NY-SECURITYSCORECARD
SecurityScorecard, the global leader in cybersecurity ratings, today announced the results of its new report, Addressing the Trust Deficit In Critical Infrastructure, which revealed 48% of critical manufacturing organizations ranked “C,” “D,” or “F” on SecurityScorecard’s security ratings platform. Published during the World Economic Forum (WEF) Annual Meeting, the report analyzed the current state of cyber resilience in the critical infrastructure sectors such as Energy, Chemical, Healthcare, and others, as designated by the Cybersecurity and Infrastructure Security Agency (CISA). Organizations with an “A” security rating are 7.7 times less likely to sustain a breach than those with an “F” rating.
“Security ratings are a trusted barometer of cyber resilience and the time is now for policymakers and organizations to make cyber risk measurement mandatory,” said Aleksandr Yampolskiy, co-founder and CEO of SecurityScorecard. “Cyberattacks in the last 10 years have gotten much worse, more complex, and increasingly have targeted critical infrastructure, thereby undermining the public’s trust in the cyber resilience of our global economy.”
SecurityScorecard provides comprehensive security ratings, automated assessments, and guidance from industry experts, providing a patented and easy-to-understand A-F graded scorecards for improved communication, effective compliance reporting, and more informed decision-making.
According to the World Economic Forum, only 19% of cyber leaders feel confident that their organizations are cyber resilient. SecurityScorecard recently joined the World Economic Forum Global Innovators Community, contributing to WEF’s Centre for Cybersecurity’s initiative to address systemic challenges, improve trust, and build cyber resilience. Yampolskiy is attending the WEF Annual Meeting in Davos to engage with the world’s foremost public- and private-sector leaders on mitigating global cyber risk, including within critical infrastructure.
Critical Manufacturing Patching Cadence Falls Amid Escalating Attack Cadence
Cyber incidents affecting critical infrastructure, once comparatively rare, have become far more frequent in recent years as nation-states and their proxies escalate their pursuit of geopolitical objectives. Data from the Federal Bureau of Investigation showed that 14 of the 16 sectors considered critical infrastructure by the U.S. government experienced at least one ransomware attack in 2021.
SecurityScorecard assessed these industries to measure their current state of cyber resilience. It found that critical manufacturing is highly vulnerable based on analysis of all organizations under that category in The Forbes Global 2000 list. SecurityScorecard considers 10 factors when developing an organization’s security rating. Of those 10, the patching cadence ‘factor’ for critical manufacturing experienced a significant drop from 2021 to 2022, moving from 88 (B) to 76 (C).
High and Medium-Severity CVEs Strain Resources
The decline in patching is likely due to an increased volume of vulnerabilities. Critical manufacturing experienced a 38% year-over-year increase in high severity vulnerabilities. In 2022 alone, 76% of critical manufacturing organizations have high and medium-severity CVEs.
These CVEs may, in some cases, facilitate ransomware groups’ targeting of organizations in the sector. Manufacturers experienced an increase in malware infections from 2021 to 2022. In 2022, 37% of critical manufacturing organizations had malware infections.
“While investing in more technology might seem burdensome to resource-constrained critical infrastructure operators, the reality is that cybersecurity ratings technology is extremely cost-effective, especially when you consider the catastrophic cost of a breach is $9.44 million on average for U.S. organizations,” continued Yampolskiy. “By leveraging security ratings, these organizations have a simple way to build resilience and make more informed decisions to strengthen their cyber defenses by confidently measuring risk and quantifying the trustworthiness of their partners, contractors, third-and fourth-party vendors, and supply chains.”
