Articles from SecurityScorecard

SecurityScorecard announced today a strategic partnership with Willis (a WTW business), a leading global advisory, broking and solutions company. Building on a long-standing relationship, this collaboration aims to enhance cyber risk quantification, improve insurance modeling, and strengthen enterprise security strategies for organizations worldwide.

SecurityScorecard today released the 2025 Global Third-Party Breach Report. Using the world’s largest proprietary risk and threat data set, SecurityScorecard’s STRIKE Threat Intelligence Unit analyzed 1,000 breaches across industries and regions to uncover key attack patterns, measure the impact of third-party security failures and identify the most commonly exploited vendor relationships.

SecurityScorecard, the pioneer of supply chain detection and response (SCDR) solutions, and professional services firm KPMG in Canada have entered into a strategic agreement aimed at revolutionizing cybersecurity within critical sectors. This agreement brings SecurityScorecard MAX to the Canadian market, marking a step forward in helping to secure critical infrastructure.

SecurityScorecard, the leader in Supply Chain Detection and Response (SCDR) solutions, and P3 Group, a global consulting and technology company specializing in business transformation, cybersecurity and software development, today announced a strategic partnership. Through this collaboration, SecurityScorecard’s MAX Managed Service will be introduced as a recommended and accessible solution for P3’s diverse client base worldwide, enhancing their approach to supply chain security with SecurityScorecard’s innovative SCDR solutions.

SecurityScorecard announced today that it has achieved State Risk and Authorization Management (StateRAMP) Ready status and again achieved Federal Risk and Authorization Management Program (FedRAMP) Ready designation. As a FedRAMP StateRAMP provider, SecurityScorecard can help government agencies eliminate threats in their vast and growing supply chains.

SecurityScorecard today released new research showing that 59% of breaches among the top 150 insurance companies involved third-party attack vectors, exposing critical vulnerabilities in the sector’s supply chain. These findings underscore the systemic risks posed by cyber threats to an industry responsible for safeguarding sensitive financial and personal information.

SecurityScorecard today released new research revealing that 58% of breaches impacting the top 100 U.S. federal contractors involved third-party attack vectors, highlighting a critical vulnerability in the government supply chain.

SecurityScorecard today announced its integration with Buy with AWS, a new feature now available through AWS Marketplace. By implementing Buy with AWS, SecurityScorecard now provides simplified software buying experiences for customers on its website, powered by AWS Marketplace, a digital store that makes it easy for customers to find, buy, deploy, and manage software and services from AWS Partners.

SecurityScorecard today released an in-depth analysis revealing that 97% of the top 100 U.S. banks experienced a third-party data breach in the past year, exposing significant vulnerabilities in banking supply chains.

SecurityScorecard today announced the appointment of Sandy Climan, CEO of Entertainment Media Ventures, to its Advisory Board. A distinguished Hollywood figure, his extensive expertise includes executive leadership roles at Universal Studios, MGM, and Creative Artists Agency, cementing his reputation as a trailblazer in the entertainment industry. He has represented A-list stars including Robert DeNiro, Robert Redford, Kevin Costner, and others. His production credits include “The Aviator,” starring Leonardo DiCaprio, and “U23D,” the first digital live-action 3D concert film. Beyond his accomplished Hollywood career, Climan is widely regarded as a media visionary, leveraging his experience as an investor, producer, and advisor to connect Hollywood, Silicon Valley, the financial industry, and global corporations.

SecurityScorecard today released new cybersecurity research on Japan’s escalating third-party cyber risks. In “The Third-Party Cyber Risk Landscape of Japan 2024,” SecurityScorecard STRIKE threat hunters analyzed numerous reported breaches affecting Japanese organizations over the past year, uncovering the top targets and threats impacting the nation’s cyber resilience.

SecurityScorecard today released new research revealing that 97% of the top 100 U.S. retailers experienced a third-party data breach in the past year, exposing significant vulnerabilities just as consumers prepare for the busiest shopping season of the year.

SecurityScorecard and KPMG LLP today released a co-authored new cybersecurity research report on the 250 largest U.S. energy companies. In “A Quantitative Analysis of Cyber Risks in the U.S. Energy Supply Chain,” security researchers and industry subject professionals provide a detailed analysis of cybersecurity vulnerabilities across the energy sector and its supply chains.

