Latest news with #STRIKE
Business Wire
7 days ago
- Business
- Business Wire
SecurityScorecard Included on the 2025 Inc. 5000 List of America's Fastest-Growing Private Companies for the 2nd Time
NEW YORK--(BUSINESS WIRE)-- SecurityScorecard today announced it has been named to the annual Inc. 5000 list, the most distinguished ranking of the fastest-growing private companies in America. The list provides a data-driven snapshot of the most successful companies within the economy's most dynamic segment—its independent, entrepreneurial businesses. Past honorees include companies such as Microsoft, Meta, Chobani, Under Armour, Timberland, Oracle, and Patagonia. 'Being named to the Inc. 5000 is a testament to the relentless dedication of our team and the trust our customers place in SecurityScorecard,' said Aleksandr Yampolskiy, CEO and Co-Founder of SecurityScorecard. 'As supply chain attacks dominate headlines, our mission to make the world a safer place by securing every organization's ecosystem has never been more critical. This recognition underscores that innovation and growth can go hand-in-hand with building a safer digital future.' This year's Inc. 5000 honorees have demonstrated exceptional growth while navigating economic uncertainty, inflationary pressure, and a fluctuating labor market. Among the top 500 companies on the list, the median three-year revenue growth rate reached 1,552 percent, and those companies have collectively added more than 48,678 jobs to the U.S. economy over the past three years. With more than ten consecutive quarters of revenue growth and more than 3,000 customers worldwide, SecurityScorecard is accelerating its market leadership and redefining how organizations secure their digital supply chains. This momentum is fueled by relentless, customer-driven innovation, showcased through major milestones, including: Channel Growth Anchored by SCORE Partner Program and MAX Innovations: During the first half of 2025, SecurityScorecard increased its channel-sourced pipeline by 124% year-over-year, further deepening its global ecosystem of MSSPs, VARs, and technology partners through the company's channel-first SCORE Partner Program. Launch of MAX Workstation for Service Providers: Since its launch in Q1 of 2024, MAX has grown by over 370%, and is the company's fastest-growing product. The launch of MAX Workstation enables service delivery teams to harness the power of AI to enable detection and response across their clients' extended supply chain, driving both new business revenue and retention. STRIKE Research Threat Intelligence: In the past year, STRIKE Research released over 10 reports delivering deep analyses on nation-state actors and emerging cyber risks. Drawing on 12B+ daily security signals and decades of intelligence expertise, STRIKE is driving forward-looking insights that help organizations anticipate and counter the world's most sophisticated threats. Strategic Agreement with KPMG in Canada: SecurityScorecard and KPMG in Canada joined forces to bring SecurityScorecard MAX to critical infrastructure sectors across Canada, strengthening national cyber resilience. StateRAMP and FedRAMP Ready Designations: SecurityScorecard announced it is now StateRAMP Ready and re-certified as FedRAMP Ready, enabling government agencies to manage supply chain risk more effectively. 'Making the Inc. 5000 is always a remarkable achievement, but earning a spot this year speaks volumes about a company's tenacity and clarity of vision,' says Mike Hofman, editor-in-chief of Inc. 'These businesses have thrived amid rising costs, shifting global dynamics, and constant change. They didn't just weather the storm—they grew through it, and their stories are a powerful reminder that the entrepreneurial spirit is the engine of the U.S. economy.' Key Resources: For the full list, company profiles, and a searchable database by industry and location, visit: Follow SecurityScorecard on LinkedIn Book a demo with the SecurityScorecard team. Download the latest STRIKE threat research. Methodology Companies on the 2025 Inc. 5000 are ranked according to percentage revenue growth from 2021 to 2024. To qualify, companies must have been founded and generating revenue by March 31, 2021. They must be U.S.-based, privately held, for-profit, and independent—not subsidiaries or divisions of other companies—as of December 31, 2024. (Since then, some on the list may have gone public or been acquired.) The minimum revenue required for 2021 is $100,000; the minimum for 2024 is $2 million. As always, Inc. reserves the right to decline applicants for subjective reasons. About SecurityScorecard SecurityScorecard created Supply Chain Detection and Response (SCDR), transforming how organizations defend against the fastest-growing threat vector—supply chain attacks. Our industry-leading security ratings serve as the foundation and core strength, while SCDR continuously monitors third-party risks using our factor-based ratings, automated assessments and proprietary threat intelligence, to resolve threats before they become breaches. MAX enables response and remediation capability, working through our service partners to protect the entire supply chain ecosystem while strengthening operational resilience, enhancing third-party risk management and mitigating concentrated risk. Trusted by over 3,000 organizations—including two-thirds of the Fortune 100—and recognized as a trusted resource by the U.S. Cybersecurity & Infrastructure Security Agency (CISA). Backed by Evolution Equity Partners, Silver Lake Partners, Sequoia Capital, GV, NGP, Intel Capital and Riverwood Capital, SecurityScorecard delivers end-to-end supply chain cybersecurity that safeguards business continuity. Learn more at or follow us on LinkedIn.
