Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Can You Adjust Vendor Security Ratings?

Vendor security ratings cannot be adjusted without modifying the criteria for evaluating a vendor’s security posture. Since the ability to make unmitigated adjustments violates the objectivity of security posture measurements, this functionality usually isn’t possible on security rating solutions. However, a workaround is to prevent certain discovered risks from influencing the calculation of a vendor’s security ratings.

Prepare for Zero-Day Threats in Your Supply Chain

Leading cybersecurity experts Major General John F. Wharton, (US Army ret); Oleg Strizhak, Shell’s Digital Supply Chain Risk Manager; and Sam Curry, the CISO of Zscaler, recently sat down with SecurityScorecard’s President of International Operations Matthew McKenna to discuss how organizations can prepare themselves and their supply chains for zero-day attacks as well as best practices for supply chain risk management.

Secure the Lifeblood of the American Economy

Small and medium-sized businesses account for 4.17 percent of private sector employees and almost half of the United States’ gross domestic product , yet—due to limited finances, resources, and staff—many have difficulties when it comes to supply chain management. Geopolitics, inflation, and worker shortages are just a few variables that can impact supply chains; 86% of SMB supply chains have already been or expect to be impacted by Russia’s war in Ukraine.

What Is Continuous Control Monitoring (CCM)?

When creating a strong risk management program within your organization, your business processes need controls in place for maintaining security and mitigating risks. And to assure the continued effectiveness of these controls, the compliance team should also have continuous control monitoring in place. Continuous control monitoring, or CCM, is a subset of continuous data assurance. It can be programmed within your GRC dashboard or risk management software solution.

EP 25 - Cisco CX Cloud CISO on the Language of Risk

We all accept a certain degree of risk in our lives. So, to varying degrees, we’re all operating – to use cybersecurity parlance – with an assume breach mindset. Meaning, we accept that attacks are inevitable and, as such, we focus time and effort on protecting the assets that matter most. In short, we buckle up for safety.

Benefits of Vendor Risk Management Software

Vendor risk management (VRM) has become a critical component of business continuity, especially given today’s cybersecurity threat landscape. That said, VRM is challenging. Collaborating with vendors involves the sharing of sensitive information and presents difficult tasks. In particular, assessing a vendor’s role in an organization’s business operations is crucial to mitigate supply chain risks.

What is Mobile Application Protection and How To Enforce It

With the rise of remote work and shadow IT, more devices and apps (both sanctioned and unsanctioned) are connecting to your organization’s network. Today, there are approximately five million mobile apps currently in circulation: approximately three million for Android and two million for iOS. That’s great for productivity, but less than ideal when it comes to security.

7 Factors that Drive Cyber Risk: New Research from Marsh McLennan and SecurityScorecard

The expanding attack surface of an increasingly interconnected digital world comes with a high degree of risk due to ransomware, phishing attempts, supply chain attacks, data breaches, and other cyber incidents. And while many organizations recognize the need for cyber insurance, a recent Forrester Research report found that only 55% of organizations in North America have purchased cyber insurance. 1

What Is Cybersecurity Compliance? An Industry Guide

If you operate in specific sectors, cybersecurity maturity is more than a best practice, it’s a regulatory requirement. These regulations are complex and constantly changing. To help you better understand your organization's regulatory environment and the standards and controls they stipulate, let's break down key cyber compliance regulations by industry.

How to Assess and Improve Your Cybersecurity Posture

As an enterprise leader or cybersecurity professional, you know that the threat landscape is expanding. You know that cybercriminals get smarter every day, using ever-more sophisticated weapons to attack organizations, disrupt operations, and compromise sensitive IT assets. To protect your organization from these attackers, you must assess and strengthen your cybersecurity posture. In this blog we’ll show you how to do both.