SecurityScorecard announced its transformation from a pure-play security ratings leader to the pioneer of a new category called Supply Chain Detection and Response (SCDR). The company’s shift to SCDR reflects the evolving needs of cybersecurity practitioners and the growing threat emanating from third-party and extended ecosystem business partners.

BLACK HAT 2024 – New research from SecurityScorecard and The Cyentia Institute identified 99% of Global 2000 companies are directly connected to vendors that have had recent breaches. Prompted by new SEC cybersecurity requirements demanding transparency around third-party breaches, this report highlights the escalating risk of multi-party supply chain attacks.

BLACK HAT 2024 – G2, the world's largest and most trusted software marketplace, has teamed up with SecurityScorecard, the global leader in security ratings. Through this partnership, SecurityScorecard cybersecurity ratings will be featured directly in G2 product profiles – providing B2B software buyers with a simple A-F letter grade measuring a vendor’s security posture.

SecurityScorecard today released new cybersecurity research on 250 leading global aerospace & aviation companies, including 100 top commercial passenger airlines. In The Cyber Risk Landscape of the Global Aviation Industry, 2024 report, security researchers provide a detailed examination of cybersecurity vulnerabilities across the airline industry and its various supply chains.

SecurityScorecard announced today that it achieved Texas Risk and Authorization Management Program (TX-RAMP) Provisional Certification. As a TX-RAMP provider, Texas state agencies can leverage SecurityScorecard’s standardized approach for measuring cybersecurity that provides trusted, certified and proven supply chain cyber defense.

New SecurityScorecard threat research reveals that while the healthcare sector gets a “B+” security rating for the first half of 2024, it faces a critical vulnerability: supply chain cyber risk. The new report, "The Cyber Risk Landscape of the U.S. Healthcare Industry, 2024," examines historical breach data and security ratings to provide insights for healthcare organizations to stop supply chain breaches.

SecurityScorecard today reaffirmed its dedication to building a safer and more transparent digital ecosystem by signing the Cybersecurity and Infrastructure Security Agency’s (CISA) Secure by Design pledge. Joining a coalition of industry leaders, SecurityScorecard proudly meets all seven of the agency’s cybersecurity goals, demonstrating its unwavering dedication to building trust and transparency in the cybersecurity landscape. To further embody the pledge's emphasis on measurable progress, SecurityScorecard is committed to transparently continuing to show progress on these goals.

SecurityScorecard has been named a leader in The Forrester WaveTM: Cybersecurity Risk Ratings Platforms, Q2 2024. The report covers 10 vendors with cybersecurity risk ratings capabilities. SecurityScorecard received the highest score possible across 17 of the 25 criteria and the highest ranking of all vendors in the Current Offering category.

RSA CONFERENCE 2024 – SecurityScorecard today announced that HEID AI is emerging out of beta. Built on the world’s largest risk and threat dataset, SecurityScorecard developed Highly Evolved Intelligence Defense (HEID) AI to unite the entire cybersecurity community and secure the digital ecosystem.

RSA CONFERENCE 2024 — SecurityScorecard today announced it was the recipient of four Global InfoSec Awards, honoring the most innovative and forward-thinking cybersecurity solutions. Cyber Defense Magazine revealed the award winners during the 2024 RSA Conference.

SecurityScorecard today announced findings from its 2024 Redefining Resilience: Concentrated Cyber Risk in a Global Economy Research, with McKinsey & Company as a knowledge partner. The threat research uncovers an extreme concentration of cyber risk in just 15 vendors, posing serious threats to national security and global economies. The research also details a surge in adversaries exploiting third-party vulnerabilities to maximize the stealth, speed, and impact of supply chain cyberattacks.

According to the latest threat research from SecurityScorecard, 21% of S&P 500 companies experienced breaches in 2023. The new S&P 500 Cyber Threat Report details emerging trends and strategies for Chief Information Security Officers (CISOs).

SecurityScorecard today released its Global Third-Party Cybersecurity Breach Report. Using the world’s largest proprietary risk and threat data set, SecurityScorecard STRIKE threat hunters analyzed threat groups’ mass exploitation of supply chain vulnerabilities.

SecurityScorecard, the global leader in security ratings, announced today that it achieved State Risk and Authorization Management (StateRAMP) pending status. As a StateRAMP provider, state and local agencies can leverage SecurityScorecard’s standardized approach for measuring cybersecurity with letter grades based on cyber resilience.

