This report has been produced by the 400,000 member Information Security Community on LinkedIn in partnership with Cybersecurity Insiders to explore how organizations are responding to the security threats in the cloud, and what tools and best practices IT cybersecurity leaders are considering in their move to the cloud.

From the Report, “When you are faced with multiple risks and regulatory requirements, as well as constantly-changing industry trends, how do you connect the dots? How do you bring all this information together in a way that is meaningful to your organization? MetricStream Research offers you a range of cutting-edge GRC research reports, insights, and analyses that empower you to make informed and effective decisions on your GRC Journey®. Through primary and secondary research, we analyze the latest GRC trends and developments, and transform this data into the intelligence you need to drive exceptional performance.”

FireMon is proud to present its 3rd Annual State of the Firewall Report based on 437 survey responses collected between November 16, 2016 and December 6, 2016. Respondents included IT security practitioners representing a range of professional roles, organization sizes and industry verticals. Survey participants were asked 26 questions about their current firewall infrastructure and management challenges as well as questions about adoption and impact of emerging technologies such as SDN, cloud, microsegmentation and Internet of Things (IoT).

“It’s difficult to make forecasts, especially about the future,” mused movie mogul, Samuel Goldwyn. With the rapid changes in digital transformation, 2019 is likely to surprise us in significant ways. But one thing is certain: IT predictions for 2019 will include swift expansion into the cloud and solutions for the myriad challenges of providing security, compliance and business continuance across the growing on premise and cloud estates.

Abstract: Enterprises increasingly operate in a digitally interconnected world where third parties like suppliers, customers, channel partners, and others are often directly connected to their internal IT systems, and where their underlying IT infrastructure may be owned and managed by an outside organization. These business relationships can knowingly or unknowingly introduce different types of risks that need to be identified and managed as if these third parties were part of the enterprise itself. Recorded Future’s latest risk intelligence offering enables threat intelligence teams to better understand, monitor, and measure their real-time exposure to these third-party risks. Armed with this information, organizations can better assess and prioritize risk mitigation actions.

This report offers insights and guides into the new Help America Vote Act.

From the report, “As the hype and soaring price of cryptocurrency has drawn in thousands of new players worldwide, generating a single bitcoin takes a lot more servers than it used to. It is becoming an arms race amongst miners for access to CPUs, GPUs and even electricity. As a result, we are starting to see a cryptojacking epidemic and hackers aren’t sparing anyone; they are targeting everyone from consumers to large multinational organizations.”

This report has been produced in partnership with the 400,000 member Cybersecurity Insiders community of IT security professionals to explore how AWS user organizations are responding to security threats in the cloud, and what tools and best practices IT cybersecurity leaders are prioritizing in their move to the cloud.

From the report, “The Puppet 2018 State of DevOps Report took a new tack this year, seeking prescriptive guidance for teams to follow. We designed our survey to learn how organizations progress through their DevOps journeys, and after analyzing the data, we found that the successful ones go through specific stages. Our research also revealed a set of core practices — we call them “foundational practices” — that are critical to success throughout the entire DevOps evolution. In this paper, we’ll take you through an in-depth description of these foundational practices, and offer you our advice for how to begin instituting them in the way that makes most sense for your organization, based on our findings.”

While popular out-of-the-box SaaS products like Salesforce, Box, Dropbox, and Office 365 are becoming common in the workplace, many enterprises have business needs that require custom-made applications.

Cybersecurity has emerged as a key risk factor to be weighed during the due diligence process of any merger and acquisition. How should organizations on both sides approach the process? Steve Chabinsky of CrowdStrike shares his thoughts on strategy for assessing cyber risk during the M&A due diligence process.

The Law Firm Cybersecurity Scorecard is issued quarterly and is part of their commitment to thoroughly study, understand, and report on the imminent amount and magnitude of threats faced by law firms today as well as the steps they are taking to mitigate the threat. To that point, per a recent Law 3603 report, law firm Managing Partners list cybersecurity as their number three priority, behind financial profits and generating revenue. Even though cybersecurity seems to be an area of particular focus, this scorecard will illustrate that law firms continue to struggle with making operational investments and instituting practices that do not provide a quantifiable financial return. Thus, they jeopardize their reputations, client relationships, and in some cases, financial well-being.

Data breach has become an existential risk to every law firm throughout the world regardless of the number of attorneys, revenues or practice areas. The Law Firm Cyber Security Scorecard is compiled by LOGICFORCE and published bi-annually to educate the legal industry on the current state of Cyber Security preparedness. This second edition also seeks to clearly define de facto cyber security standards for law firms so they can easily determine where their organizations rate in comparison.

This paper cites a Dimensional Research survey of 250 IT security professionals in financial services organizations located in the U.S., U.K., Germany, France and Australia. The survey examines the challenges faced by the financial services industry in managing certificates, and the results illustrate the importance of incorporating CA-agility into a certificate management strategy. The survey also explores the federal government and other industries, including healthcare, retail and technology.

This white paper explains common use cases for privilege management on Unix/Linux servers.

This report seeks to answer the question, “What will shape the next 12 months in cybersecurity?”

In this paper, they explore the modern enterprise — a hybrid organization with infrastructure spread across on-premises data centers as well as hosted in the cloud and one where IT functions are split between internal and 3rd-party administrators. They look at these and related trends impacting our data security and specifically, best practices on how to manage and govern privileged user access to mitigate these risks.

The Identity Ecosystem Functional Model deliverable was developed by the IDESG Security Committee to provide context to discussions of identity ecosystems and a consistent model upon which to center descriptions of identity solutions. This is not a model of the IDESG as an organization but a representation of online identity interactions and the various components needed to execute those interactions.

This paper seeks to help organizations understand that Microsoft Azure (Azure) has a lot more to offer than cost savings. Enterprises with the highest levels of cloud adoption, typically, not only completely re-architect their applications, but also take advantage of automation to streamline the entire development and deployment process. They adopt DevOps pipelines and use CI/CD (continuous integration and continuous delivery) tools with the objective of nimbly meeting customer and business needs.

Here is a report based on collaboration from a variety of cybersecurity insiders.

This white paper contains IBM’s suggestions for accelerating the process of becoming compliant with Europe’s GDPR.