Nominet commissioned Osterman Research to conduct a survey of 408 CISOs overseeing security for organisations with a mean average of 8,942 employees. This comprises 207 companies in the USA and 201 companies in the UK, spread across a range of sectors. The objective was to collect and analyse a large enough dataset to make valid conclusions into the opinions, behaviours and mindset of those making cyber security decisions at large organisations.

Using an important analogy from Star Wars, this report provides insight into threat intelligence. May the Force Be With You.

This report posits the following, “When effectively harnessed, AI and ML can form the core of a dynamic predictive IT system, saving money, streamlining operations, and raising productivity as organizations become more adept at avoiding operational, and security issues that could affect their bottom line.”

This report offers some brief but thorough information on issues related to the hiring, retention and education of cybersecurity talent.

From the report, “This report compares the budgets of global security decision makers at firms spending up to 10%, 11% to 20%, and 21% to 30% of their IT budget on information security. Security leaders can use these budget ranges as a starting point to evaluate their own programs, then compare their product, service, staffing, and other allocations with those of similar firms.” Read on to find out more.

Synopsys and SAE International partnered to commission this independent survey of the current cybersecurity practices in the automotive industry to fill a gap that has existed far too long—the lack of data needed to understand the automotive industry’s cybersecurity posture and its capability to address software security risks inherent in connected, software-enabled vehicles. Ponemon Institute was selected to conduct the study. Researchers surveyed 593 professionals responsible for contributing to or assessing the security of automotive components.

“The people, not just tools, are the key to enterprise cyber security. It’s time to devise an actionable plan to make sure every member of your organization is cyber-ready. In this guide, we will present a basic framework for optimizing the types, frequency and costs of security simulation training for the entire enterprise.”

The survey upon which this report is based was fielded by the Financial Services Information Sharing and Analysis Center, in conjunction with Deloitte’s Cyber Risk Services practice. Fifty-one companies participated in the pilot launch of the survey, with representation from entities both larch and small, as well as those in between. Respondents came from all financial sectors, albeit skewed more heavily toward the US banking community.

CISOs Investigate: User Behavior Analytics (UBA) includes interviews with 11 security leaders who have deployed or are looking to deploy third-party solutions. This report replaces the ad hoc, often informal and time-consuming processes of personally gathering peer insight. Spanning verticals, the CISO contributors share real-world use cases and provide guidance.

In this report, you’ll learn how many DevOps servers may be exposed based on a study done by the IntSights research team, how cyber criminals typically access open DevOps servers, and what you can do to protect yourself and your data from a DevOps cyber attack.

From the report, “Without trust, the future of our digital economy and its nearly limitless potential is in peril. Piecemeal efforts to address cybersecurity issues—including the Internet’s inherent flaws, vulnerabilities from the Internet of Things (IoT), identity and data veracity and increasing digital fragmentation—have fallen short. Through their decisions above ground on industry-wide governance and their business architecture and technology infrastructure below ground, however, CEOs can have the influence necessary to collaboratively address these overarching issues.”

From the report, “IT security leaders know their companies’ endpoints, PCs, and servers are continuously targeted by hackers. They also agree following best practices in endpoint security hygiene is instrumental in reducing cyber incidents. However, our 2017 survey of IT security leaders points to a situation where most are concerned about their actual practices in endpoint security hygiene. Fortunately, most also acknowledge they need to improve. When it comes to identifying their top priorities, IT security leaders are clear: they want to reduce the frequency and severity of data breaches; streamline regulatory compliance; and maintain business continuity. When it comes to identifying and executing upon the security hygiene best practices required to deliver on these priorities, things begin to get murky. Our 2017 survey of IT security leaders reveals a situation in which most respondents express concern about their security hygiene practices and waning confidence in the ability of existing tools to help them improve. Read on for more about what we learned, plus five recommended action items you can take today to address these issues.”

This study’s principal conclusion clearly mirrors today’s cybersecurity landscape: every organization is vulnerable to a cyber attack. This report uses measures of awareness and readiness to assess three degrees of vulnerability, each of which indicate differing needs to take action.

This report details a new Cylance survey of iTnews readers and provides insight into the state of endpoint security.

Security automation architecture can improve organizations’ security posture by augmenting or replacing human intervention in the identification and containment of cyber exploits or breaches through the use of such technologies as artificial intelligence, machine learning, analytics and orchestration. Sponsored by Juniper, the purpose of this research is to understand the challenges companies face when deciding how, when and where to implement the right automation capabilities in order to improve productivity, reduce costs, scale to support cloud deployments and ultimately strengthen the security posture of the business. Ponemon Institute surveyed 1,859 IT and IT security practitioners in Germany, France, the United Kingdom and the United States. All participants in this research are in organizations that presently deploy or plan to deploy security automation tools or applications and are familiar with their organizations use of security automation and have some responsibility for evaluating and/or selecting security automation technologies and vendors.

This paper aims to provide help in understanding how to better the cybersecurity culture in an organization.

A thought piece on trends that are occuring at the senior leadership levels of security professionals. Some survey data is refererenced, though it is unclear if a new survey was conducted for some of the trends identified in this report.

This report provides new mindsets and methods for measuring and minimizing business risk.

This report provides information cultivated by the Task Force, which offers the opportunity to address significant cybersecurity concerns in the health care industry.

This report offers this key insight, “The heart of the tension between security and efficiency is the key vulnerability within your organization’s cyber security policy: employee passwords.” Read on to discover more.

To provide insight into some of the top trends in health IT, the Center for Connected Medicine partnered with The Health Management Academy to survey C-suite health system executives on health IT priorities for 2018. The quantitative and qualitative surveys focused on five areas: Cybersecurity, Consumer-Facing Technology, Virtual Care, Artificial Intelligence, and Predictive Analytics.