This paper uses a unique and MARVEL-ous approach to provide insight into maintaining a robust cybersecurity posture in today’s fast-paced world.

This white paper describes the critical role of pen testing for web applications. It explores the economics of “classic” pen testing and considers a variety of unseen costs and points of diminishing value. The paper concludes by describing a next-generation hybrid applicationsecurity-testing-as-a-service and how it can help bring the flexibility in applying both automated app testing tools (DAST) and the human expertise of ethical hackers (pen testing) to this challenge.

From the report, “It is clear that there is no shortage of vulnerabilities to find. In the last year, Bugcrowd saw a 92% increase in total vulnerabilities reported over the previous year. The average payout per vulnerability increased this year by a whopping 83%, with average payouts for critical vulnerabilities reaching $2,669.92 — a 27% increase over last year.”

Whether accidental or malicious, insider incidents can result in financial fraud, privacy abuses, intellectual property theft, or damage to infrastructure. It’s difficult for security pros to detect this suspicious activity because insiders need to have privileged access to data to do their jobs. Since insiders are people and, therefore, entitled to privacy and due process, security pros must handle these incidents with greater care than external threats. This report describes how to build an insider threat program.

In this report they explore: • Why AI-enabled cybersecurity is increasingly necessary • How organizations are benefitting from AI in cybersecurity • Where organizations should focus their cybersecurity initiatives • Building a roadmap for implementing AI in cybersecurity

This report focuses specifically on data threats in the healthcare industry.

This report is essential reading for executives, security practitioners and development teams who want to better understand the present state of software security risk, and who seek to benchmark and improve their own organization’s performance.

In April-May 2019, ESI ThoughtLab surveyed 467 firms to gain insights into their latest cybersecurity perspectives, plans, and practices. With limited budgets, and cyber risks mushrooming, it is paramount that organizations understand the ROI of cybersecurity so that they invest in those efforts that will result in the optimal outcome.

This paper discusses all of the consequences for GDPR non-compliance.

Since 2017, risk experts have consistently ranked large-scale cyber attacks and data fraud among the top five mostly likely risks around the world. Despite growing anxieties about cyber threats, cyber resilience strategies and investments continue to lag. Globally, the time taken to discover a data breach has considerably lowered since 2017, but organizations in the Asia-Pacific region took four months longer than the global median. Internet users are growing 10 times faster than global population, exponentially increasing the surface area of attack. For example, in 2018, the total cost of cyber crimes grew by a third compared to 2016, to $600 billion, but investments in cyber security only increased 10 percent over the same period.

This study was designed to examine the growing concern of cyber risks and the importance of cyber assessment during mergers and acquisitions (M&A) and determine how well companies are prepared to deal with cyber risk during M&A from the perspective of IT Decision Makers (ITDMs) and Business Decision Makers (BDMs). Are key decision makers concerned about cyber during an acquisition? What factors are considered as part of the due diligence and evaluation process before, during and after acquisition? Do cyber incidents lead to delays in acquisition? What does cyber risk mean for companies looking to acquire? How can they best protect themselves during this important process to minimize risk and protect their companies? This report explores these questions and others, and provides recommendations for effectively managing cybersecurity risks during an acquisition.

This report explores how businesses worldwide are approaching data management, the most common challenges with backups and availability, and the lessons leaders can learn from how high-performing businesses are using data as they continue to transform.

Cloud is the center of IT and increasingly, the foundation for cyber security. Understanding how threat vectors are shifting in cloud is fundamental to making the necessary updates to your security program and strategy. Symantec’s CSTR shines a light on how to secure the digitally transformed, virtual organization of today and tomorrow.

This specialized report offers insights into the Healthcare industry and the gaps in policies and procedures that could lead to damaging cyber events within the industry.

This report examines a wide range of cyberattack detections and trends from a sample of 354 Vectra customers with more than 3 million devices and workloads per month from nine different industries. This report takes a multidisciplinary approach that spans all strategic phases of the attack lifecycle.

This year’s SANS survey saw an increase in usage and interest in CTI, along with a diversification in how the intelligence is being used by organizations. While the use of CTI continues to grow, there is no one-size-fits-all approach. Organizations leverage different types of CTI to meet different needs. This survey focuses on how and why CTI is being used, how it is helping defenders, what data sources are being leveraged, and how data is converted into usable intelligence.

This monthly report offers insights into the PDS2 regulations and news.

This report offers monthly insights into the PSD2 regulations.

This report details the Industry Average detection efficacy of the leading MTD solutions used against malicious applications, network attacks and device vulnerabilities. During testing, the Quality of Experience (QoE) and Total Cost of Ownership (TCO) of each MTD solution was also assessed to determine the overall value of each product.

This report offers insight for lawyer’s and details how boards should proactively strive to create companywide cybersecurity protocols to avoid potential litigation.

Every organization, industry and economy around the world is confronting more risks than ever before. Considering this backdrop, it’s troubling that many organizations report that they may be less prepared than they have ever been. A key insight from Aon’s 2019 Global Risk Management Survey is that organizations need to be more prepared for the broad range of risks that threaten their ability to continue growing, protecting their brand and serving clients and stakeholders.