SecurityScorecard announced significant momentum coming into 2024, driven by strong new customer acquisition, significantly larger deal sizes, and strong customer expansion. Expanding on 2023 success, SecurityScorecard launched solutions in adjacent markets, including threat intelligence and external attack surface management.

SecurityScorecard today announced SecurityScorecard MAX™, a new partner-focused managed service from SecurityScorecard that builds on the company’s decade of experience in the supply chain cyber risk management market. The fastest-growing offering in SecurityScorecard’s lineup, MAX has already demonstrated its ability to transform the industry by enabling organizations to identify, prioritize, and resolve the most critical vulnerabilities and issues across their third-party and extended Nth party supply chain ecosystem.

SecurityScorecard today announced the appointment of Renaud Deraison, Co-Founder of Tenable and a pioneer of vulnerability management, as Senior Advisor and Chairman of its Corporate Advisory Board. During Deraison's 20-year tenure with Tenable, he served as chief technology, research, and product officer. Prior to co-founding Tenable, Deraison created Nessus®, the world's most widely used vulnerability scanner.

SecurityScorecard, a global leader in Security Ratings, released the world’s first Cyber Resilience Scorecard at the World Economic Forum Annual Meeting. The Cyber Resilience Scorecard provides an unprecedented view of global cybersecurity risk, arming leaders with data-driven insights to safeguard the world’s economies.

SecurityScorecard, the global leader in security ratings, today announced a partnership with the Canadian Centre for Cyber Security (the Cyber Centre). SecurityScorecard is delivering security ratings with continuous real-time monitoring to manage cyber risk across Canada’s critical infrastructure.

SecurityScorecard today announced the industry’s first security ratings developed exclusively for telecommunications, internet service providers, and cloud providers. Through close collaboration with industry leaders, SecurityScorecard sets a new standard for cybersecurity across these critical sectors.

SecurityScorecard today unveiled new capabilities to strengthen cybersecurity trust and transparency across the digital ecosystem. Building on a decade-long commitment to providing free security ratings for all organizations, SecurityScorecard innovations advance the industry’s most transparent, trusted, and accurate security ratings.

SecurityScorecard today released new research revealing that 90% of the world’s leading energy companies experienced a third-party data breach in the past 12 months. The research highlights how the energy industry faces a significant threat from third-party risks, where attackers target an organization's vendor ecosystem.

SecurityScorecard today announced that it has been recognized as one to watch in the Data Enrichment category in the inaugural report, The Next Generation of Cybersecurity Applications, executed and launched by Snowflake, the Data Cloud company.

MICROSOFT IGNITE 2023 – SecurityScorecard today announced its participation in the Microsoft Security Copilot Partner Private Preview. SecurityScorecard was selected based on its proven experience with Microsoft Security technologies, willingness to explore and provide feedback on cutting-edge functionality, and close relationship with Microsoft.

SecurityScorecard today announced the appointment of Jim Routh, a distinguished CISO and security leader with over 30 years of experience at Fortune 500 companies, as Senior Advisor and Chairman of its Cybersecurity Advisory Board. With a career spanning over three decades at leading companies, including American Express, Aetna, CVS Health, JPMorgan Chase, and MassMutual, Routh will collaborate with SecurityScorecard to shape the next generation of Security Ratings.

SecurityScorecard today announced it achieved the Federal Risk and Authorization Management Program (FedRAMP) Ready designation, highlighting the company’s robust security standards to protect customer information. With this achievement, SecurityScorecard is ready to meet demand from U.S. federal agencies for its Third-Party Cyber Risk Management Platform and implement a standardized letter-grade system for measuring the U.S. government’s cybersecurity, particularly for its suppliers and vendors (and in certain cases for monitoring critical infrastructure and/or regulated entities).

SecurityScorecard today announced an alliance with Measured Analytics and Insurance, the AI-powered cyber insurance provider. The initiative delivers the first cyber insurance premium incentive (e.g., discounts) for Security Ratings.

SecurityScorecard today announced it has been named to the annual Inc. 5000, the most distinguished ranking of the fastest-growing private companies in America. This prestigious ranking provides a data-driven look at the most successful companies within the economy’s most dynamic segment — independent, entrepreneurial businesses.

