SecurityScorecard Signs CISA’s Secure by Design Pledge

SecurityScorecard reinforces its commitment to trust and transparency in software development

NEW YORK--()--SecurityScorecard today reaffirmed its dedication to building a safer and more transparent digital ecosystem by signing the Cybersecurity and Infrastructure Security Agency’s (CISA) Secure by Design pledge. Joining a coalition of industry leaders, SecurityScorecard proudly meets all seven of the agency’s cybersecurity goals, demonstrating its unwavering dedication to building trust and transparency in the cybersecurity landscape. To further embody the pledge's emphasis on measurable progress, SecurityScorecard is committed to transparently continuing to show progress on these goals.

Steve Cobb, CISO, SecurityScorecard, said:

"SecurityScorecard champions secure development from the ground up, building a stronger digital ecosystem for everyone. We recognize that unprotected software puts us all at risk, threatening our national security and economic well-being. That is why trust, transparency, and security are at the heart of everything we do, and signing CISA's pledge is a crucial step towards building a safer digital world."

Established in trust and transparency

Since its founding over a decade ago, SecurityScorecard has been a leading advocate for collaboration in cybersecurity, championing a global culture of trust and transparency. This unwavering commitment is woven into the fabric of every SecurityScorecard product and service, empowering every user to actively participate in upholding the accuracy of security ratings.

SecurityScorecard understands that trust is paramount. The company’s focus on transparency translates into a strong commitment to data privacy and compliance and ensures the security of customers, partners, and vendors. This commitment is exemplified by the active participation of over 60,000 organizations, continuously rating more than 12 million entities globally.

Building a more resilient tech ecosystem

A recent SecurityScorecard report revealed that 75% of third-party breaches target the software and technology supply chain, enabling threat actors to scale their operations with minimal effort.

These findings highlight the vital role of the Secure by Design pledge. By embedding security into the development process from the outset, technology vendors can significantly bolster the cybersecurity resilience of their products and services. This proactive approach thwarts potential attacks and fosters a more secure digital environment, making it exponentially harder for malicious actors to succeed.

Expanding our partnership with CISA

This latest development builds on the strong relationship between SecurityScorecard and CISA. SecurityScorecard is included in CISA’s catalog of Free Cybersecurity Services and Tools designed to enhance the cyber resilience of critical infrastructure sectors. Additionally, CISA publicly partnered with SecurityScorecard through the CISA Joint Cyber Defense Collaborative to share cyber threat information in defense of public and private critical infrastructure.

Learn more about SecurityScorecard’s commitment to trust and transparency:

About SecurityScorecard

Funded by world-class investors, including Evolution Equity Partners, Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings, with more than 12 million companies continuously rated.

Founded in 2014 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard’s patented security ratings technology is used by over 25,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight.

SecurityScorecard makes the world safer by transforming how companies understand, improve, and communicate cybersecurity risks to their boards, employees, and vendors. SecurityScorecard achieved the Federal Risk and Authorization Management Program (FedRAMP) Ready designation, highlighting the company’s robust security standards to protect customer information, and is listed as a free cyber tool and service by the U.S. Cybersecurity & Infrastructure Security Agency (CISA). Every organization has the universal right to its trusted and transparent Instant SecurityScorecard rating. For more information, visit or connect with us on LinkedIn.


Ashley Nakano