A survey of 450 individuals on cybersecurity spending plans, areas of investment, and workforce requirements.

Automation and integration is often hailed as a great enabler for the future. This survey identified how respondents are adopting systems, where their systems currently stand and what is on the planning horizon. (more available)

A lot of progress has been made in the past few years around requirements. Next steps in this area include identifying when and why to update intelligence requirements—even ad hoc adjustments can be planned for by identifying the circumstances under which they would need to be changed. (more available)

We annually gather and analyze raw data from hundreds of IT and industrial control systems (ICS) security practitioners across a variety of industries, people whose work places them in positions of responsibility to identify risks and safeguard control systems and networks from malicious and accidental actions. (more available)

A survey of over 300 security professionals on security operations center (SOC) practices and how those practices relate to outcomes.

This 2019 edition of the SANS Security Operations Center (SOC) Survey was designed to provide objective data to security leaders and practitioners who are looking to establish a SOC or optimize their existing SOCs. (more available)

This year’s SANS survey saw an increase in usage and interest in CTI, along with a diversification in how the intelligence is being used by organizations. (more available)

Automation balances machine-based analysis with human-based domain knowledge to help organizations achieve optimal workflows in the face of staff shortages and alert fatigue, all caused by an increasing number of destructive threats. (more available)

This survey, the sixth in a series of annual studies by SANS on security practices in software development, is the first to explicitly focus on DevOps. (more available)

This report analyzes the data submitted by 1,718 security awareness professionals from around the world to identify and benchmark how organizations are managing their human cyber security risk. (more available)

This report is based on a survey, that is intended to provide a community perspective on what security operations centers (SOCs) look like within organizations across the globe, as well as data and guidance to enable organizations to build, manage, maintain and mature effective and efficient SOCs. (more available)

This report discusses the proper workflows in Security Optimization.

This report discusses the Security Operations Center and how it is being architected in organizations with some consensus on what should be done. (more available)

This newly released SANS survey suggests the need to broaden the definition of endpoint to include the user. The two most common forms of attacks reported are browser-based attacks and social engineering, both of which are directed at users, not technology. (more available)

This report is based on a survey that sought to see how organizations were protecting their data.

From the report, “In the following pages, we examine the results of the survey in detail and offer guidelines and feedback on how our industry can continue to improve. (more available)

Distributed denial of service (DDoS) attacks continue to grow in frequency, sophistication and bandwidth. Due to a recent SANS survey, 378 security and network managers reveal that they are experiencing more frequent and sophisticated DDoS attacks These and other trends are discussed in the rest of this report. (more available)

This report discusses the results of a survey conducted in 2017 to determine what information, concerns and security choices organizations are making with the cloud and the security of the cloud. (more available)

The aim of this paper is to establish a database on studies, articles and working papers on cyber risk and cyber risk insurance. (more available)

During the research for this report, two key findings were discovered that uncovered why awareness programs thrive or fail.

This paper outlines five major components of a life-cycle approach to defense and how companies can adopt this model to maximize security in the current threat landscape. (more available)