BLACK HAT 2023 – SecurityScorecard today announced new partner-focused Managed Cyber Risk Services designed to help customers of all types and sizes operationalize third-party cyber risk management. With 98% of organizations having a relationship with at least one-third party that experienced a breach, SecurityScorecard combines its industry-leading platform and experts to solve the third-party cyber risk puzzle.

SecurityScorecard today announced the release of a new report on the Digital Operational Resilience Act (DORA). The report analyzes 240 of the largest financial institutions in the European Union that must comply with the Digital Operational Resilience Act (DORA) by January 2025.

SecurityScorecard, the global security ratings, response, and resilience company, today announced at AWS re:Inforce 2023, it has achieved Amazon Web Services (AWS) Level 1 Managed Security Service Provider (MSSP) Competency status. SecurityScorecard is the first Software as a Service (SaaS) provider to achieve AWS Level 1 MSSP Competency status in the Business Continuity and Ransomware Readiness specification category and the third in the Digital Forensics and Incident Response category.

SecurityScorecard today announced that the Transportation Security Administration (TSA) has awarded a contract for SecurityScorecard subscriptions to enable pipeline and rail Owner/Operators who elect to use the subscription to more accurately monitor and assess the cyber health of their transportation systems.

SecurityScorecard, the global security ratings, response, and resilience company, today announced at RSA the launch of the first and only security ratings platform to integrate with OpenAI's GPT-4 system. With this natural language processing capability, cybersecurity leaders can find immediate answers to high priority cyber risks. The solution was developed by ScorecardX, the innovation incubator of SecurityScorecard, which designs and builds technological solutions to critical customer challenges.

SecurityScorecard, the global security ratings leader, today announced Score Guarantee, the industry’s first services-backed security ratings guarantee. Score Guarantee demonstrates the direct correlation between SecurityScorecard’s cybersecurity ratings and security efficacy, by providing customers that maintain an ‘A’ rating and meet other minimal requirements, with complimentary Digital Forensics and Incident Response (DFIR) services in the event of a breach.

SecurityScorecard, the global security ratings, response and resilience company, announced today that former United States Congressman John Katko has joined the company as a Senior Advisor of its Cybersecurity Advisory Board. Katko is recognized for his cybersecurity leadership and bipartisan efforts as he served New York’s 24th Congressional District.

SecurityScorecard, the global security ratings leader, today announced a strategic partnership with the International Legal Technology Association (ILTA). The partnership provides ILTA members with enterprise licenses to monitor their own organization and a portfolio of vendors, partners, or clients.

SecurityScorecard, the global security ratings, response and resilience company, has been named to Fast Company’s prestigious annual list of the World’s Most Innovative Companies for 2023.

SecurityScorecard, the global leader in cybersecurity ratings, today announced that its Attack Surface Intelligence solution has been added to the Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) Program’s approved products list (APL).

SecurityScorecard, the global leader in cybersecurity ratings, announced that the company closed its fiscal year ending December 31, 2022, with significant momentum, achieving 49% growth year-over-year. SecurityScorecard now delivers security ratings, response, and resilience solutions and services to 73% of the Fortune 100, with over 12 million organizations continuously rated.

SecurityScorecard, the global leader in cybersecurity ratings, and The Cyentia Institute, an independent cybersecurity research firm, today published research that found 98 percent of organizations have vendor relationships with at least one third-party that has experienced a breach in the last two years. The study, Close Encounters of the Third (and Fourth) Party Kind, also found that 50 percent of organizations have indirect relationships with at least 200 breached fourth-party vendors in the last two years.

SecurityScorecard, the global leader in cybersecurity ratings, today announced the results of its new report, Addressing the Trust Deficit In Critical Infrastructure, which revealed 48% of critical manufacturing organizations ranked “C,” “D,” or “F” on SecurityScorecard’s security ratings platform. Published during the World Economic Forum (WEF) Annual Meeting, the report analyzed the current state of cyber resilience in the critical infrastructure sectors such as Energy, Chemical, Healthcare, and others, as designated by the Cybersecurity and Infrastructure Security Agency (CISA). Organizations with an “A” security rating are 7.7 times less likely to sustain a breach than those with an “F” rating.

SecurityScorecard, the global leader in cybersecurity ratings, today announced the launch of two cyber threat intelligence solutions to deliver an unrivaled view of organizations’ global cyber risk exposure. These new offerings, Attack Surface Intelligence (ASI) and Cyber Risk Intelligence (CRI), provide security teams with contextual intelligence, summarized views, and enriched remediations that are understandable and actionable from practitioner to the board room.

