SecurityScorecard, the cybersecurity ratings provider, announced that it has closed its fiscal year ending December 31, 2022, with significant momentum, achieving 49% growth year-over-year. SecurityScorecard delivers security ratings, response, and resilience solutions and services to 73% of the Fortune 100, with over 12 million firms continuously rated.
What were the milestones at SecurityScorecard?
SecurityScorecard experienced tremendous global expansion of its business outside of North America with 68% year-over-year growth in ending annual recurring revenue. The firm acquired LIFARS™, a digital forensics, incident response, and cyber resiliency services firm and also gained a number of market-leading clients in 2022 including Chubb and NTT.
Trusted by Governments and Insurers
SecurityScorecard has become a trusted, go-to resource for the U.S. government. For example, the company established partnerships with more than eight public sector-related associations, including the New York Department of Financial Services, the U.S. Conference of State Bank Supervisors (the umbrella organization for all 50 state banking regulators), and the U.S. national associations for U.S. counties, state legislators, and state CIOs.
In 2022, the United States government’s cyber agency, CISA, added SecurityScorecard to the catalog of Free Cybersecurity Services and Tools and publicly partnered with SecurityScorecard via CISA’s Joint Cyber Defense Collaborative.
Also, SecurityScorecard’s Threat Research, Intelligence, Knowledge, and Engagement (STRIKE) team led an investigation of nation-state cyber activity leading up to and during Russia’s 2022 invasion of Ukraine, resulting in the discovery of the “Zhadnost” botnet, found to conduct DDoS attacks on Ukrainian and Finnish govts. SecurityScorecard’s Zhadnost research was cited by the U.S. govt as part of CISA’s Shields Up program.
In 2022, the firm’s Attack Surface Intelligence solution was added to the Department of Homeland Security (DHS) Continuous Diagnostics and Diagnostics and Mitigation (CDM) Program’s approved products list (APL), enabling agencies to leverage SecurityScorecard’s solution to identify, contextualize, and prioritize critical threats across their attack surface.
SecurityScorecard is also a trusted standard in cyber insurance and cyber underwriting with insurance firms, achieving 120% growth of new ARR in its insurance business in 2022. The firm’s portfolio is highlighted by relationships with market-leading cyber insurers and insurance brokers including Chubb, AXA, Marsh and McLennan, and Willis Towers Watson.
In Good Company
SecurityScorecard welcomed The Honorable Susan M. Gordon, former Principal Deputy Director of U.S. National Intelligence, to its Board of Directors as an independent director.
Ms. Gordon most recently served as the principal deputy director of U.S. national intelligence until 2019 and was a member of the U.S. Cyberspace Solarium Commission, a bipartisan, U.S. congressionally mandated initiative. In addition, MSNBC recently described Ms. Gordon as “one of the most respected U.S. intelligence officers of her generation” and she has been advising former U.S. Presidents since President Ronald Reagan.
SecurityScorecard also significantly expanded its global partner Marketplace by 80%, to include more than 90 tech and integration partners like AWS, Coupa, Crowdstrike, CSC, Fortinet, IBM, OneTrust, Palo Alto Networks, Snowflake, and Splunk. SecurityScorecard Marketplace delivers the solutions security leaders need to maximize security investments and more effectively communicate risk and results with their boards and key stakeholders.
Comprehensive Platform for Quantifying and Reducing Risk
As a security ratings innovator, SecurityScorecard expanded its capabilities to build the world’s most comprehensive platform for quantifying and reducing cyber risk, uniquely enabling firms to protect their attack surface and their business ecosystem. Its offerings and Professional Services suite below deliver value to security leaders faced with the need for trusted, accurate data to visualize threats, communicate risk, and take decisive action.
- Attack Surface Intelligence: The industry’s only global threat intelligence that exposes previously unknown threats with actionable insights to speed remediation across the attack surface, and also that of a third-party ecosystem.
- Automatic Vendor Detection: Continuously monitors the cyber hygiene of an organization’s entire digital supply chain with the industry’s most complete and automated view of 3rd and 4th party vendor risk.
- Cyber Risk Quantification: Partners with RiskLens and ThreatConnect to deliver instant financial impact assessments for any organization in the world.
- Cyber Risk Intelligence: Helps organizations proactively eliminate cyber risk with actionable, tailored intelligence from SecurityScorecard’s Threat Intelligence team, helping customers increase the return on previous investments and drastically improve preventative controls.
- Proactive Security Services, Digital Forensics, and Incident Response: Allows customers to battle-test their security controls and respond confidently to a cyber-attack by partnering with industry-leading experts available 24×7.
Unique Research and Industry Recognition
At The World Economic Forum in Davos, SecurityScorecard announced the research paper, “Addressing the Trust Deficit in Critical Infrastructure,” which analyzed the increasing cyberattacks that have undermined the public’s trust in the resilience of our societies and was featured in Bloomberg, Dark Reading and the official World Economic Forum Blog.
SecurityScorecard also issued ground-breaking research with The Cyentia Institute, which analyzed data from over 1.6 million firms to measure the speed of vulnerability remediation over a three-year period, revealing that only 60% of firms have improved their security posture despite a 15-fold increase in cyber-attacks in the period. SecurityScorecard was recognized for a number of contributions to the cybersecurity industry in 2022, including:
- Inc. Best In Business – Security
- Gartner Peer Insights ‘Customer Choice’ – IT Vendor Risk Management Tools
- Black Unicorn Winner – Cyber Defense Magazine
What does the growth rate mean for SecurityScorecard?
“Our growth signals an inflection point for the security ratings market worldwide,” said Dr. Aleksandr Yampolskiy, Chief Executive Officer and co-founder of SecurityScorecard.
“When attending the World Economic Forum in Davos this year, cyber resilience was clearly top of mind for global leaders across the private and public sector. These organizations are focused on maintaining trust with their ecosystem amidst geopolitical tensions and escalating cybersecurity threats, making the ability to measure cybersecurity a must-have.”
“Boards and business leaders need a far better understanding of cybersecurity visibility and continuous monitoring data, and their relationships to business processes. Without that knowledge, it’s impossible for them to make good cyber-risk management decisions that result in a more cyber resilient firm,” said Jon Oltsik, distinguished analyst and ESG Fellow.