SecurityScorecard Revamps Its Cybersecurity Risk Management Product Amidst Global Shift to Remote Work

SecurityScorecard | June 03, 2020

  • SecurityScorecard , announced new capabilities in its best-in-class product suite. These updates enable security and risk teams at any organization to collaborate faster and smarter.

  • Our solution brings unique and actionable data and analytics to customers so that they can become cyber resilient in less time and with more confidence.

  • This provides a transparent view of what cybersecurity issues have been remediated, with visibility into what has been requested and resolved by their third parties.


SecurityScorecard, the global leader in security ratings, announced today new capabilities in its best-in-class product suite. These updates enable security and risk teams at any organization to collaborate faster and smarter amidst a massive global shift to remote work. SecurityScorecard is proud to empower organizations worldwide to combat cyber risks. Our solution brings unique and actionable data and analytics to customers so that they can become cyber resilient in less time and with more confidence," said Sam Kassoumeh, COO and co-founder of SecurityScorecard. Companies that use SecurityScorecard to engage their supply chain see a quantifiable improvement in their ecosystem security posture, which is now more important than ever.


SecurityScorecard's revamped cybersecurity risk management product suite includes more than 25 unique, new capabilities. These include. Invited Company Experience: Organizations gain the ability to easily improve their score, access to time-saving automations and educational materials that give prescriptive tips on how to collaborate effectively with their third parties.Audit Log: This provides a transparent view of what cybersecurity issues have been remediated, with visibility into what has been requested and resolved by their third parties.Rule Builder: Organizations can now create rules to automatically detect and act on any changes to their score to proactively identify their biggest areas of risk.



Read more: MICROSOFT ENHANCES AZURE CLOUD SECURITY FOR GREATER VISIBILITY INTO THIRD-PARTY ACCESS

SecurityScorecard is proud to empower organizations worldwide to combat cyber risks. Our solution brings unique and actionable data and analytics to customers so that they can become cyber resilient in less time and with more confidence.

~ Sam Kassoumeh, Founder SecurityScorecard .


Custom Questionnaire Creator: With over 20 industry standard questionnaires and the ability to edit and customize any questionnaire, customers can now assess and survey any organization in the world against any framework -- and gain unique SecurityScorecard insights to streamline the assessment process .Summarize Risk Findings on Atlas: SecurityScorecard's leading questionnaire and evidence exchange platform, Atlas, now features the ability for organizations to add notes, findings, and remediation plans. The importance of collaborating on cybersecurity is paramount as workforces shift to remote work, expanding the perimeter beyond what many companies are equipped to handle. Many organizations are depending on their security teams to protect against cyber attacks that pose a major risk to their business operations.

SecurityScorecard's leading questionnaire and evidence exchange platform, Atlas, now features the ability for organizations to add notes, findings, and remediation plans,The importance of collaborating on cybersecurity is paramount as workforces shift to remote work .


According to a study from McKinsey, 32% of CISOs are looking for more collaborative tools, guides, training, and operating norms that will help secure their organizations. Companies that engage with their SecurityScorecard rating can reap significant benefits. Organizations that are invited to the platform with a security grade of 'C' of below typically exhibit an average of 7 to 8 point improvement. Many newly invited companies have noted that SecurityScorecard has increased their visibility into their risk environment and empowered their teams to remediate issues that were previously overlooked. With over 1.4 million companies rated, SecurityScorecard is the global industry leader in security ratings. SecurityScorecard collects and analyzes global threat signals that allows organizations to have instant visibility into the security posture of vendors and business partners as well as the capability to do a self-assessment of their own security posture.


The technology continuously monitors 10 groups of risk factors to instantly deliver an easy-to-understand A-F rating. SecurityScorecard is the global leader in cybersecurity ratings and the only service with over a million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 1,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, and cyber insurance underwriting. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors.