SecurityScorecard, the global leader in cybersecurity ratings, today announced it has joined the World Economic Forum's (WEF) Global Innovators Community. The Global Innovators Community is an invitation-only group of the world’s most promising start-ups and scale-ups that are at the forefront of ethical technological and business model innovation. SecurityScorecard was the only security ratings company to be honored as a ‘Tech Pioneer’ by the World Economic Forum in 2020, and as a global innovator, SecurityScorecard will continue to contribute content and insights to WEF’s Centre for Cybersecurity. SecurityScorecard CEO and co-founder, Aleksandr Yampolskiy, will attend the Annual Meeting 2023 in Davos, Switzerland this month.

SecurityScorecard, the global leader in cybersecurity ratings, today announced a strategic distribution partnership with Wordtext Systems, Inc. (WSI), one of the Philippines’ largest and leading IT distributors, to transform how organizations in the region navigate cyber risk.

SecurityScorecard, the global leader in cybersecurity ratings, today announced significant momentum for the SecurityScorecard Marketplace, the one-stop shop for trusted SecurityScorecard partner solutions, as demand for greater security visibility accelerates. SecurityScorecard expanded its Marketplace partner ecosystem by 80 percent in the past year, to more than 90 technology and integration partners, resulting in 140 percent Marketplace revenue growth. Notable strategic and technology partners in the SecurityScorecard Marketplace include Coupa, CrowdStrike, CSC, IBM, OneTrust, Snowflake, and Splunk.

SecurityScorecard, the global leader in cybersecurity ratings, today announced a strategic partnership with HCLTech, a leading global technology company, to offer combined solutions that provide a holistic approach to security management, improving customers’ ability to see, resolve and communicate risk more effectively.

SecurityScorecard, the global leader in cybersecurity ratings, today announced that The Honorable Susan M. Gordon, former Principal Deputy Director of U.S. National Intelligence, has been appointed to its Board of Directors as an independent director. Gordon was the second-most senior intelligence official in the U.S., where she provided operational oversight of the agencies within the U.S. Intelligence Community, transforming how the community addressed emerging political, economic and national security trends.

SecurityScorecard, the global leader in cybersecurity ratings, today announced it has launched a series of resources designed to help organizations navigate increased scrutiny of budgets and ensure that security efforts get the funding needed to support the business.

Leading IT services provider NTT DATA UK&I and SecurityScorecard, the global leader in cyber security ratings, today announced a new partnership to accelerate the transformation of continuous cyber risk monitoring across industries across the UK and Ireland (UK&I). As part of the partnership, NTT DATA will deliver an innovative posture evaluation report offering for clients, based on the SecurityScorecard platform. The report will combine NTT DATA’s consulting expertise with SecurityScorecard’s ratings and assessment capabilities to instantly rate, analyse and continuously monitor security risk for clients, as well as harden their security postures.

SecurityScorecard, the global leader in cybersecurity ratings, today announced the integration of its Professional Services offering with its ratings platform to provide a single point of orchestration to manage cybersecurity risks. SecurityScorecard’s Professional Services team can help any customer manage cybersecurity risk in concert with the industry’s largest and most comprehensive global, cyber risk data set, setting the industry standard for how cyber risk is quantified, measured and reduced.

SecurityScorecard, the global leader in cybersecurity ratings, announced at the AWS re:Inforce 2022 today it is making its vendor profile available to Amazon Web Services (AWS) customers to automate and simplify the software risk assessment process. SecurityScorecard’s security and compliance artifacts are now available as part of AWS Marketplace Vendor Insights.

In its ongoing effort to improve the security posture of federal, state and local government agencies, SecurityScorecard, the global leader in cybersecurity ratings, today announced a partnership with The National Association of Counties (NACo). Through this partnership, U.S. county governments will gain access to SecurityScorecard’s cybersecurity ratings platform to monitor and improve cybersecurity risk.

SecurityScorecard, the global leader in cybersecurity ratings, and the Conference of State Bank Supervisors (CSBS), the national organization of state financial regulators, announced today a partnership to provide state financial regulators with access to SecurityScorecard’s cybersecurity ratings platform and connected services.