User:Roqqi/sandbox

This is the user sandbox of Roqqi. A user sandbox is a subpage of the user's user page. It serves as a testing spot and page development space for the user and is not an encyclopedia article. Create or edit your own sandbox here. Other sandboxes: Main sandbox | Template sandbox Finished writing a draft article? Are you ready to request review of it by an experienced editor for possible inclusion in Wikipedia? Submit your draft for review!

SecurityScoreCard Inc.

Company type	Private
Industry	Cybersecurity Risk management
Founded	2013; 11 years ago (2013)
Founders	Aleksandr Yampolskiy Sam Kassoumeh
Headquarters	1140 Avenue of the Americas New York, New York, United States
Revenue	US$71 million (2024)
Website	securityscorecard.com

SecurityScoreCard, Inc. is an American cybersecurity ratings and risk monitoring company that analyzes companies and organizations to evaluate their cybersecurity risk.^[1] It is based in New York city.^[2]

Security ratings by SecurityScoreCard are used to evaluate risks for purposes of board reporting, compliance, cyber insurance procurement and underwriting, digital forensics, enterprise and third-party risk management, incident response and regulatory oversight purposes.^[3]

History

SecurityScoreCard was founded in 2013 by Aleksandr Yampolsky and Sam Kassoumeh. They got the idea for the company while working for an ecommerce site and trying to evaluate cybersecurity risks within the company's vendor ecosystem.^[4]

The company raised US$27.5 million in 2017, from investors including Nokia, Google Ventures, Sequoia Capital, and Moody's Corporation.^[5]

In 2020, the company was recognized by the World Economic Forum as a "technology pioneer."^[6]

In 2021, SecurityScoreCard raised US$180 million in series E funding.^[4]

In October of 2023 SecurityScoreCard was granted FedRAMP designation, and received StateRAMP designation in February of 2024,^[7] which clears its services for use in government institutions and agencies. In 2024, the Canadian government's Centre for Cybersecurity began using SecurityScoreCard as part of their efforts to improve cybersecurity for critical infrastructure.^[8]

Services

SecurityScoreCard provides access to its risk ratings via a risk management platform. The platform grants users real-time access to continuously updated security ratings.^[9]

Companies such as AXA, Nokia, TUI and Liberty Mutual use SecurityScoreCard's platform to monitor cybersecurity risks throughout their supply chains.^[10][11] The platform is integrated with a number of other major cloud platforms such as Amazon Web Services and Snowflake.^[12]

Applications of the platform and ratings include board reporting, compliance, cyber insurance procurement and underwriting, digital forensics, enterprise and third-party risk management, incident response and regulatory oversight.^[3]

Methodology

SecurityScoreCard assesses companies and organizations in 10 categories and then assigns a letter grade from A to F in each category.^[13] Categories include IP reputation, network security, the amount of discussion and compromised credentials on hacker forums, weak passwords in data leaks, the speed at which patches and updates are implemented, and susceptibility to social engineering.^[13][14] Scores also take into account which third-party cloud services a company is using, and the security rating of the companies providing those services.^[5][14]

According to Sam Kassoumeh, the company collects over 27 billion data points per week which are used to assign scores to 2 million companies.^[4][15]

References

1. "Canada Will Use Letter Grades to Assess Companies' Cyber Resilience". Bloomberg.com. 2024-01-11. Retrieved 2024-09-08.
2. "SecurityScorecard Files Suit Against Safe Security". 2024-06-06. Retrieved 2024-09-08.
3. "SecurityScoreCard". World Economic Forum. Retrieved 2024-09-08.
4. Sawers, Paul (2021-03-18). "Cybersecurity ratings platform SecurityScorecard raises $180M". VentureBeat. Retrieved 2024-09-10.
5. Sawers, Paul (2017-10-12). "Cybersecurity risk-monitoring platform SecurityScorecard raises $27.5 million from Nokia, GV, Intel, Sequoia, others". VentureBeat. Retrieved 2024-09-10. Cite error: The named reference ":1" was defined multiple times with different content (see the help page).
6. "Technology Pioneers 2020". widgets.weforum.org. Retrieved 2024-09-10.
7. "SecurityScorecard achieves TX-RAMP provisional certification". Security Info Watch. 2024-07-23. Retrieved 2024-09-10.
8. "Canada Will Use Letter Grades to Assess Companies' Cyber Resilience". Bloomberg.com. 2024-01-11. Retrieved 2024-09-10.
9. "Top three use cases for streaming data pipelines - what, how, why". diginomica.com. 2023-07-31. Retrieved 2024-09-08.
10. Sawers, Paul (2021-05-12). "SecurityScorecard taps HackerOne to bring bug bounty data to security ratings". VentureBeat. Retrieved 2024-09-08.
11. Maundrill, Beth (2023-12-01). "How TUI Group Strengthened its Third-Party Risk Management". Infosecurity Magazine. Retrieved 2024-09-08.
12. Pasternack, Alex (March 3, 2023). "10 Most Innovative Companies in Security of 2023". Fast Company. Retrieved 2024-09-09.
13. Gallagher, Sean (2015-09-11). "MIT ranks high in bad security at major universities". Ars Technica. Retrieved 2024-09-09.
14. Newman, Lily Hay. "All the Ways US Government Cybersecurity Falls Flat". Wired. ISSN 1059-1028. Retrieved 2024-09-09.
15. Cite error: The named reference :5 was invoked but never defined (see the help page).

External links

• Official website