From the report, “Our survey examined the most common malware threats that organizations are grappling with, how often those threats result in actual compromises, and the challenges involved in responding to them. Respondents included CIOs, CTOs, CSOs, IT directors, network administrators, and senior executives from organizations in more than 20 industries.”

As the November 2018 US midterm elections looms, Anomali Labs set forth to answer the cyber version of the old myth “lightning never strikes the same place twice” — replaced with “can email spoofing attacks really strike the US elections twice”. The Anomali research team sought to answer that question by evaluating the strength of email security programs for election-related infrastructure.

This report offers a view of The Republic of South Africa. And takes a look at the Threat Landscape of that nation.

The purpose of this white paper is to better understand the challenges that healthcare organizations face as they attempt to modernize efforts in the areas of data collection and analysis, value-based care strategies, and patient and caregiver engagement. This report will discuss how outdated technology investments hamper these efforts— especially as hospitals and other healthcare providers attempt to partner with fellow provider organizations, health information exchanges (HIEs), and accountable care organizations (ACOs) to fully take advantage of the shift to value-based care reimbursements.

This paper seeks to prompt a discussion about how our mindset and approach to cyber security now needs to change. It proposes 10 areas where important challenges must be confronted; this evolution will also provide some structure for innovative and disruptive technologies that are beginning to come to market but don’t fit the mould of traditional security controls.

We are living in a world where breaches of consumer privacy are a regular phenomenon. Breaches, such as the Cambridge Analytica-Facebook snafu and the Google+ leak, have dominated headlines in 2018, exposing the personal information of millions of people and shaking our trust in big brands. Many consumers are making drastic changes to the way they interact with brands online, and they believe businesses need to take ultimate responsibility for protecting their data. Ping Identity surveyed more than 3,000 consumers across the U.S., UK, France and Germany to examine consumer attitudes in a post-breach era to help businesses maintain trust and stay ahead of their customers’ expectations.

These days, IAM is a moving target being moved by the forces of cloud, mobile and increasingly connected consumers. By keeping these five trends in mind, and understanding the security and access control needs of your enterprise, you can make decisions that’ll benefit you today, while providing a good foundation for future evolution.

What the Internet of Things means for consumer privacy discusses the findings of an Economist Intelligence Unit (EIU) research programme, sponsored by ForgeRock, that explores the privacy concerns and priorities of global consumers stemming from the Internet of Things (IoT) and related technologies.

To find out how European enterprise customer data leaders are tackling this complex problem, Janrain conducted more than 50 interviews (see appendix 1 for interviewee profile), the findings of which are distilled into this eBook.

From the report, “The survey results show that companies should ensure their online interactions with customers are aligned around three key principles: trust, consent, and education.” Read on to understand more.

The Law Firm Cybersecurity Scorecard is issued quarterly and is part of their commitment to thoroughly study, understand, and report on the imminent amount and magnitude of threats faced by law firms today as well as the steps they are taking to mitigate the threat. To that point, per a recent Law 3603 report, law firm Managing Partners list cybersecurity as their number three priority, behind financial profits and generating revenue. Even though cybersecurity seems to be an area of particular focus, this scorecard will illustrate that law firms continue to struggle with making operational investments and instituting practices that do not provide a quantifiable financial return. Thus, they jeopardize their reputations, client relationships, and in some cases, financial well-being.

Data breach has become an existential risk to every law firm throughout the world regardless of the number of attorneys, revenues or practice areas. The Law Firm Cyber Security Scorecard is compiled by LOGICFORCE and published bi-annually to educate the legal industry on the current state of Cyber Security preparedness. This second edition also seeks to clearly define de facto cyber security standards for law firms so they can easily determine where their organizations rate in comparison.

Data breaches have become a risk to every law firm throughout the world regardless of the number of attorneys, revenues or practice areas. The Law Firm Cybersecurity Scorecard is developed by LOGICFORCE and published regularly to educate the legal industry on the current state of cybersecurity preparedness.

From the Report, “Through analysis of billions of anonymized cloud events across a broad set of enterprise organizations*, we can determine the current state of how the cloud is truly being used, and where our risk lies. Consider that nearly a quarter of data in the cloud is sensitive, and that sharing of sensitive data in the cloud has increased 53% year-over-year. If we don’t appropriately control access and protect our data from threats, we put our enterprises at risk.”

F5 Labs, in conjunction with our data partner Loryka, has been tracking “The Hunt for IoT” for two years. We have focused our hunt primarily around port 23 telnet brute force attacks—the “low-hanging fruit” method—as they are the simplest, most common way to compromise an IoT device. (Telnet was also the most prominent attack type when we started this research series.)

In August 2018 CipherCloud completed a survey of key customers and cloud users that included responses from hundreds of enterprise corporations. This survey was designed to identify the key business drivers that were compelling to these users as justification for the protection of cloud data.

This report provides insight into the public concern about security issues in Australia in 2018.

In our 24-criterion evaluation of the emerging managed security services providers (MSSPs) market, we identified the 10 most significant providers, and researched, analyzed, and scored them. This report shows how each provider measures up to help security leaders make the right choice.

The Third-Party Security Risk Management Playbook (Playbook) is the definitive study of third-party security risk management practices. Based on in-depth interviews of risk executives from 30 domestic and global firms, it reveals the real-world capabilities and practices employed to manage third-party cyber risk, distilled into 14 capabilities with 72 common, emerging, and pioneering practices.

In mid-July, Palo Alto Networks Unit 42 identified a small targeted phishing campaign aimed at a government organization. While tracking the activities of this campaign, we identified a repository of additional malware, including a web server that was used to host the payloads used for both this attack as well as others. We’ll discuss how we discovered it, as well as possible attribution towards the individual behind these attacks.

The Russian invasion of Georgia was preceded by an intensive build up of cyberattacks attempting to disrupt, deface and bring down critical Georgian governmental and civilian online infrastructure. The campaign has been reported in the media, with wide coverage suggesting the campaign was a spontaneous outburst of popular feeling in Russia lead by independent hackers. However, as this report suggests, the offensive was too large, coordinated, and sophisticated to be the work of independent hackers; the evidence leads by-and large to the Russian Business Network (RBN) in St. Petersburg, Russia. Whilst only a criminal investigation can directly prove the involvement of the Kremlin, both experts and commentators have accused Moscow of sponsoring the attacks as their magnitude requires the involvement of the kind of resources only a state-sponsor can provide.