this report t explores the vulnerability-to-exploit (V2E) cybercrime and cybersecurity supply chain, outlines the players in the different market segments and provides insights into the related economic drivers.

A survey of over 300 security professionals on security operations center (SOC) practices and how those practices relate to outcomes.

A review of current maturity levels and practices as seen from Micro Focus’s five year history of reviewing security programs.

The Kaspersky Global Corporate IT Security Risks Survey (ITSRS) is a global survey of IT business decision makers, which is now in its ninth year. A total of 4,958 interviews were conducted across 23 countries. Respondents were asked about the state of IT security within their organizations, the types of threats they face and the costs they have to deal with when recovering from attacks. The regions covered consist of LATAM (Latin America), Europe, North America, APAC (Asia-Pacific with China), Japan, Russia and META (Middle East, Turkey and Africa).

The insurance industry has been asked by Lloyd’s, regulators, and its own senior management to understand its exposure to this type of cyber risk. To address this, AIR has developed a comprehensive database of industry exposures that provides the information insurers need for accurate modelling and has used it to form the basis of the alternative modelling approach described in this report. The results of this cloud downtime scenarios analysis could help insurance managers gain insights into how to grow their cyber business in a controlled and prudent manner.

The PSR has the unique role of measuring the strengths and weaknesses of the PCI DSS and tracking the sustainability of compliance. It also measures and tracks challenges associated with implementing and maintaining security controls required for PCI DSS compliance.

This 2019 edition of the SANS Security Operations Center (SOC) Survey was designed to provide objective data to security leaders and practitioners who are looking to establish a SOC or optimize their existing SOCs. The goal is to capture common and best practices, provide defendable metrics that can be used to justify SOC resources to management, and to highlight key areas on which SOC managers can focus to increase the effectiveness and efficiency of security operations.

This report goes in depth into the state of Internet security, including how companies are storing data, orgation’s internet surface areas, and where exposures exist the most.

This publication looks into the safety of cloud and on-prem environments.

This is quarterly publication from Fortinet that looks in the current cyber security threats from April 1 to July 1.

A Guy Carpenter and CyberCube Analytics collaboration explores the size and shape of cyber catastrophes and the resulting financial impact on the U.S. cyber insurance industry.

This research was commissioned by Kenna Security. Kenna collected and provided the remediation dataset to the Cyentia Institute for independent analysis and drafting of this report.

From the report, “BEC is a specific type of phishing email that operates without links and without attachments (two of the standard markers that perimeter defenses look for). However, instead of taking over a computer or stealing data, BEC hackers impersonate an executive (a known CEO, CFO or other CxO), and persuade the recipient (an employee) to perform some action – like wiring money or attaching information to an email. " Read on to learn more.

This report focuses specifically on data threats in the healthcare industry.

This paper discusses all of the consequences for GDPR non-compliance.

This report discusses the problems with passwords, “The problem is that passwords, 2FA and legacy multi-factor authentication solutions have one thing in common – they rely on shared secrets. That means that a user has a secret, and a centralized authority holds the same secret. When authenticating, those two secrets are compared to approve user access. If a malicious 3rd party intercepts the secret, they can impersonate the user. The bad news is that this reliance on shared secrets has kept large populations of users vulnerable to phishing, credential stuffing attacks, and password reuse while contributing to the steep rise in Account Take Over (ATO). The good news? The Digital Identity landscape is about to change very quickly.”

This report provides exactly what its title offers, 10 predictions for developers in 2019.

Risk IQ offers a glimpse into the multiple attacks on IT infrastructure organizations like Wipro and several others. This report is an analysis of those campaigns, their operators, and their targets.

This specialized report offers insights into the Healthcare industry and the gaps in policies and procedures that could lead to damaging cyber events within the industry.

This year’s SANS survey saw an increase in usage and interest in CTI, along with a diversification in how the intelligence is being used by organizations. While the use of CTI continues to grow, there is no one-size-fits-all approach. Organizations leverage different types of CTI to meet different needs. This survey focuses on how and why CTI is being used, how it is helping defenders, what data sources are being leveraged, and how data is converted into usable intelligence.

This monthly report offers insights into the PDS2 regulations and news.