The second annual RSA Cybersecurity Poverty Index is the result of an annual maturity self-assessment completed by 878 individuals across 24 industries. The assessment was created using the NIST Cybersecurity Framework (CSF) as the measuring stick to provide global insight into how organizations rate their overall cybersecurity maturity and practices. This report presents what was learned.

The details in this report are compiled from Proofpoint’s specific research and experience from the events of 2017.

This monthly threat report takes a look at the month of December 2017. Specifically, it looks at insights into Coinhive, intellectual property theft via Iranian hackers, and North Korea’s new cyberattack tools.

From the report, “We are pleased to present the findings of The State of Malware Detection & Prevention sponsored by Cyphort. The study reveals the difficulty in preventing and detecting malware and advanced threats. The IT function also seems to lack the information and intelligence necessary to update senior executives on cybersecurity risks.”

Advice in this report ranges from the tactical to the strategic. Recognize the importance of solutions that can provide specific benefits yet work as part of a unified security posture. They claim that their security recommendations will provide actionable information and guidance, while taking into account the need for organizations to grow and innovate at the same time.

Cybersecurity is one of many considerations teachers now juggle as they seek to get the most out of digital transformation in the classroom. But when the weight of assuring cybersecurity conflicts with the litany of everyday issues that teachers are faced with on campus, enforcing digital best practices often falls by the wayside.

This report is a breakdown of mistakes to be avoided in the IT Seurity arena.

This report discusses APT Protection and how it impacts a certain quadrant of the Market.

This report discusses trends in the cyber security environment in Southeast Asia from January to June 2015. We will review some recent cases of attempted breaches on companies and governments, and provide an update on a group we first identified in 2013 as APT.Nineblog.

Interoperability between healthcare networks is a major goal and a major challenge for many healthcare providers. Combining today’s advanced cyberthreats and the challenges of HIPAA compliance makes sharing PHI a daunting task for many healthcare groups. Read this paper to learn how interoperability and HIPAA compliance are achievable.

This is Rapid7’s Quarterly Threat Report. In this report they have created additional views by day, hour, and event type by industry to give you a glimpse into both the workload variety and volume facing these unsung heroes of cybersecurity.

This blog post takes a look at a vulnerability unique to the Logitech Harmony Hub.

This report takes a look at some of the damages that occurred in the Healthcare Industry, and examines what positive steps can be made in 2018 to make a safer cybersecurity experience for the industry.

This paper posits that, “A re-classification of vulnerability rules and their respective attack chains derived through log analysis alerts may now be modified and adjusted through big data processing. Analysis and presentation of attack chain data should be supplied to customers and should cover each stage of a compromised asset or attack.”

This report discusses trends in the cyber security environment in Latin America from January to June 2015.

In late 2017, Sophos sponsored an independent research study into the state of network security in mid-sized organizations across the globe. This research program explored the experiences, concerns, and future needs of IT managers, with particular focus on firewalls and network defenses.

This Threat Report takes a look at some of the events of spring 2017. Specifically, it looks at criminal campaigns that leveraged exploits exposed by the Shadow Brokers, threat groups that used social media profiles, a threat group that attacked supply chains of large corporations, quickly evicting threat actors from a compromised environment.