“SecurityScorecard Marketplace is designed to be a one-stop shop for organizations to deploy trusted partner solutions and integrations that allow them to optimize their security workflows, access greater security intelligence, and accelerate risk mitigation.”
Hi Brendan, please tell us about your role at SecurityScorecard and the types of problems you solve for your customers.
As Vice President of Global Government Affairs at SecurityScorecard, my primary responsibility is to lead the development and implementation of policy, regulatory, and engagement strategies that provide opportunities for SecurityScorecard and our customers around the world. SecurityScorecard helps public sector organizations monitor the security posture of agencies, contractors, and regulated entities. By taking a collaborative, risk-based approach to regulatory oversight, the public sector can better protect its critical systems by auditing and analyzing vulnerabilities more efficiently.
What is SecurityScorecard? What are the core offerings that position your company as a leader in the IT security assessment industry?
Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard is the global leader in cybersecurity ratings, with more than 12 million companies continuously rated. SecurityScorecard’s mission is to make the world a safer place by transforming how organizations understand, mitigate, and communicate cybersecurity risk to their boards, employees, and vendors. SecurityScorecard’s patented rating technology is used by over 30,000 organizations worldwide for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. Our rating technology offers easy-to-read A-F ratings across ten risk factors that allow organizations to gain an outside-in view of their security posture.
Read More: CIO Influence Interview with Herb Kelsey, Federal CTO at Dell Technologies
Please tell us more about your recent partnership with the TSA and how this collaboration would secure national-level critical infrastructures?
The Transportation Security Administration (TSA) recently awarded a contract for SecurityScorecard’s subscription services, allowing pipeline and rail Owner/Operators to voluntarily assess their cybersecurity posture with cybersecurity vulnerability monitoring, ratings, and threat intelligence. The contract also provides TSA with access to monitor threats facing entities they have responsibility for. Cyber threats against critical infrastructure have continued to mount in recent years. This capability offers both the TSA and it’s private sector partners access to comprehensive security ratings and automated assessments that will help them monitor their public-facing internet applications and services. In doing so, SecurityScorecard is enabling the TSA to deliver a new era of cyber resiliency for critical infrastructure organizations nationwide.  We envision that our surface will also enable the TSA to communicate externally, in terms that stakeholders can understand, about progress being made by these organizations in the cyber arena.
According to research, the cost of one ransomware attack is $4.54 million. What are the major hurdles that organizations face in detecting and preventing ransomware attacks?
Historically, launching ransomware attacks required a high level of expertise, but trends like Ransomware as a Service (RaaS) have lowered the barrier to entry for cybercriminals to conduct an attack. Organizations today are dealing with more ransomware variants than ever, making it difficult for them to keep up. One of the most significant gaps for organizations, both large and small, is visibility into their security posture. It’s difficult to defend what an organization can’t see. To help protect against ransomware attacks, it’s crucial to implement a comprehensive security strategy that includes backup, patching, training, and multi-factor authentication.
Read More: CIO Influence Interview with Russ Ernst, Chief Technology Officer at Blancco
How does SecurityScorecard Marketplace empower CIOs and CISOs in building a safer and more secured enterprise IT infrastructure?
SecurityScorecard Marketplace is designed to be a one-stop shop for organizations to deploy trusted partner solutions and integrations that allow them to optimize their security workflows, access greater security intelligence, and accelerate risk mitigation.
On the heels of strong partner momentum in 2022, SecurityScorecard has expanded the Marketplace ecosystem by 80%. SecurityScorecard remains the only cyber ratings platform that allows customers to push their data to and ingest data from other third-party solutions. This empowers CIOs and CISOs to maximize investments and more effectively communicate risk and results with their boards.
What are your thoughts on the growing prominence of AI and Automation-based capabilities in the security industry? How do these technologies augment cybersecurity and threat intelligence systems?
Security and compliance teams understand better than anyone that speed and efficiency are two of the main ingredients for success. With the rise of AI and automated capabilities across the industry, these teams can unlock greater business efficiencies and streamline workflows. Anything that can be done to get practitioners the information they need more quickly means more time for them to make decisions and allows them to direct their efforts toward risk mitigation. Ultimately, there will still be a human component in the decision-making process, but these tools enable teams to make those decisions with more speed and confidence.
SecurityScorecard recently became the first and only security ratings platform to integrate with OpenAI’s GPT-4 system. With this natural language processing capability, cybersecurity leaders can find immediate answers to high-priority cyber risks. The solution was developed by ScorecardX, the innovation incubator of SecurityScorecard, which designs and builds technological solutions to critical customer challenges. The AI-powered search works across monitored organizations, saving leaders significant time by reducing the manual work associated with analyzing data. The search feature will continuously learn and improve to better meet customers’ needs.
Read More: CIO Influence Interview with Bill Lobig, VP of Product Management at IBM Automation
Thank you, Brendan ! That was fun and we hope to see you back on cioinfluence.com soon.
[To participate in our interview series, please write to us at sghosh@martechseries.com]
Brendan Peter serves as Vice President of Global Government Affairs for SecurityScorecard, the world’s largest cyber risk, ratings, and resilience company. He has more than 20 years of global cybersecurity experience leading small and large corporate strategic and operational partnerships designed to increase resilience and economic development. Brendan has led global public policy, corporate social responsibility, and thought leadership programs, and advises CEOs, Executive Management teams, and national governments across the globe to leverage policy frameworks to improve cyber resilience and accelerate economic growth. His experience includes leading government engagement for Seagate Technology, CA Technologies, LexisNexis, and other global brands. He has served as a longtime Board and Executive Committee member of the Information Technology Industry Council, and is a regular contributor to the World Economic Forum and other global platforms. Brendan resides in Washington, DC and is a graduate of Georgetown University and James Madison University
Funded by world-class investors including Evolution Equity Partners, Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard’s patented rating technology is used by over 25,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. SecurityScorecard is listed as a free cyber tool and service by the U.S. Cybersecurity & Infrastructure Security Agency (CISA). Every organization has the universal right to their trusted and transparent Instant SecurityScorecard rating.Â
