The, NYSE Governance Services, in partnership with Veracode, surveyed nearly 200 directors of public companies representing a variety of industries—including financial services, technology, and health care—to discover how they view cybersecurity in the boardroom. Their goal was to gain insight into how cybersecurity is being understood, prioritized, and addressed at the board level.

The Purpose of this study is to understand companies’ ability to analyze and mitigate online incidents and cyber attacks that are beyond the traditional security perimeter.

This report presents the consolodiated global findings to better understand the nature of the CISO role and reveal insights, challenges, and approaches to security strategy in today’s global threat landscape.

This paper describes six key weaknesses that an adversary can use to undermine a plant’s operation, providing real-life threat details and mitigation options.

This report recommends that since employees are the first line of defense in cyber-security issues, training employees should be top priority for CISO’s.

This report focusses on the issues of Threat Hunting. It details the growth in Threat Hunting, the trends and processes surrounding it, and what it can mean for your organization.

This whitepaper outlines the unique challenges that business-driven financial SOCs deal with, and provides tools and tips on how to manage and resolve these challenges.

This Paper provides a breakdown of New York’s 23 NYCRR500 Financial Security requirements.

From the report, “Risk and Responsibility in a Hyperconnected World, a joint effort between the World Economic Forum and McKinsey & Company, assesses the necessary action areas, and examines the impact of cyberattacks and response readiness. The report sets these against three alternative scenarios in which economic value from technological innovations is realized or lost depending on models of cyber resilience. It draws on knowledge and opinions derived from a series of interviews, workshops and dialogues with global executives and thought leaders to estimate the potential value to be created through 2020 by technological innovations. It examines the value that could be put at risk if the adoption of such innovations is delayed because more frequent, intense cyberattacks are not met with more robust cyber resilience. Finally, the report draws conclusions from the analysis and research, and offers a 14-point roadmap for collaboration.”

Ponemon Institute conducted this research to understand how much money organizations are wasting in their efforts to prevent malware driven threats and other malicious programs from stealing high value and confidential data. To ensure a knowledgeable participant, we surveyed 630 IT and IT security practitioners in the United States who are familiar with their organization’s practices for containing malware infections. They also have responsibility in detecting, evaluating and/or containing malware infections within their organization.

This report explores both the incremental and transformational skills required for current and future CISO success, examining which fundamental technology and security capabilities matter most and which unexpected skills CISOs will need to acquire to help organizations reshape security to drive business success.

In this ebook, FireEye explains why senior executives must be more proactive about cyber security — before, during and after an event — and how they can help create and maintain a strong security posture.

This paper is put together by a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing.

From the report, “We are pleased to present the findings of The State of Malware Detection & Prevention sponsored by Cyphort. The study reveals the difficulty in preventing and detecting malware and advanced threats. The IT function also seems to lack the information and intelligence necessary to update senior executives on cybersecurity risks.”

When tackling cyber risk, board involvement and effective communication continue to drive performance. Learn more in this report on the key findings from Protiviti’s 2017 Security and Privacy Survey.

In this paper, they explore the underlying challenges with regard to Cyber Risk management and analyze the nature of increasingly stringent regulatory demands. Putting these pieces together, they frame five strategic moves which they believe will enable business needs, their fiduciary responsibilities with regard to Cyber Risk, and regulatory requirements.

This document enumerates and evaluates consensus data categories that enterprise risk owners and insurers could use to assess risks, identify effective controls, and improve cybersecurity culture and practice. It is the second in a series of white papers.

The purpose of this research is to understand the big trends or changes that will impact the security posture of organizations in both the public and private sector in the next three years. Moreover, the study looks at the next generation of protocols and practices as the cybersecurity field evolves and matures.

RedSeal polled 200 CEO’s about their confidence in their companies’ cybersecurity posture, and discovered that they are dangerously unrealistic about how vulnerable they are.

The primary objective of the RSA Cyber Risk Appetite Survey is to understand the behaviors and practices of organizations in regard to cyber risk. More specifically, the report aims to calculate the risk appetites of different respondent organizations. The global research is based on responses from 272 risk and security professionals at organizations.

In this report, the authors outline an approach for edge-to-edge security for companies to consider as they build their digital transformation roadmaps. Strengthening a company’s security posture in a world of SDI requires rethinking both the human and the infrastructure elements, leaving behind the idea of network-centric security and moving toward data-centric security.