As the end of 2018 approaches and the last year of the decade dawns, the challenges faced by cyber security teams are a blend of “more of the same” and “let’s change the approach”.

This report offers some brief but thorough information on issues related to the hiring, retention and education of cybersecurity talent.

From the report, “For the State of the Federal IT Landscape report, OneLogin commissioned CITE Research to conduct an online, in-depth survey of 150 federal IT professionals in the United States. The goal of the survey was to understand: The current federal IT landscape, Security concerns and challenges facing federal agencies, IT plans with regard to the cloud, Technologies in use or being considered to address concerns. This survey was conducted in late October of 2018.” Read on to find out more.

From the report, “What does 2018 hold in store for the defenders? Unfortunately, more of the same security drama, according to Cybereason’s researchers and analysts. Specifically, they identified the following as some of the bigger security trends in the new year: 01. Supply Chain Attacks Increase & Remain Underreported 02. Destructive Attacks Do Not Let Up 03. The Line Blurs Between APT Actors & Cybercriminals 04. Fileless Malware Attacks Become Ubiquitous” Read on to find out more.

From the report, “With its customer base of over 4,000 organizations, Alert Logic has first-hand insight into the state of threat detection and response. Drawing from more than a billion security anomalies, millions of security events, and over a quarter million verified security incidents from April 2017 to June 2018, our research has identified five key insights that every business leader, IT leader, and IT practitioner should be aware of: 1. The initial phases of the cyber killchain are merging to accelerate targeted attacks 2. Industry and size are no longer reliable predictors of threat risk 3. Attack automation and “spray and pray” techniques are aiming at everything with an IP address 4. Cryptojacking is now rampant 5. Web applications remain the primary point of initial attack” Read on to find out more.

This report offers insights into brand protection in the modern age of social media threats. It offers insights into brand protection, why you need to protect your brand, risks to a brand, the benefits of brand protection, the current state of brand protection and how to build a brand protection program.

This report offers research on analysis and lifecycle of an attack on critical infrastructure. It discusses command and control, internal reconnaissance, lateral movement, and targeting the ICS and SCADA infrastructure.

The Black Hat Edition of the Vectra® Attacker Behavior Industry Report provides a first-hand analysis of active and persistent attacker behaviors inside cloud, data center and enterprise environments of Vectra customers from January through June 2018.

The 2018 RSA Conference Edition of the Vectra Attacker Behavior Industry Report provides a first-hand analysis of active and persistent attacker behaviors inside cloud, data center and enterprise environments of Vectra customers from August 2017 through January 2018.

This White Paper attempts to paint a comprehensive picture of the file-borne threat crisis facing health insurance companies due to the tight connection with medical institutions and the immense number of files shared and transferred between the two sectors, as well as explain why current security systems and industry regulations fail to adequately meet this sophisticated threat, and what measures can be taken to guard against it without investing in security infrastructure.

The survey upon which this report is based was fielded by the Financial Services Information Sharing and Analysis Center, in conjunction with Deloitte’s Cyber Risk Services practice. Fifty-one companies participated in the pilot launch of the survey, with representation from entities both larch and small, as well as those in between. Respondents came from all financial sectors, albeit skewed more heavily toward the US banking community.

This report has been produced in partnership with the 400,000 member Cybersecurity Insiders community of IT security professionals to explore how AWS user organizations are responding to security threats in the cloud, and what tools and best practices IT cybersecurity leaders are prioritizing in their move to the cloud.

From the report, “Over the past few year’s attackers have exploited this opportunity, and as documented in our Anatomy of an Attack (AOA) report, have compromised a wide variety of manufacturing control systems. This report documents five case studies which show how cyber attackers could gain access to manufacturing and utility facilities. We also detail the progression of the attacks which in some cases disabled operations for an extended period. In one of our case studies, losses were catastrophic with the impacted entity suffering losses of over 800,000 euro per day. This report will explain how the attacks happen, and once established, how the attackers can extend these command and control points to breach the institution’s records, blackmail and extort funds, or worse, disable ongoing operations of the facility over an extended period.” Read on to find out more.

This report offers insight into Cyber Breaches and the health industry for 2016. It provides information on the important trends of 2016, medical device hijacks and the top ten health care cyber attacks of 2016.

From the report, “An OS-Centric Positive Security isn’t a silver bullet, but it can be a tremendously valuable and complementary defense mechanism—your second or last line of defense. The majority of endpoint security solutions deployed today are based on the Negative Security model; so, it’s time to add a Positive Security solution to strengthen your endpoint protection.” Read on to find out more.

The findings from this study provide strong evidence that organizations are benefitting from their privacy investments beyond compliance. Organizations that are ready for GDPR are experiencing shorter delays in their sales cycle related to customers’ data privacy concerns than those that are not ready for GDPR. GDPR-ready organizations have also experienced fewer data breaches, and when breaches have occurred, fewer records were impacted, and system downtime was shorter. As a result, the total cost of data breaches was less than what organizations not ready for GDPR experienced.

This report offers a variety of case studies that highlight the challenges in the Healthcare Network.

This report takes a look at the dangers of weaponized malware and provides a case study of Zombie Zero behavior.

The 2019 SIEM Survey Report represents one of the most comprehensive surveys on SIEM to date, designed to explore the latest trends, key challenges, and solution preferences for SIEM.

From the report, “In this SPIE, we shine a spotlight on the phishing prevention approaches of one start-up company, Area 1 Security; and one long-tenured cybersecurity vendor, IBM. Although complete elimination cannot be promised, each is taking steps that reduce the potential of their business clients (Area 1’s Horizon) and their clients’ clients (IBM Trusteer Rapport) from becoming victims. Secondarily, by removing the burden of phishing defense from employees and consumers, employees’ productivity is positively affected, and consumers’ trust in online activities is strengthened.”

From this one page report, “Healthcare organizations possess some of the most valuable information exchanged on the black market, including social security numbers, patient records, financial information and intellectual property. To help you understand the common attack types and trends facing the healthcare industry, we’ve compiled the following observations based on real data from across our client base.”