To view the full research paper, please visit: https://resources.securityscorecard.com/davos-2023/addressing-the-trust-deficit
About SecurityScorecard
Funded by world-class investors including Evolution Equity Partners, Silver Lake Waterman, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 30,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. SecurityScorecard is the first cybersecurity ratings company to offer digital forensics and incident response services, providing a 360-degree approach to security prevention and response for its worldwide customer and partner base. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every organization has the universal right to their trusted and transparent Instant SecurityScorecard rating. For more information, visit securityscorecard.com or connect with us on LinkedIn.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20230117005416/en/
About Business Wire
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
NIQ and Displayce Collaborate to Bring Sales Lift Measurement to Europe’s DOOH Advertising Market16.9.2025 18:00:00 CEST | Press release
NIQ, a leading consumer intelligence company, and Displayce, a pioneering specialist technology suite for Out-of-Home advertising, are collaborating to bring advanced measurement capabilities to the European DOOH market. By combining NIQ’s trusted consumer intelligence with data from Displayce’s media activation platform, advertisers can link DOOH campaigns to in-store sales performance — driving transparency and accountability across the DOOH ecosystem. NIQ has long been a trusted source of consumer purchase insights for manufacturers and retailers, capturing the buying behavior of millions of households across more than 90 countries. Now, NIQ is extending its expertise and insights into the media ecosystem, empowering advertisers and agencies with new data assets and measurement solutions to improve their understanding of consumers and drive better ROI. Through the collaboration, NIQ and Displayce are driving the DOOH ecosystem toward more addressable, transparent, and results-driven
Capcom’s Resident Evil Requiem, the Latest Title in the Series, Also Coming to Nintendo Switch 2 on February 27, 2026!16.9.2025 15:00:00 CEST | Press release
– Additionally, two other Resident Evil series titles to be released for the console on the same date in step with Capcom’s multi-platform strategy – Capcom Co., Ltd. (TOKYO:9697) today announced that Resident Evil Requiem, the latest title in the Resident Evil series scheduled for release on February 27, 2026, for PlayStation®5 system, Xbox Series X|S, and PC, will also be released for Nintendo Switch™ 2 at launch. In addition, Resident Evil 7 biohazard and Resident Evil Village, two other titles in the series, will also be released for Nintendo Switch 2 on the same date. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250916064724/en/ Resident Evil Requiem Key Art Resident Evil Requiem is a survival horror game that serves as the ninth main installment in the series. The title is being developed using RE ENGINE, Capcom’s proprietary game engine, and leverages Capcom’s extensive development experience cultivated over numerou
Aker BP Leverages Cognite Atlas AI™ to Pioneer an AI-First Future in Exploration and Production16.9.2025 15:00:00 CEST | Press release
Human insight and autonomous agents work together to transform operations, enhance efficiency, improve safety, and unlock new value across the enterprise. Aker BP, one of Europe's largest independent oil companies, and Cognite, the global leader in industrial AI, deepen their strategic partnership through the expanded adoption of Cognite Atlas AI™,harnessing the power of AI agents to improve efficiency, reduce costs, and elevate productivity. This enhanced collaboration puts Aker BP at the forefront of leveraging agentic AI to drive significant value and transform its operations. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250903134233/en/ Aker BP Leverages Cognite Atlas AI™ to Pioneer an AI-First Future in Exploration and Production Aker BP's "AI-first strategy" was developed to help lead the energy sector into a data-driven future by seamlessly integrating AI applications within industrial settings and business objectiv
GlobalPlatform to Drive Next Phase of Growth for PSA Certified, Accelerating Security Adoption16.9.2025 15:00:00 CEST | Press release
Founded by Arm and industry partners, PSA Certified will continue to evolve under GlobalPlatform’s governance as the trusted global standard for secure connected devices GlobalPlatform announced today it will assume governance of PSA Certified, the global security certification scheme launched by Arm and key partners in 2019. In this next phase of growth, GlobalPlatform—the global standards organization for secure digital services and devices—will drive further collaboration, broader industry participation, and greater regulatory alignment for PSA Certified. Since its launch, PSA Certified has become a globally adopted framework that helps manufacturers and developers build secure connected products based on a Root of Trust. It aligns key security components—such as device identity, cryptography, attestation, and secure boot—with certification needs, regulatory requirements, and global best practices. To date, more than 250 products — spanning silicon, software, and devices—have been c
Moody’s Agentic Solutions to Automate Complex Workflows and Speed Human Decision-Making16.9.2025 14:00:00 CEST | Press release
Moody’s today announced Agentic Solutions, a groundbreaking addition to its suite of AI-powered offerings designed to transform how organizations make decisions in complex, high-stakes environments. The new solutions empower organizations to act with greater speed, precision, and confidence than ever before, reshaping how risk is decoded, opportunities are identified, and decisions are made. “For over a century, our customers have looked to Moody’s for premium data, trusted insights, and cutting-edge solutions to help them make better, more informed decisions,” said Rob Fauber, President and CEO of Moody’s. “Agentic Solutions is a natural extension of our legacy of investment and innovation – anchored in the strength of our industry leading data-estate and the depth of our people’s analytical skills. By integrating agentic capabilities into the workflows of our customers, we are supercharging the speed and precision at which we can help our customers understand risk and unlock opportun
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom