NY-SECURITYSCORECARD
SecurityScorecard, the global leader in cybersecurity ratings, today announced the results of its new report, Addressing the Trust Deficit In Critical Infrastructure, which revealed 48% of critical manufacturing organizations ranked “C,” “D,” or “F” on SecurityScorecard’s security ratings platform. Published during the World Economic Forum (WEF) Annual Meeting, the report analyzed the current state of cyber resilience in the critical infrastructure sectors such as Energy, Chemical, Healthcare, and others, as designated by the Cybersecurity and Infrastructure Security Agency (CISA). Organizations with an “A” security rating are 7.7 times less likely to sustain a breach than those with an “F” rating.
“Security ratings are a trusted barometer of cyber resilience and the time is now for policymakers and organizations to make cyber risk measurement mandatory,” said Aleksandr Yampolskiy, co-founder and CEO of SecurityScorecard. “Cyberattacks in the last 10 years have gotten much worse, more complex, and increasingly have targeted critical infrastructure, thereby undermining the public’s trust in the cyber resilience of our global economy.”
SecurityScorecard provides comprehensive security ratings, automated assessments, and guidance from industry experts, providing a patented and easy-to-understand A-F graded scorecards for improved communication, effective compliance reporting, and more informed decision-making.
According to the World Economic Forum, only 19% of cyber leaders feel confident that their organizations are cyber resilient. SecurityScorecard recently joined the World Economic Forum Global Innovators Community, contributing to WEF’s Centre for Cybersecurity’s initiative to address systemic challenges, improve trust, and build cyber resilience. Yampolskiy is attending the WEF Annual Meeting in Davos to engage with the world’s foremost public- and private-sector leaders on mitigating global cyber risk, including within critical infrastructure.
Critical Manufacturing Patching Cadence Falls Amid Escalating Attack Cadence
Cyber incidents affecting critical infrastructure, once comparatively rare, have become far more frequent in recent years as nation-states and their proxies escalate their pursuit of geopolitical objectives. Data from the Federal Bureau of Investigation showed that 14 of the 16 sectors considered critical infrastructure by the U.S. government experienced at least one ransomware attack in 2021.
SecurityScorecard assessed these industries to measure their current state of cyber resilience. It found that critical manufacturing is highly vulnerable based on analysis of all organizations under that category in The Forbes Global 2000 list. SecurityScorecard considers 10 factors when developing an organization’s security rating. Of those 10, the patching cadence ‘factor’ for critical manufacturing experienced a significant drop from 2021 to 2022, moving from 88 (B) to 76 (C).
High and Medium-Severity CVEs Strain Resources
The decline in patching is likely due to an increased volume of vulnerabilities. Critical manufacturing experienced a 38% year-over-year increase in high severity vulnerabilities. In 2022 alone, 76% of critical manufacturing organizations have high and medium-severity CVEs.
These CVEs may, in some cases, facilitate ransomware groups’ targeting of organizations in the sector. Manufacturers experienced an increase in malware infections from 2021 to 2022. In 2022, 37% of critical manufacturing organizations had malware infections.
“While investing in more technology might seem burdensome to resource-constrained critical infrastructure operators, the reality is that cybersecurity ratings technology is extremely cost-effective, especially when you consider the catastrophic cost of a breach is $9.44 million on average for U.S. organizations,” continued Yampolskiy. “By leveraging security ratings, these organizations have a simple way to build resilience and make more informed decisions to strengthen their cyber defenses by confidently measuring risk and quantifying the trustworthiness of their partners, contractors, third-and fourth-party vendors, and supply chains.”
To view the full research paper, please visit: https://resources.securityscorecard.com/davos-2023/addressing-the-trust-deficit
About SecurityScorecard
Funded by world-class investors including Evolution Equity Partners, Silver Lake Waterman, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 30,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. SecurityScorecard is the first cybersecurity ratings company to offer digital forensics and incident response services, providing a 360-degree approach to security prevention and response for its worldwide customer and partner base. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every organization has the universal right to their trusted and transparent Instant SecurityScorecard rating. For more information, visit securityscorecard.com or connect with us on LinkedIn.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20230117005416/en/
About Business Wire
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Bridgepoint to Partner With ht.digital, the Leading Digital Asset Transparency Layer25.11.2025 09:00:00 CET | Press release
Bridgepoint to become majority shareholder in ht.digital, a London headquartered specialist provider of audit, accounting, assurance, operational and technology solutions to the digital asset ecosystem ht.digital has delivered organic revenue growth of c.100% over the last two years, scaling rapidly in a fast-growing market The partnership will accelerate ht.digital’s international expansion and continued investment in technology, talent and brand Bridgepoint, one of the world’s leading mid-market investors, today announced that it has agreed to acquire a majority stake in ht.digital, a leading, London-headquartered provider of digital asset assurance and technology solutions. The investment will be made by Bridgepoint Development Capital V – Bridgepoint’s lower middle-market fund focused on supporting fast-growing businesses across Europe. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251125907148/en/ Digital assets – incl
Thredd Signs Landmark Agreement to Enable Visa Cloud Connect Globally25.11.2025 09:00:00 CET | Press release
Agreement sets stage for strengthened global reach, scalability, and resilience for fintechs and banks worldwide Thredd, a leading next-generation global payments processor, today announced that it has signed an agreement to enable Visa Cloud Connect on a global scale. This milestone reflects Thredd’s continued investment in cloud-first infrastructure and reinforces its role as a global technology leader in payments processing. Visa Cloud Connect allows organisations to access VisaNet, Visa’s secure and powerful global payments network, through their own cloud-based infrastructure. Purpose-built for cloud-native clients, Visa Cloud Connect can help deliver increased flexibility, faster time to market, and seamless scalability across borders. Under the agreement, Thredd will connect across three global Visa Cloud Connect endpoints, committing to a full global rollout. Once live, this will eliminate the need for multiple regional integrations, helping our clients gain new geographies and
Allvue Expands European Footprint, Names KPMG Luxembourg as Core Implementation Partner25.11.2025 08:56:00 CET | Press release
The partnership offers managers seamless access to specialized local expertise and regulatory knowledge, ensuring accelerated confidence in adopting world-class, API-first technology, including Allvue’s AI tool, Andi. Allvue Systems, LLC (“Allvue”), a leading software technology provider for the private capital markets, today announced an expansion of its current presence in EMEA, naming KPMG Luxembourg as its core implementation partner for all client deliverables for Europe. The strategic collaboration is designed to meet the growing demand from global asset managers leveraging Luxembourg as the premier European fund domicile. By aligning Allvue’s world-class, unified technology platform and solutions with KPMG’s renowned local expertise in private assets, deep regional relationships, and plurilingual delivery capabilities, the partnership offers clients a faster, more effective path to technology adoption. “Our mission is to make private markets more transparent, efficient, and conn
Datassential Expands Global Menu Intelligence with Debut of Global Launches25.11.2025 08:30:00 CET | Press release
Datassential, the leading global food and beverage intelligence platform, announced the debut of Global Launches, an expanded menu–tracking solution offering a unified view of new menu items and limited-time offers (LTOs) across major international markets. Global Launches now tracks menu innovation across hundreds of restaurant chains in the European, Latin American, and Asia-Pacific markets. Building on the robust menu tracking already available in the U.S. and Canada, this expansion gives foodservice businesses a comprehensive view of new menu items and LTOs around the globe, providing unmatched visibility into how trends and flavors appear across worldwide markets and evolve to fit local tastes. “Innovation doesn’t happen in one market at a time — it’s global, constant, and increasingly fast,” said Jim Emling, CEO of Datassential. “Global Launches now offers our customers a single, trusted source to see what’s launching across the world, how concepts are localized, and where the ne
Friendly Fraud Expected to Increase by 25% Between Thanksgiving and Cyber Monday, Warns ACI Worldwide25.11.2025 08:00:00 CET | Press release
ACI’s Payments Intelligence approach offers merchants complete journey protection—stopping friendly fraud and chargeback abuse in real timeACI expects industry leading fraud approval rate of 98% during holiday season - outperforming market averages 'Friendly fraud’ is expected to increase by 25% between Thanksgiving and Cyber Monday, according to an analysis of billions of transactions of global eCommerce businesses by ACI Worldwide (NASDAQ: ACIW), an original innovator in global payments technology. ‘Friendly fraud’ or ‘return fraud’ occurs when legitimate customers dispute transactions post-purchase. Often mistaken for true fraud, these disputes are a growing industry challenge and cost retailers $103 billion in 2024 alone, according to a recent industry report. The average transaction value for a ‘friendly fraud’ item during this year’s holiday season is expected to reach $291, $52 higher than during the same period last year, representing a 21% YoY increase. “These numbers are stag
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom