SecurityScorecard Investigates S&P 500 Companies Breaches and New Cybersecurity Regulations

SecurityScorecard Investigates S&P 500 Companies Breaches and New Cybersecurity Regulations

By Alex Passett

The landscape of cybersecurity is, without a shred of doubt, prone to dynamic shifts. According to the U.S. Securities and Exchange Commission (SEC), new cybersecurity regulations will require publicly traded organizations to provide proper disclosure of quote-unquote “material” cyber incidents within a period of four days.

Alright, four days. At least it isn’t four hours, right?

Nevertheless, many organizations – plus key policymakers and investors therein – still lack the ability to tap into key insights that shine a bright-enough overhead light, so to speak, on the evolution of the current threat landscape. (Which, as we’ve established, evolves rapidly.)

What’s the next step, then?

SecurityScorecard’s threat researchers have clinched an answer.

With such new breach requirements (and the increased need for breach visibility) on the horizon, SecurityScorecard conducted its S&P 500 Cyber Threat Report. This report analyzes the security ratings of S&P 500 companies and offers avenues down which security teams may trek in order to shore up the state of their respective cybersecure systems.

Here's a long-story-short version of the report’s findings:

  • 21% of S&P 500 companies reported breaches in 2023: Bad actors chase money trails, and ransomware operators target S&P 500s based on their stocks’ market values (while demanding higher and higher ransoms, as time passes). The bigger targets, in attackers’ eyes, are usually more capable of paying these ransoms, so ensuring that “the bigger they are, the harder they fall” doesn’t happen vis-à-vis strengthened cybersecurity is a sure-fire must in 2024.
  • 25% of the reported S&P 500 breaches impacted financial services, fintech, and insurance companies: Financial institutions are responsible for substantial assets, and those wielding ransomware know how interconnected segments of the financial sector can be. Compromising a “big player” could lead to additional gains for bad actors. Thus, a company ensuring it’s protected can also have a significant effect on other companies, as well.
  • 52% of breached companies unfortunately reported exposed Personal Identifiable Information (PII): Once an attack has been enacted, the access of critical employee info (used against them either via ransom or via impersonation) can lead to legitimate crises on personal, professional, and wholescale operational levels. This is why, again, up-to-date cybersecurity protocols with maximized across-the-board visibility is vital.

The report also covered increasingly sophisticated social engineering risks that company associates face, supply chain attack statistics, and more.

“Regulatory pressure continues to grow, and companies need a unified definition of cybersecurity due diligence with clear metrics,” said Dr. Aleksander Yampolskiy, SecurityScorecard’s CEO. “Just as credit scores standardized the financial world, companies need a universal framework to measure cybersecurity risk and define materiality.”

Click here to download and read the full threat report.

Edited by Greg Tavarez
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
Related Articles

ServiceNow Transforms the Employee Experience with Additions to Now Platform

By: Greg Tavarez    5/20/2024

ServiceNow announced the addition of new automation solutions to the Now Platform to transform the employee experience and simplify work across the en…

Read More

ICYMI: News Around the MSP Industry

By: Greg Tavarez    5/17/2024

Here are a few articles compiled into one for readers interested in developments around the MSP space.

Read More

Wildix UK and Ireland Shake Up Leadership for Growth and Innovation

By: Greg Tavarez    5/16/2024

Wildix announced a strategic leadership transition designed to propel the company's market growth.

Read More

Are Resellers Leaving Money on the Table?

By: Special Guest    5/16/2024

The expert and correct installation of network infrastructure and other components is crucial to every IT project's success, adding tangible value by …

Read More

Bitwarden's New Standalone App Makes Two-Factor Authentication Simple

By: Greg Tavarez    5/15/2024

Bitwarden recently launched a standalone app for two-factor authentication to protect online services and applications from unauthorized access.

Read More