Press February 14, 2024

SecurityScorecard Continues Leadership of the Security Ratings Market, New Solutions Drive Massive Growth Leading Into 2024

NEW YORK – Feb. 14, 2024SecurityScorecard announced significant momentum coming into 2024, driven by strong new customer acquisition, significantly larger deal sizes, and strong customer expansion. Expanding on 2023 success, SecurityScorecard launched solutions in adjacent markets, including threat intelligence and external attack surface management.  

Additionally, SecurityScorecard delivered end-to-end supply chain cyber risk management capabilities with its new MAX managed services offering. SecurityScorecard closed the year with 2,600 customers — representing 70% of the Fortune 1000 — and 70,000 organizations using the platform. 

 

Global 2000 customers

SecurityScorecard continued to see high growth despite overall macroeconomic trends impacting many other cybersecurity companies. The company’s leadership position in the red-hot supply chain risk management space and superior technology capabilities set it apart from competitors. With the new SEC cybersecurity disclosure requirements, security ratings and third-party cyber risk management have become a must-have for all public companies to communicate risk.

 

Cybersecurity innovation

2023 highlights of SecurityScorecard innovation include: 

  • First security ratings’ GPT 4 integration: SecurityScorecard’s integration with OpenAI’s GPT-4 represents the first security ratings platform implementation of natural language processing capabilities with which users can directly interact. Available now, SecurityScorecard provides immediate answers to drive risk resolution for customers, saving cybersecurity practitioners significant time by reducing manual data analysis. 
  • MAX Managed Services drives record revenue: SecurityScorecard MAX is winning over customers while driving record revenue with its simplicity and outcomes-focused approach. Building on the company’s decade of experience in supply chain cyber risk management, the fastest-growing offering in SecurityScorecard’s lineup, MAX, has already demonstrated its ability to transform the industry by identifying, prioritizing, and resolving the most critical vulnerabilities and issues across the third-party and extended Nth party supply chain ecosystem. 
  • Expanding the world’s largest risk & threat intelligence dataset: The company’s acquisition of CVEDetails, a comprehensive vulnerability database used by over  350,000 users each month, laid the foundation. In 2023, SecurityScorecard further enhanced this capability by introducing a new Vulnerability Intelligence module. Available now, SecurityScorecard immediately alerts customers to new vulnerabilities, providing the information needed for swift action. To optimize efficiency, SecurityScorecard has also introduced product and Common Vulnerabilities and Exposures (CVE) impact scores, enabling organizations to maximize efficiency. 

 

Dr. Aleksandr Yampolskiy, CEO & Co-Founder of SecurityScorecard, said: 

“SecurityScorecard ratings deliver a universal language for cybersecurity. Our core security ratings business is very strong, and we’ve transformed security ratings from a standalone use case to a comprehensive platform solution. This evolution expands our market potential as customers prioritize streamlined tech stacks and measurable outcomes.”

 

Industry leadership 

In 2023, SecurityScorecard was recognized by Inc. Magazine as one of the fastest-growing private companies in America, named to Fast Company’s prestigious annual list of the World’s Most Innovative Companies, and joined the World Economic Forum Global Innovators Community. Forbes also selected SecurityScorecard to provide publicly available security ratings for the industry’s first list of Forbes America’s Most Cybersecure Companies. 

 

The global standard in cybersecurity

SecurityScorecard’s unwavering commitment to the public sector reached new heights in 2023. The company achieved the coveted FedRAMP Ready® designation, the gold standard in cybersecurity. FedRAMP rigorously validates compliance with U.S. government security standards for cloud service providers, like SecurityScorecard. FedRAMP provides U.S. government agencies with a unified, standardized framework for measuring and improving their cybersecurity posture. 

SecurityScorecard was also approved to deliver critical cybersecurity capabilities through the Department of Homeland Security Continuous Diagnostics and Mitigation Program Approved Product List. In addition, SecurityScorecard established a partnership with the Canadian Centre for Cyber Security. 

