Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this week's Weekly Brief: The Driftnet Edition, Brandon Torio explores why the most mature security organizations are breaking down the walls between Security Operations Center (SOC) and Third-Party Risk Management (TPRM) teams. Historically, these teams have approached risk from different angles. TPRM teams focus on vendor oversight, compliance, and risk workflows. SOC teams focus on attack surfaces, vulnerabilities, threat activity, and internet-facing exposures.

In this week's Weekly Brief: The Driftnet Edition, Brandon Torio explains why internet scanning is a lot like modern healthcare. Just as blood tests help doctors identify hidden health risks before they become serious problems, internet scanning helps organizations uncover unseen cyber risks across their attack surface and third-party ecosystem. "The internet has evolved past any one person's understanding.".

In this week’s Weekly Brief: The Driftnet Edition, Brandon Torio explains why SecurityScorecard’s acquisition of Driftnet is transforming internet exposure visibility, and how new research uncovered hidden pathways between internet-connected security cameras and critical infrastructure systems in a small U.S. municipality. “That's the kind of security that really matters, the link between cybersecurity and our physical lives.”

In this week’s Weekly Brief: The Driftnet Edition, Cyber Researcher Gilad F. Maizles breaks down new SecurityScorecard research powered by the company’s acquisition of Driftnet, exposing widespread internet-facing risk inside a U.S. municipal utility provider that also operated as the town’s ISP. “Threat actors will always target the lowest hanging fruit.” Using the Driftnet engine, SecurityScorecard identified significantly more internet-facing services and attack paths than traditional methodologies.

Hear from SecurityScorecard CEO and Co-Founder Dr. Aleksandr Yampolskiy on why the future of cybersecurity and Third-Party Risk Management (TPRM) must move beyond static assessments and reactive workflows. In this executive video, Dr. Yampolskiy reflects on SecurityScorecard’s evolution from pioneering security ratings 12 years ago to launching TITAN AI, a platform built to help organizations continuously identify, prioritize, and reduce third-party risk.

In this week’s Weekly Brief: The Cyber Risk and Policy Edition, SecurityScorecard’s Director, Public Sector Channel Amanda Smith unpacks the complexity of government procurement in the expansion of public sector vendors and how that impacts the technologies available to government entities. Historically, government partners have been slowed down by the nature of the government procurement process but changes implemented by the administration are changing this precedent.

In this week’s Weekly Brief: The Cyber Risk and Policy Edition, SecurityScorecard’s Director, Public Sector Channel Amanda Smith breaks down why the U.S. war with Iran is more than just what takes place on the physical battlefront. In 2026, as conflict unfolds in the Middle East, the digital battlefield has a direct impact on the homeland and U.S. critical infrastructure, too. “It's a global digital confrontation that hits a lot closer to home than a lot of people realize.”

Ready for the future of Third-Party Risk Management (TPRM)? The supply chain is a growing target, but you can fight back. That world is here with the transformative, threat-informed SecurityScorecard TITAN AI Platform. Imagine a world where you go beyond checking compliance boxes by actively mitigating and eliminating risk with continuous, AI-accelerated, and predictive TPRM that allows you to gain visibility and prioritize threats more effectively. Learn more about the TITAN transformation.

This is SecurityScorecard's Weekly Brief: The Adversary Insights Edition with SecurityScorecard's CISO Steve Cobb. Critical infrastructure security in the U.S. remains an important element of the ongoing conflict between the U.S. and Iran with Iranian-linked threat actors targeting US-based assets. Iranian threat actors have focused their efforts on the fastest methods of attack by searching for what Cobb calls “low hanging fruit” in critical infrastructure environments where many organizations have exposed systems.

This is SecurityScorecard's Weekly Brief: The CISO Edition with SecurityScorecard's CISO Steve Cobb. Is it time to retire the vendor questionnaire and annual assessment routines? Not quite, but following face-to-face customer interactions and many forward-thinking speaking sessions at RSAC 2026, CISO Steve Cobb emphasizes the importance of reducing risk for TPRM programs, which is not achieved by completing a third-party risk assessment checklist alone.