Let’s talk about the new federal bank regulation that goes into effect in April 2022. It will require organizations to notify about a breach within 36 hours, which is the shortest breach notification reporting requirement of any law to date. The clock starts ticking when the organization determines that an incident has occurred. A serious computer incident is usually defined as an incident that materially disrupts or degrades the performance of an organization.

65% of cyber attacks today happen due to the negligence of a third party. SolarWinds security breach is a good example of that. In this case, hackers used a method known as a supply chain attack to insert malicious code into their Orion System. From there, they managed to crack into the SolarWinds network and put malware into the environment. SolarWinds did a great job following up on this. They made significant improvements and are currently rated as a B by SecurityScorecard.

“Why do ransomware attackers target healthcare companies so often?” Here are 2 reasons why: Goldmine of personal information: If you look on the dark web, the price of a stolen credit card would be $5 for a validated card. But the price of personal information (passport, social security number, etc.) could range from $400 to $6,500 per person because you can create a fake identity and use it to create accounts in various places.

Here are 5 cyber hygiene best practices to safeguard yourself from hackers: Hackers know your external look and feel better than you do. So you must constantly rediscover how you appear to the adversaries and take actions to safeguard yourself. A lot of hacks happen by exploiting vulnerabilities that have not been patched instead of being zero-day attacks. So you need to patch your software regularly.

2 ways to make your security infrastructure better than 99% of companies: Start with a zero-trust architecture: Assume that the attackers are going to inevitably break-in. Design a system with zero-trust architecture. To do that, you must: You need to look at how you appear to hackers from outside. Today, with a click of a mouse, attackers can scan the entire Internet and find open ports from companies that are easy to break into.

SecurityScorecard’s CISO Mike Wilkes and Threat Researcher Ryan Slaney discuss their latest insights on the Lapsus$ threat group, the recent Okta breach, and what CISOs should do to protect their organizations. SecurityScorecard is the global leader in cybersecurity ratings and the only service with over 12 million companies continuously rated. The company is headquartered in New York and operates in 64 countries around the globe.

Here are 2 things that helped us successfully scale SecurityScorecard: Having a customer-first mentality: You need to understand your customers deeply. You need to adopt Amazon’s empty-chair approach where the most important voice is the customers’ voice, not the CEOs’. Beginning with the right foundation: Here’s what most companies get wrong: When they start up and have 10-20 people, they focus on their customers.

According to Forrester and Gartner, we are the leader in the security rating space. 3 reasons why: Massive data set: We’ve rated 12 million organizations worldwide. If an organization is not on the data set, it takes us just a few minutes to rate it while our competitors take days to do the same. Huge marketplace of applications and services: We have 100s of partners that enrich the value of our platform.

SecurityScorecard is the global leader in cybersecurity ratings and the only service with over 12 million companies continuously rated. The company is headquartered in New York and operates in 64 countries around the globe.

Here are 4 simple ways to take care of your organization’s cyber hygiene.