Read the latest blog posts published weekly.
Blog
Breaches Beyond Borders: The global landscape of third-party risk
March 27, 2024
Read some of the highlights from SecurityScorecard's recent webinar, which examined our Global Third-Party Cyber Breach report.
Blog
How to Avoid Online Tax Day Scams: Tips to protect your finances and data
March 25, 2024
As Tax Day in the U.S. looms on the horizon, so too does the risk of falling victim to online scams. In 1986, the first year that e-filing was available, five people filed their returns electronically. Since then, the popularity of e-filing has increased so much that 92% of individual tax returns are now e-filed. As online tax filing and payment have become more popular, though, scams targeting unsuspecting taxpayers have as well.
Rob Ames, Senior Staff Threat Researcher
Blog
See AlsoSupplier Risk Assessment Guide | Planergy SoftwareICT Supply Chain Risk Management Task Force | CISAWhat is another word for outsourcing? | Outsourcing Synonyms - WordHippo ThesaurusInformation and Communications Technology Supply Chain SecurityWhy metrics—and context—matter: How CISOs can measure and communicate cyber resilience
March 21, 2024
Cyberattacks in the digital supply chain are now some of the most common cyber incidents today, with many of the recent major breaches resulting from a single vulnerability. Because of the rapid pace and scale of these attacks, cyber leaders can no longer rely on static analyses of their environments, and must continuously assess cyber risk across their entire supply chain and vendor ecosystem. They must also produce quantitative metrics to measure their organizations’ dynamic risk in a standardized, easy-to-understand way. Here, we’ll discuss several metrics that cyber leaders can use to measure cyber risk and communicate with multiple stakeholders.
Jim Routh, Senior Advisor, SecurityScorecard
Blog
Harnessing the Power of Artificial Intelligence: A closer look at the European Union’s new landmark legislation
March 20, 2024
Ethical implications of AI, where and how to use the technology, and understandability demand careful consideration and regulatory oversight to ensure fairness, accountability, and transparency. Against this backdrop, last week lawmakers in the European Union approved a first-of-its-kind law that will govern how businesses and organizations in the EU use artificial intelligence (AI).
Brendan Peter, VP, Global Government Affairs, SecurityScorecard
Blog, Learning Center
From Brackets to Breaches: Securing Your Network Against March Madness Scams
March 20, 2024
Shield your data from cyber threats during March Madness with these tips to help protect you during the annual tournament.
Blog
Celebrating Cybersecurity Excellence: Forbes Most Cybersecure Banks, 2024
March 19, 2024
Explore Forbes' 2024 list of top consumer banks for cybersecurity, led by elite CISOs. Dive into their strategies for a safer digital world.
Dr. Aleksandr Yampolskiy, CEO and Co-Founder, SecurityScorecard
Blog, Learning Center
What are Security Ratings?
March 18, 2024
Security ratings provide a comprehensive view of a company’s security performance. Learn more about what security ratings are and common use cases.
Blog
Forrester Includes SecurityScorecard in Cybersecurity Risk Ratings (CRR) Landscape Report
March 12, 2024
To help sift through the ever-growing field of cybersecurity ratings, Forrester recently published The Cybersecurity Risk Ratings Platforms Landscape, Q1 2024. SecurityScorecard is proud to be included in this landscape, in the company of other notable vendors in the field. Once a misunderstood technology, Cybersecurity Risk Ratings platforms (CRRs) have earned their place in the spotlight in the last several years.
Bennett Morrison, Vice President of Product & Strategy
Blog
Infosys McCamish Systems Third-Party Breach: Possible Attack Vectors and Infrastructure
March 12, 2024
In response to the identification of Infosys McCamish Systems (IMS) as the point of origin for a third-party data breach claimed by the LockBit ransomware group, SecurityScorecard researchers reviewed findings on the security hygiene of IMS.
Rob Ames and Paul Prudhomme, Threat Research and Intelligence, SecurityScorecard
Blog, Learning Center
Defender for Endpoint: Transforming Endpoint Security with Advanced Threat Protection
March 8, 2024
Explore how Microsoft's Sentinel transforms cybersecurity with AI, offering advanced threat detection and automated responses.
Blog
New Malware Attributed to Russian Hacking Group APT28
March 6, 2024
Late last year, the Computer Emergency Response Team of Ukraine (CERT-UA) released an advisory that reported cyberattacks targeting Ukrainian state organizations attributed to the Kremlin-backed nation-state group APT28, aka Fancy Bear/Sofacy. The advisory listed the use of a new backdoor named “OCEANMAP,” detailed in this whitepaper.
Blog, Learning Center
SMB Port Numbers: A Guide to Optimizing and Securing Your Network
March 6, 2024
Explore SMB port security and optimization for your network, including risks and best practices for safeguarding your digital infrastructure.