 

Strategic partnerships shape the future of cybersecurity

Through strategic partnerships, SecurityScorecard continues to deliver transformational security solutions for customers. 2023 partnerships included: 

  • Recognized as One to Watch by Snowflake in its cybersecurity report, The Next Generation of Cybersecurity Applications
  • Launched the S&P Supplier Risk Index, combining third-party risk and security assessments to operationalize supply chain risk management at scale.
  • Achieved AWS Level 1 Managed Service Provider status as the first SaaS provider in the Business Continuity and Ransomware Readiness Specification Category.
  • Chosen by Microsoft to participate in the Microsoft Security Copilot Partner Private Preview to provide actionable insights for Microsoft customers to measure and manage risk more effectively. 
  • Delivered industry-first cyber insurance discounts for top security ratings via  Measured and Embroker, providing immediate financial benefits to customers. 
  • Partnered with the International Legal Technology Association, delivering self-monitoring and vendor risk management capabilities globally to mitigate cyber risk faced by legal organizations worldwide and their clients. 
  • Developed the industry’s first security ratings for telecommunications, internet service providers, and cloud providers. Through close collaboration with industry leaders, SecurityScorecard sets a new standard for cybersecurity across these critical sectors that the economy depends on. 

 

Actionable threat intelligence

SecurityScorecard’s proprietary threat intelligence delivers actionable insights into threats targeting specific organizations, industries, and regions. By enriching raw data with contextual information and analysis, SecurityScorecard empowers security teams to allocate their limited resources effectively to remediate exploited vulnerabilities. 

In 2023, SecurityScorecard research included: 

  • New SEC cybersecurity incident disclosure requirements: As cited by the SEC itself in its cybersecurity incident disclosure requirements and the World Economic Forum, SecurityScorecard’s original research (in partnership with the Cyentia Institute) found that 98% of organizations have a relationship with organizations that experienced a third-party breach. 
  • Volt Typhoon ramps up malicious activity against critical infrastructure: SecurityScorecard’s threat intelligence team observed that the Chinese state-sponsored APT group, Volt Typhoon, compromised up to 30% of Cisco legacy routers for use in an SOHO botnet, which various threat groups use.
  • Top 10 threat actor groups: As published in a report released at this year’s World Economic Forum, SecurityScorecard identified the same ten threat actor groups are behind 44% of worldwide cyber incidents, including notable names like Cobalt Group, Sandworm Team, and the notorious АРТ28 (also known as Pawn Storm, Fancy Bear, and BlueDelta). 
  • Deep and dark web collections regarding the Israel-Hamas War: At the start of the Israel and Hamas war, SecurityScorecard rapidly expanded its deep and dark web (DDW) collections to include messaging channels affiliated with Hamas and other militant groups to provide valuable cybersecurity intelligence. 

Renaud Deraison, Co-Founder of Tenable and a pioneer of vulnerability management, said: “SecurityScorecard transforms how organizations resolve critical vulnerabilities across their attack surface and supply chain. Thousands of customers trust SecurityScorecard to defend against zero-days and emerging threats, such as SolarWinds or MoveIT. In 2024, SecurityScorecard will transform the cybersecurity industry forever.”

 

About SecurityScorecard

Funded by world-class investors, including Evolution Equity Partners, Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings, response, and resilience, with more than 12 million organizations  continuously rated. 

Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard’s patented rating technology is used by over 25,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, threat intelligence, and regulatory oversight. 

SecurityScorecard makes the world safer by transforming how organizations understand, improve, and communicate cybersecurity risk to their stakeholders, employees, and suppliers. SecurityScorecard achieved the Federal Risk and Authorization Management Program (FedRAMP) Ready designation, highlighting the company’s robust security standards to protect customer information, and is listed as a free cyber tool and service by the U.S. Cybersecurity & Infrastructure Security Agency (CISA). Every organization has the universal right to its trusted and transparent instant SecurityScorecard rating. For more information, visit securityscorecard.com or connect with us on LinkedIn.

 

Media contact

Ashley Nakano

SecurityScorecard

[email protected]