This report looks at the roles and responsibility CISO’s have, highlighting changes over the past 12-18 months.

A deep dive into the nature of the finance sector’s public risk surface. Reviewing subsectors of the finance ecosystem, including supply chains. (more available)

A survey-driven report of over 150 third-party risk practitioners to understand the challenges facing their programs, the actions those professionals are taking to address the challenges, and identify success factors. (more available)

A June 2020 survey to assess the current challenges and perceptions of the oft-mentioned cybersecurity skills gap problem faced by IT and security teams worldwide. (more available)

This document institutes the third edition of the CISO Current report and contains data gathered from direct interviews surveying almost 40 cybersecurity executives at leading enterprises. (more available)

Using survey data from 2,500 security professionals who indicated they have some measure of privacy responsibilities, this report provides analysis on the ROI for privacy efforts, maturity of privacy programs, vendor selection, and other topics. (more available)

Veracode commissioned this survey from 451 Research to understand how widely accepted andpracticed coordinated disclosure – whereby a security researcher identifies a flaw and notifiesthe company, then the two work together to fix and publicly disclose the flaw – really is andwhere the pain points reside. (more available)

This report from Pew Research Center goes over how and where the average person’s personal information is used online. It goes over the lack of control most people feel, who collects your data, the lack of understanding people have over who uses their data, and how people think about the privacy and vulnerability of their personal data. (more available)

This is a survey conducted by Cisco, mainly talking about their findings that people care about privacy, and a surprisingly large number have already taken actions to protect it. (more available)

In this fourth edition of BeyondTrust’s annual Privileged Access Threat Report, we’ll be exploring the 2019 threat landscape in detail, with a focus on how security decision makers are utilizing Privileged Access Management (PAM) solutions to mitigate these risks. (more available)

This report outlines the findings from extensive primary research analyzing more than six million enterprise devices over a one year period. (more available)

This monthly report offers insight into PDS2 regulations and devleopments.

From the Report, “In this new world, GRC has tremendous opportunity to add value. For instance, by pushing for higher standards of corporate governance and integrity, GRC can help a business strengthen its reputation, and inspire trust. (more available)

The survey upon which this report is based was fielded by the Financial Services Information Sharing and Analysis Center, in conjunction with Deloitte’s Cyber Risk Services practice. (more available)

From the report, “During the last few months, global corporations have been extremely busy with implementing the needed changes in order to be compliant with the upcoming GDPR regulation. (more available)

From the report, “The Puppet 2018 State of DevOps Report took a new tack this year, seeking prescriptive guidance for teams to follow. (more available)

This report offers insight into the DevSecOps Community.

The “Impact of Cloud on ERP” survey report was designed to assess the impact of ERP solutions on organizations and better understand cloud preparation and data migration needs to implement ERP solutions in the cloud. (more available)

From the Report, “A new study by IDG shows 86% of organizations have suffered repercussions, including increased security breaches and data loss, due to lack of collaboration between Network & Cybersecurity teams. (more available)

This report provides insight into threat hunting and the challenge of returning the balance of power for security from the attackers to the defenders. (more available)

This report draws conclusions from the data to understand why organizations are struggling to take actions from lessons learned from a year of the WannaCry virus. (more available)