The survey upon which this report is based was fielded by the Financial Services Information Sharing and Analysis Center, in conjunction with Deloitte’s Cyber Risk Services practice. Fifty-one companies participated in the pilot launch of the survey, with representation from entities both larch and small, as well as those in between. Respondents came from all financial sectors, albeit skewed more heavily toward the US banking community.

From the report, “During the last few months, global corporations have been extremely busy with implementing the needed changes in order to be compliant with the upcoming GDPR regulation. While this happens, cyber-threat actors are preparing themselves for the possible consequences, without a clear picture of whether GDPR will hurt them or benefit them. According to the General Data Protection Regulation (GDPR) any company that handles European Union consumer personal data is obligated to take tangible steps to ensure the information’s security. This means the EU sees any organization that uses EU citizens’ data of any kind, responsible to protect it, whether the organization is headquartered inside EU territory or not. It will, of course, affect the way global corporations handle consumer data encryption, but in even more basic terms, it will affect what kind of information is permitted to be stored and passed along to other users.”

From the report, “The Puppet 2018 State of DevOps Report took a new tack this year, seeking prescriptive guidance for teams to follow. We designed our survey to learn how organizations progress through their DevOps journeys, and after analyzing the data, we found that the successful ones go through specific stages. Our research also revealed a set of core practices — we call them “foundational practices” — that are critical to success throughout the entire DevOps evolution. In this paper, we’ll take you through an in-depth description of these foundational practices, and offer you our advice for how to begin instituting them in the way that makes most sense for your organization, based on our findings.”

This report offers insight into the DevSecOps Community.

The “Impact of Cloud on ERP” survey report was designed to assess the impact of ERP solutions on organizations and better understand cloud preparation and data migration needs to implement ERP solutions in the cloud. Features and benefits gained, security and privacy challenges, and time to deploy for an ERP Solution in a cloud environment were explored.

From the Report, “A new study by IDG shows 86% of organizations have suffered repercussions, including increased security breaches and data loss, due to lack of collaboration between Network & Cybersecurity teams.”

This report provides insight into threat hunting and the challenge of returning the balance of power for security from the attackers to the defenders.

This report draws conclusions from the data to understand why organizations are struggling to take actions from lessons learned from a year of the WannaCry virus.

This study’s principal conclusion clearly mirrors today’s cybersecurity landscape: every organization is vulnerable to a cyber attack. This report uses measures of awareness and readiness to assess three degrees of vulnerability, each of which indicate differing needs to take action.

This paper presents the research that discusses the findings of a recent global test regarding the preparedness of individuals entering the workforce, to participate in collaborative problem solving. Of note, the report discusses that this problem is causing an inability to face cybersecurity threats.

This report provides an international study of senior management attitudes to leadership development and executive education. It also provides insight into cybersecurity related issues.

This report offers a unique insight into the C-Suite. It pays particular attention to their views on Cybersecurity.

A thought piece on trends that are occuring at the senior leadership levels of security professionals. Some survey data is refererenced, though it is unclear if a new survey was conducted for some of the trends identified in this report.

Cybersecurity incidents are increasing at astonishing rates with no end in sight. The impact of these incidents in business disruption, cost and invasion of individual privacy has provoked a groundswell of legislation and government regulation across the globe. With new regulations coming fast and furious, security professionals are often in uncharted territory, forced to juggle conflicting goals of security and privacy on one side and business growth and innovation on the other—and all under the umbrella of compliance and monitoring. Read on to learn more helpful information.

This e-book contains insights on breach readiness, response and resiliency based on in-depth interviews conducted with the Security for Business Innovation Council (SBIC). The SBIC is comprised of forward-thinking security executives from Global 1000 enterprises committed to advancing the state of information security worldwide by sharing insights from their real-world experience.

More than 40 executive-level representatives from primes to Tier 2 and consultants participated in an October 24th Roundtable on these topics. The roundtable was conducted under Chatham House Rules. Accordingly, this paper summarizes the discussion, with no identification of attendees.

This report posits that “Companies are racing into the digital future adopting technology enabled operating and business models that drive bottom- and top- line growth. They are not prepared for the new cyber risks that come with the connected, data-driven future enterprise.” Read on to learn about solutions.

The Third-Party Security Risk Management Playbook (Playbook) is the definitive study of third-party security risk management practices. Based on in-depth interviews of risk executives from 30 domestic and global firms, it reveals the real-world capabilities and practices employed to manage third-party cyber risk, distilled into 14 capabilities with 72 common, emerging, and pioneering practices.

This white paper explains common use cases for privilege management on Unix/Linux servers.

Recommendations for securing and managing privileged credentials used by enterprise applications

In this paper, they explore the modern enterprise — a hybrid organization with infrastructure spread across on-premises data centers as well as hosted in the cloud and one where IT functions are split between internal and 3rd-party administrators. They look at these and related trends impacting our data security and specifically, best practices on how to manage and govern privileged user access to mitigate these risks.