This is a report put out by Impervia based on their 2019 DDoS attack study. Their analysis of attacks is based on data from 3,643 network layer DDoS attacks on websites using Imperva services from January 1, 2019 through December 31, 2019, and on 42,390 application layer attacks on websites using Imperva services from May 1, 2019 through December 31, 2019,

This report from Cisco proves 10 cyber security myths false.

The 2020 Internet of Evil Things survey results are in. This year we’ve polled over 200 cyber security professionals at the RSA conference in San Francisco, USA on their experience of managing wireless security, including their awareness and preparedness of wireless cyberattacks on their organization.

This is a small infographic created by ISACA that outlines key findings from their COVID-19 study done in April 2020.

This survey looked at the state of IT departments in 2020 and where their priorities fell. After surveying more than 1,300 IT professionals, it’s clear vendor management and contract negotiation is becoming a time-consuming endeavor. In fact, 50% of IT professionals work with 11 or more vendors and nearly half (48%) spend weeks or months renegotiating their vendor contracts each year.

Applying the principle of least privilege should be a foundational element of any organization’s cyber security strategy. However, a sustainable least privilege strategy isn’t something that can be set up overnight. It takes planning, collaboration, and the right tools to meet the needs of security, IT, desktop support, and users.

This report is based off the findings of a deep analysis of vulnerabilities in BAS. The results are grouped into four areas then published. The four areas are: Analysis of the security Landscape, Discovery and responsible disclosure of previously unknown vulnerabilities, Deployment of a proof of concept malware, and Discussion on how network monitoring tools can help protect.

A survey driven report across the US and UK geographies on organization’s SOC capabilities.

In this report, we explore the state of OT security from the perspective of IT security practitioners, and provide practical recommendations on how to bridge the IT and OT cybersecurity gap. This report also examines the to OT security.

This document is the product of a flash survey, an unscheduled, event-driven survey with a fast turnaround to cover a rapidly evolving situation relevant to tech markets. This survey was designed to measure the impact of the COVID-19 coronavirus outbreak on businesses. It was conducted between March 10 and March 19, 2020, and represents approximately 820 completes from pre-qualified IT decision-makers.

With this common understanding in mind, we have taken a comprehensive look at previously disclosed activity that can now be attributed to the GRU. Numerous governments, security firms, researchers, reporters, academics, and victims have released reports detailing different facets of the GRU’s activities. Our review identified more than 200 cyber incidents, spanning 15 years (2004–2019), targeting governments, the private sector, and members of civil society. These operations have discovered and disclosed secrets, defamed people, disinformed populations, and destroyed or disrupted computerized systems.

The number of companies purchasing cyber insurance continued to increase in 2019, driven by growing recognition of cyber threats as a critical business risk and appreciation for cyber insurance’s role in mitigating its economic impact.

Ponemon Institute is pleased to present the findings of the 2020 Cost of Insider Threats: Global study. Sponsored by ObserveIT and IBM, this is the third benchmark study conducted to understand the direct and indirect costs that result from insider threats.

The insights presented in this report will help guide your supply chainmonitoring and risk mitigation strategy, enable better informed decision-making processes, and aid the formulationof responses that create more resilient and sustainablebusiness operations.

This is the threat landscape report from Fortinet for the 4th quarter of 2019. It goes into changes in this quarter, including threat detection changes and attack changes.

This report by Cisco contains 20 predictions for the future of cybersecurity.

This report - compiled from the engagements performed throughout 2019 in customer environments by our threat hunting, penetration testing, incident response, tabletop exercise, and assessments teams

This report anticipates activity targeting and affecting ICS to increase into 2020 and further. It expects to see more adversaries expand their focus to additional criticalinfrastructure and industrial environments, which willlikely align with activity associated with military orgeopolitical conflict. Although defenders continue to gaininsight through OT-specific detection and monitoringplatforms, it is imperative people continue to improvevisibility into activities and threats impacting criticalinfrastructure.

The findings in this report are a comprehensive look at ICS vulnerability statistics, including how they affect industrial control networks and whether appropriate mitigation is provided alongside the published advisories. Dragos identifies errors in the vulnerability scores associated with public reports, a critical part of our vulnerability assessments. By identifying and updating errors in vulnerability scores, Dragos vulnerability assessments help asset owners and operators better prioritize and manage patching and update procedures.

The 2019 Dark Reading State of IT Operations and Security Operations survey uncovered some important developments in the way enterprises are managing security in the data center – and in the boardroom. Here are some key takeaways: • 57% of respondents said IT and security staff communicate well, up from 47% last year. • 20% of organizations involve the security team at the start of every major IT project. • 69% of respondents say that the security team holds primary responsibility for compliance and privacy; this figure rose significantly – more than 12% – from our 2018 survey. • 90% of organizations expect the security team to take charge of developing and setting security policy. • 80% said the IT operations team is primarily responsible for patch management. • 20% of organizations have a distinct security department that operates separately from the IT team. • 18% of organizations have a fully-staffed security function. • 37% said the security operations team is most likely to be the first to detect and alert others about security incidents in the organization.

We annually gather and analyze raw data from hundreds of IT and industrial control systems (ICS) security practitioners across a variety of industries, people whose work places them in positions of responsibility to identify risks and safeguard control systems and networks from malicious and accidental actions. It is our mission to turn these inputs into actionable intelligence that can be used to support new developments and address ongoing trends in the field, to inform the crucial business decisions that determine allocation of resources, prioritization of protective measures on critical assets and systems, and planning of new initiatives.