Techday NZ
22-05-2025
- Business
- Techday NZ
Fintech sector faces mounting third-party security breach risks
SecurityScorecard has published new research indicating that almost 42% of data breaches impacting top fintech companies can be traced back to third-party vendors, with a further 12% linked to fourth-party exposures. The findings, drawn from an analysis of 250 leading fintech firms worldwide, highlight the systemic risks facing the financial sector's supply chain despite robust internal cybersecurity practices. The report, titled Defending the Financial Supply Chain: Strengths and Vulnerabilities in Top Fintech Companies, exposes a growing separation between strong internal controls and vulnerabilities introduced through external partners. Fintech companies emerged as the industry with the strongest overall security posture, registering a median score of 90 in SecurityScorecard's assessment. More than half (55.6%) achieved an "A" rating. However, these scores did not fully shield the industry from cyber intrusions. According to the report, 18.4% of analysed fintech companies experienced breaches that were publicly reported, and over a quarter of these organisations (28.2%) suffered multiple incidents. Technology products and services featured in 63.9% of third-party breaches, with file transfer software and cloud platforms identified as the primary points of compromise. Application security and DNS health deficiencies were noted as the most prevalent weaknesses within the sector. Nearly half of the firms (46.4%) scored the lowest in application security assessments. These weaknesses included unsafe redirect chains, misconfigured storage, and missing Sender Policy Framework (SPF) records. Ryan Sherstobitoff, Senior Vice President of SecurityScorecard's STRIKE Threat Research and Intelligence Unit, commented on the findings: "Fintech companies anchor global finance, but one exposed vendor can take down critical infrastructure. Third-party breaches aren't edge cases - they reveal structural risk. In fintech, that means operational outages across payment systems, digital asset platforms, and core financial infrastructure." The report highlights that the threat emanating from an organisation's indirect partners - referred to as fourth-party suppliers - now exceeds double the global average, making up 11.9% of incidents in the fintech sector. These risks underscore the complexity and depth of digital supply chains in financial technology. In response to its analysis, the SecurityScorecard STRIKE team issued a series of recommendations for fintech companies to bolster their cybersecurity defences across the supply chain ecosystem. Among the recommendations is the need to strengthen oversight of both third- and fourth-party risks. The team advises that, "Fintech companies should tier vendors based on exposure and breach history, not just spend or business value. Disclosing downstream dependencies and requiring incident notification clauses in contracts can reduce cascading risk from fourth-party breaches." Securing shared infrastructure and the technical tools that enable financial operations is also critical. The team states, "File transfer software, cloud storage platforms and customer communication tools were the most common vectors for third-party breaches. Fintechs must audit these integrations regularly and require partners to demonstrate secure implementation practices." Another key area is the remediation of deficiencies in application security and Domain Name System (DNS) settings. According to the report, "Nearly half of fintechs scored lowest in application security. Unsafe redirect chains, misconfigured storage and missing SPF records were common. Remediating these foundational weaknesses should be a priority, starting with customer-facing assets." The report also advises enforcing robust credential protection measures. It recommends, "Credential stuffing campaigns and typosquatting attacks impacted a majority of firms. Enforcing MFA, monitoring for reused credentials and taking down spoofed domains are essential to protect users and prevent cross-platform compromise." Finally, the research suggests that companies which have experienced multiple breaches should be considered higher-risk and subject to extra scrutiny. The report notes, "Companies with multiple breaches accounted for the majority of total incidents. Vendors with prior breach history, especially those with known third-party exposures, should face enhanced scrutiny during onboarding and renewals." The study encompassed a range of fintech segments, including firms specialising in payments, digital assets, neobanking, financial planning, and technology infrastructure. The companies involved were selected for their international presence, influence within the industry, and operational scale.
