83%, and improved their supply chain risk management. SecurityScorecard is the global leader in cybersecurity ratings and the only service with over 12 million companies continuously rated. The company is headquartered in New York and operates in 64 countries around the globe.
|
By SecurityScorecard
Dive into the latest SecurityScorecard research with Rob Ames, Staff Threat Researcher, and Travis Hawley, Former Air Force Intelligence Analyst, as they unravel the complexities of Volt Typhoon's recent compromise of 30% of Cisco RV320/325 devices. They explore the technical and user-side reasons behind this significant cyber threat, its impact, and what it means for future cybersecurity trends. Don't miss out on their in-depth analysis and insights on evolving state-sponsored cyber threats.
|
By SecurityScorecard
Former UBER CSO Joe Sullivan joined SecurityScorecard CEO Aleksandr Yampolskiy to discuss pressing topics on the mind of every CISO. Are we on the verge of entering the "Golden Era" of cybersecurity? SecurityScorecard is the global leader in cybersecurity ratings and the only service with over 12 million companies continuously rated. The company is headquartered in New York and operates in 64 countries around the globe.
|
By SecurityScorecard
SecurityScorecard is the global leader in cybersecurity ratings and the only service with over 12 million companies continuously rated. The company is headquartered in New York and operates in 64 countries around the globe.
|
By SecurityScorecard
SecurityScorecard is the global leader in cybersecurity ratings and the only service with over 12 million companies continuously rated. The company is headquartered in New York and operates in 64 countries around the globe.
|
By SecurityScorecard
Corporate board members are known for their relentless focus on the bottom line -- and with good reason. CISOs and other security executives are often mired in technical language and many times, unable to communicate the business impact that cybersecurity has on the bottom line. This helps explain why the average tenure of a CISO is roughly two years.
|
By SecurityScorecard
The COVID-19 pandemic has disrupted businesses in ways that few had planned for, resulting in shutdowns, global economic downturn, supply chain volatility, and a sudden uptick in e-commerce and remote work. The disruption is straining security and IT teams who have to quickly respond and adapt to a series of unanticipated business events. How can security and IT teams stay agile, enable business resilience, and manage the shift to the new normal?
|
By SecurityScorecard
In this ebook, we will highlight three principles that are key to implementing a world-class TPRM program. Taken together, these practices will move your organization toward a full 360° view of organizational risk-both internally and across your ecosystem: see risk, solve problems, report results.
|
By SecurityScorecard
A company-wide cybersecurity strategy is absolutely essential to combat today's evolving risk landscape. This means breaking down silos and encouraging the engagement of security experts throughout different business units. By leveraging collective understanding to expose unknown threats, you can amplify the effectiveness of your security program and technology stack. We call this "Modern Cyber Risk Management".
|
By SecurityScorecard
As cybercriminals continue to evolve their threat methodologies, industry standards and governments have revised their compliance programs and audit criteria. Regulators and auditors have increasingly begun requiring organizations to mature their programs in order to ensure continuous monitoring as well as senior management and board-level oversight.
|
By SecurityScorecard
Whether it's about cutting costs, reducing third-party incidents, regulatory or internal scrutiny, it's likely that you are looking to mature your vendor risk management (VRM) program. This ebook will show you how to improve your vendor risk management program in three parts and how to take it to a mature state, ready to handle the modern risk that lies ahead. Download the complete guide to building your vendor risk management program.
- April 2024 (11)
- March 2024 (12)
- February 2024 (14)
- January 2024 (10)
- December 2023 (44)
- November 2023 (28)
- October 2023 (22)
- September 2023 (11)
- August 2023 (11)
- July 2023 (7)
- June 2023 (17)
- May 2023 (8)
- April 2023 (9)
- March 2023 (15)
- February 2023 (9)
- January 2023 (8)
- December 2022 (9)
- November 2022 (16)
- October 2022 (14)
- September 2022 (19)
- August 2022 (13)
- July 2022 (15)
- June 2022 (25)
- May 2022 (15)
- April 2022 (22)
- March 2022 (20)
- February 2022 (20)
- January 2022 (11)
- December 2021 (14)
- November 2021 (16)
- October 2021 (10)
- September 2021 (11)
- August 2021 (11)
- July 2021 (15)
- June 2021 (23)
- May 2021 (2)
- April 2021 (2)
- March 2021 (1)
Constantly emerging sophisticated cyber attacks jeopardize your business every minute of every day. SecurityScorecard instantly identifies vulnerabilities, active exploits, and advanced cyber threats to help you rigorously protect your business and strengthen your security posture – from an outside-in perspective, enabling you to see what a hacker sees.
Get your free scorecard and learn how you stack up across 10 categories of risk. Answer a few simple questions and instantly receive your score in your business email.
Best-of-breed capabilities for tech-forward organizations:
- Third-Party Risk Management: Get instant visibility into the security posture of your vendors and business partners.
- Enterprise Cyber Risk Management: Discover, monitor, and report on the security vulnerabilities in your data centers and systems.
- Cyber Insurance: Accurately assess the security posture of insureds and continuously monitor your portfolio.
- Executive-Level Reporting: Effectively communicate your cybersecurity strategy and risk to the Board and C-Suite.
- Due Diligence: Gain insight into the cyber risk of any company, make data driven business decisions, and reduce financial risk.
- Compliance: SecurityScorecard enables organizations to easily prove and maintain compliance with leading regulation and standards mandates including PCI, NIST, SOX, GDPR, and many others.
Cybersecurity risk management for tech companies.