Read more: GOOGLE TOP CHOICE FOR CYBERCRIMINALS FOR BRAND-IMPERSONATION SPEAR-PHISHING CAMPAIGNS

Spotlight

Security Information and Event Management (SIEM) systems cause a lot of controversy among security folks. They are a cornerstone of every enterprise security program but SIEM continues to generate many complaints and elicit considerable angst among security professionals.

Spotlight

Security Information and Event Management (SIEM) systems cause a lot of controversy among security folks. They are a cornerstone of every enterprise security program but SIEM continues to generate many complaints and elicit considerable angst among security professionals.

Related News

DATA SECURITY

By Launching Threat Protection, NordVPN Entered the Antivirus Market

NordVPN | February 11, 2022

With the launching of Threat Protection, which is integrated into the NordVPN app, NordVPN, the world's largest VPN service provider, takes another step toward cementing its position as a market leader in cybersecurity. By preventing trackers, phishing attempts, invasive adverts, harmful websites, and corrupted files, this new function provides a complete defense against cyber threats. "At Nord Security, we know that cybersecurity evolves rapidly, and cybersecurity tools must evolve too. And as part of a broader effort to shift into a more encompassing cybersecurity company, introducing Threat Protection brings us one step closer," says Vykintas Maknickas, product strategist at NordVPN. "With the introduction of Threat Protection, we will be able to offer more services and more comprehensive protection that doesn't depend merely on your VPN connection." Threat Protection protects against three types of threats. Web trackers and malicious adverts, as well as hazardous websites and corrupted files, are among them. Web trackers and malicious ads Defending against trackers is often outside the scope of a VPN, which is where Threat Protection comes in. Threat Protection improves the overall web privacy experience by ultimately preventing trackers. In real-time, you can monitor and manage the blacklisted trackers. Harmful websites To avoid harmful websites, utilize Threat Protection while browsing the web. Before the page loading, Threat Protection displays a warning popup. This allows you to escape rather than proceed to a potentially hazardous site where you could be phished or have your info harvested. Infected files Threat Protection can also be the first line of security while downloading a file from the internet. It will scan the file for malware and, if none are found, it will be designated as safe without any interruptions. However, if malware is discovered, the file will be removed before it can cause any harm. You'll also get access to a log of scanned files that you may look at at any time. "Threat Protection takes what was once the task of antivirus software and merges it with NordVPN,Regardless of how long you have been using the internet, you can end up falling victim to some precarious website or download. This is exactly why Threat Protection was introduced — to add a layer of security to make your online browsing safer, cleaner, and more private." Vykintas Maknickas, product strategist at NordVPN Users must download the newest OpenVPN version of the NordVPN app from the official website to use Threat Protection. Users will be protected without connecting to a VPN server once the feature is enabled. Threat Protection is currently available for all macOS users, and Windows users will receive it gradually. NordVPN is a service provided by Nord Security. Nord Security is steadily progressing toward its goal of being an all-in-one cybersecurity solution. Three more market-leading products join NordVPN: NordLocker, an encrypted cloud storage solution; NordPass, a next-generation password manager; and NordLayer, an advanced network access security solution.

Read More

DATA SECURITY

Brane Capital, a Crypto Custody Company, Recently Earned Cyber Security Recertifications as well as Smart Contract Validation

