This report is based on the results of a comprehensive online survey of 437 cybersecurity professionals conducted from June through August 2018 to gain deep insights into the latest application security threats faced by organizations and the solutions to prevent and remediate them. The respondents range from executives to managers and IT security practitioners. They represent organizations of varying sizes across many industries.

This survey, the sixth in a series of annual studies by SANS on security practices in software development, is the first to explicitly focus on DevOps. The results of this study show that organizations are finding ways to keep up with rapid change through DevOp but they have a number of challenges they still need to deal with.

How to make threat intelligence relevant to executives, business stakeholders, security operations and incident responders

The “Impact of Cloud on ERP” survey report was designed to assess the impact of ERP solutions on organizations and better understand cloud preparation and data migration needs to implement ERP solutions in the cloud. Features and benefits gained, security and privacy challenges, and time to deploy for an ERP Solution in a cloud environment were explored.

This e-book offers insight into the entire subject of Cloud Security.

This paper exerts that there exists very little data on whether companies are winning the war against cyber crime. It seeks to answer several questions with this survey of 270 IT security professionals in North America.

Security automation architecture can improve organizations’ security posture by augmenting or replacing human intervention in the identification and containment of cyber exploits or breaches through the use of such technologies as artificial intelligence, machine learning, analytics and orchestration. Sponsored by Juniper, the purpose of this research is to understand the challenges companies face when deciding how, when and where to implement the right automation capabilities in order to improve productivity, reduce costs, scale to support cloud deployments and ultimately strengthen the security posture of the business. Ponemon Institute surveyed 1,859 IT and IT security practitioners in Germany, France, the United Kingdom and the United States. All participants in this research are in organizations that presently deploy or plan to deploy security automation tools or applications and are familiar with their organizations use of security automation and have some responsibility for evaluating and/or selecting security automation technologies and vendors.

With hundreds of thousands of implementations across the globe, Enterprise Resource Planning (ERP) applications are supporting the most critical business processes for the biggest organizations in the world. This report is the result of joint research performed by Digital Shadows and Onapsis, aimed to provide insights into how the threat landscape has been evolving over time for ERP applications. We have concentrated our efforts on the two most widely-adopted solutions across the large enterprise segment, SAP and Oracle E-Business Suite, focusing on the risks and threats organizations should care about.

In mid-2018, VansonBourne conducted research on behalf of Nutanix to gain insight into enterprise plans for adopting private, hybrid, and public clouds. The respondent base spanned multiple industries, business sizes, and geographies, which included the Americas; Europe, the Middle East, and Africa (EMEA); and AsiaPacific (APJ) regions.

The current environment for doing business forces business leaders to face an expanding attack surface, more sophisticated threats and threat actors, and mounting regulatory compliance. These factors are creating a perfect storm that puts your organization and your customers at risk. Now is the time to act. As a Board member or executive, it is not only your goal, but your responsibility to shareholders to protect their interests. The threat to your bottom line from a single incident are significant but a digital risk management strategy can help.

This report provides 10 findings on how over 800 IT Pros handle Disaster Recovery & Cloud Adoption.

The purpose of this white paper is to better understand the challenges that healthcare organizations face as they attempt to modernize efforts in the areas of data collection and analysis, value-based care strategies, and patient and caregiver engagement. This report will discuss how outdated technology investments hamper these efforts— especially as hospitals and other healthcare providers attempt to partner with fellow provider organizations, health information exchanges (HIEs), and accountable care organizations (ACOs) to fully take advantage of the shift to value-based care reimbursements.

These days, IAM is a moving target being moved by the forces of cloud, mobile and increasingly connected consumers. By keeping these five trends in mind, and understanding the security and access control needs of your enterprise, you can make decisions that’ll benefit you today, while providing a good foundation for future evolution.

This report is the first in a bi-annual series that examines risks and attacks in the cloud native computing ecosystem. The next report will be released in the first half of 2019.

In late 2017 and early 2018, the Enterprise Strategy Group (ESG) completed a research survey of 413 IT and cybersecurity professionals with knowledge of, or responsibility for, the planning, implementation, and/or operations of their organization’s security policies, processes, or technical safeguards. Survey respondents were in the United States, U.K., and Australia and worked at enterprise organizations (i.e., more than 1,000 employees). Respondents represented numerous industry and government segments, with the largest participation coming from financial services (i.e., banking, securities, insurance, 18%), manufacturing (16%), retail/wholesale (13%), health care (12%), and information technology (10%).

“The use of machines is driving unprecedented improvements in business efficiency, productivity, agility and speed. With businesses increasing their reliance on machines, the number of machines on enterprise networks is growing exponentially. To communicate securely, each machine needs a unique identity to authenticate and secure communications. However, organizations’ abilities to create, manage and protect these machine identities is simply not keeping up with the pace of their evolution. "

Recommendations for securing and managing privileged credentials used by enterprise applications

The purpose of this document is to provide answers to what to look for when choosing a security tool for remote access to internal applications.

The upgraded version of the Dridex Trojan was at one time one of the most successful bank Trojans originally discovered in 2014 and has since re-emerged. This paper provides an overview.

This year’s study reveals the increasing risk of noncompliance with new global privacy and data protection regulations. Another important trend over the past three years is IT security’s continuing loss of control over cloud security practices and budget.

This report deals with the state of cybersecurity in small and medium-sized businesses. To develop this research, they surveyed 598 individuals in companies with a headcount from less than 100 to 1,000.