This report provides insights into the current state of enterprise cyber risk and the role of AI in it. AI is revolutionizing business and has the potential to significantly improve cybersecurity outcomes. Many already have plans to use integrated AI in cyber tools, especially for inferencing, data analysis, and GenAI conversational systems.

COVID-19 has dramatically changed the workplace and has created new cybersecurity risks and exacerbated existing risks. The purpose of this research, sponsored by Keeper Security, is to understand the new challenges organizations face in preventing, detecting and containing cybersecurity attacks in what is often referred to as “the new normal”. All respondents in this research are in organizations that have furloughed or directed their employees to telework because of COVID-19.

This report is sponsored by RiskRecon, a Mastercard Company and conducted by Ponemon Institute, 1,162 IT and IT security professionals in North America and Western Europe were surveyed. All participants in the research are familiar with their organizations’ approach to managing data risks created through outsourcing. Sixty percent of respondents said the number of cybersecurity incidents involving third parties have increased.

The global Study on Closing the IT Security Gap: Addressing Cybersecurity Gaps from Edge to Cloud, now in its third year, is sponsored by Hewlett Packard Enterprises (HPE) to look deeply into the critical actions needed to close security gaps and protect valuable data. In this year’s research, Ponemon Institute surveyed 2,084 IT and IT security practitioners in North America, the United Kingdom, Germany, Australia, Japan, and for the first time, France. All participants in this research are knowledgeable about their organizations’ IT security and strategy and are involved in decisions related to the investment in technologies.

The purpose of this research is to understand the risks created by the cybersecurity gap between the corporate office and executives’ protection at home. According to 42% of respondents, their key executives and family members have already experienced at least one attack by a cybercriminal.

The 17th edition of the Cost of a Data Breach report. Focuses on survey derived information to determine the cost of data breach incidents.

A survey of over 1,000 US and UK IT professionals on the challenges to having the necessary in-house expertise to achieve a strong cybersecurity posture.

A survey-baed report of 1,848 IT and IT Security professionals on the challenges with vulnerability prioritization and the importance of patch management for the prevention of breaches. Touches on the challenges of CMDBs and container security.

The 2020 update of this survey-based review of the costs of a data breach, as reported by practitioners in the field.

The fifth annual survey uses survey results from over 3,4000 It and security professionals on organization’s ability to detect, prevent, contain, and respond to cybersecurity incidents.

Ponemon Institute is pleased to present the findings of the 2020 Cost of Insider Threats: Global study. Sponsored by ObserveIT and IBM, this is the third benchmark study conducted to understand the direct and indirect costs that result from insider threats.

Ponemon Institute is pleased to present the findings on the economics of today’s Security Operations Centers (SOC). Sponsored by Respond Software, Ponemon Institute surveyed 637 IT and IT security practitioners in organizations that have a SOC and are knowledgeable about cybersecurity practices in their organizations. Respondents supervise or are responsible for such activities as information security, threat detection and remediation and security operations management and more.

Ponemon Institute is pleased to present the findings of the second study on vulnerabilityand patch management. As shown inthis research, the severity and volume ofcyberattacks is increasing. However, mostorganizations are not comparably enhancingtheir abilities to prevent hackers fromexploiting attack vectors. In fact, it’s takinglonger to detect and longer to patch criticalvulnerabilities than last year. The cost andconsequences of this failure are myriad.

Ponemon Institute surveyed 627 IT and IT security practitioners in the United States to understand how well organizations are addressing cyber risks associated with attackers who may already be residing within the perimeter, including insiders that might act maliciously. In this study, these are referred to as “post-breach” or “resident” attackers. The findings consistently show that organizations do not fully understand the risks associated with this type of threat, are unprepared for resident attackers, and have little ability to discover and remove them.

CyberGRX and Ponemon Institute surveyed over 600 IT security professionals to learn more about the cost and efficacy of the tools and processes used to conduct third-party cyber risk management today. The survey respondents come from a variety of industries and are all involved in managing their organizations’ third-party cyber risk management programs (TPCRM). All organizations represented in the study have TPCRM programs and believe it is critical to have cybersecurity risk management controls in place

The ninth annual cost of cybercrime study helps to quantify the economic cost of cyberattacks by analyzing trends in malicious activities over time.

The Internet of Things: A New Era of Third Party Risk was sponsored by Shared Assessments and conducted by Ponemon Institute to understand organizations’ level of awareness and preparedness for the upcoming enterprise IoT wave. We hope the research findings will help organizations address the risks associated with the proliferation of IoT devices. We surveyed 553 individuals who have a role in the risk management process and are familiar with the use of IoT devices in their organizations.

Ponemon Institute is pleased to present The Value of Threat Intelligence: Annual Study of North American and United Kingdom Companies, sponsored by Anomali. The purpose of this research is to examine trends in the benefits of threat intelligence and the challenges companies face when integrating threat intelligence with existing security platforms and technologies.

In the last two years, businesses and governments have seen data breaches like Equifax and Marriott impact 100s of millions of accounts each, as well as critical intellectual property (IP) and core operations. A global survey of 600+ cybersecurity leaders and professionals by Ponemon Institute shows that 67% of organizations are not confident that they can avoid a data breach, and what the primary security and IT challenges that are causing this. The survey also provides fundamental recommendations that can reduce breach risk through innovating and improving a vulnerability management program.

Synopsys and SAE International partnered to commission this independent survey of the current cybersecurity practices in the automotive industry to fill a gap that has existed far too long—the lack of data needed to understand the automotive industry’s cybersecurity posture and its capability to address software security risks inherent in connected, software-enabled vehicles. Ponemon Institute was selected to conduct the study. Researchers surveyed 593 professionals responsible for contributing to or assessing the security of automotive components.

The purpose of this study is to understand the beliefs and behaviors surrounding password management and authentication practices for individuals both in the workplace and at home. The goal was to understand if these beliefs and behaviors align, and why or why not. The conclusion is that despite the increasing concern regarding privacy and protection online and a greater understanding of the best security practices, individuals and businesses are still falling short.