Brane Inc. | April 05, 2021

Brane Inc., a major cryptocurrency custody provider, has earned important cyber-security recertifications that validate the company's rigorous security and risk management procedures. Brane completed third-party validation of its Ethereum smart contract code, the technology that drives non-fungible tokens (NFTs), by auditor Solidified, in addition to recertification at ISO 27001 and 27017 and NIST level 4 standards by audit and certification firm BSI. "We are fully committed to security as our top priority, and these third-party certifications validate Brane as a world-class pioneer in secure cryptocurrency custody," said Chris Desjardins, Vice President, Product. "As cryptocurrencies grow more prevalent in the global economy, our clients and partners are certain that Brane is one of the most accredited, verified, and security-focused companies in the sector." "Brane's key benefit is the blend of bank-grade security and cutting-edge technology, both built on a fundamental view of blockchain's unique opportunities and challenges," said Dave Revell, a Brane board member, and former EVP and Global Chief Information Officer for CIBC. "Brane has created a custody solution that satisfies the needs of banks and other financial institutions as cryptocurrency acceptance grows." "Obtaining ISO and NIST certifications will take several years and millions of dollars for major businesses. Brane's fast completion of these certifications demonstrates the power of our blockchain-native technology and information security management systems "Brane's founder and Chief Innovation Officer, Patrick McLaughlin, made the announcement. "With this primary strategic advantage, Brane is the perfect partner for financial institutions looking for a truly safe, user-friendly solution for digital asset custody." "As Brane becomes a bank for the world's newest asset class, security and accountability are woven into our company's DNA," said Brane President Jerome Dwight, who previously led Bank of New York Mellon's Canadian operations. "By combining an exceptional internal team with partnerships with other business players, Brane is committed to retaining its place of Canadian and global supremacy in crypto custody services." About Brane Brane is a blockchain innovation company that was established in 2017. Brane assists companies in understanding and utilizing the potential of blockchain and digital assets. Brane Vault, the digital asset custody facility, is ISO 27001 certified – the first in the world with cryptocurrency in scope – ISO 27017 certified, and NIST Tier 4 certified – the first company in any industry in Canada to achieve such certification. Brane Vault provides advanced proprietary technology and processes for over 20 preliminary patents, as well as being fully insured from fraud and crime.

Read More

DATA SECURITY

Spectral has joined the Open Source Security Foundation to help Strengthen Open-Source Software Security

Spectral | April 27, 2021

Spectral, the developer first software safety organization, declared they have become supporters of the Open Source Security Foundation (OpenSSF). Spectral is currently an individual from OpenSSF's developing worldwide local area expecting to improve the security of open-source programming. OpenSSF is cross-industry cooperation zeroed in on measurements, tooling, weakness divulgences, security tooling, best practices, and then some, to get the open-source environment and improve the security of open-source programming (OSS). OpenSSF unites pioneers from around the world to give a discussion to genuinely collective, cross-industry endeavors. Spectral is a developer first software safety solution that finds and ensures against exorbitant security botches in code, setup, and other engineer resources. Otherworldly utilizes the main mixture examining motor, that consolidates AI and many indicators to discover and ensure against hurtful security blunders in code, solutions, and different ancient rarities. In accordance with OpenSSF's main goal, Spectral as of late delivered Teller, an open-source instrument that assists developers with recovering and utilize touchy access subtleties. At the point when engineers need to get to mysteries, they frequently need to depend on utilizing homebrewed custom content or duplicating privileged insights from a vault to their neighborhood advancement climate. Teller is the principal open-source secret supervisor addressing the "last mile issue" by giving a developer cordial, normalized strategy for getting to and utilizing mysteries that protects touchy data. "Spectral's main goal is to empower developers to assemble and dispatch programming at scale without stress. We feel that the OpenSSF activity is the ideal scene to examine and improve open source security and is a characteristic stage that engages engineers. The Spectral group is glad to take part in the functioning gatherings and offer their ability in security investigation and exploration of innovation stacks at scale, engineer insight (DX) and tooling, open-source codebases examination and patterns, developer social investigation, however a definitive objective of improving open source security and engineer bliss," said Dotan Nahum, CEO and prime supporter of Spectral. About Spectral Spectral is a lightning-quick, developer first software protection solution that goes about as a control plane over source code and other engineer resources. It finds and ensures against hurtful security blunders in code, designs, and different antiquities. Spectral utilizes the principal cross breed checking the motor, consolidating AI and many locators, guaranteeing engineers can code with certainty while shielding organizations from signific

Read More