From the paper, “The financial industry is no stranger to hacks and data breaches, but recently, the sector has been targeted more aggressively, leaving consumers wondering if their accounts and data are safe. As hackers and attacks become more sophisticated, it is crucial the financial services industry take appropriate actions to safeguard their systems, as well as their customers.”

This report offers a helpful understanding of data breaches.

This paper outlines five predictions for the data breach industry in the coming year.

This paper provides a brief summary of the necessary preparations for becoming GDPR Compliant

In December 2016, RAND and the National Security College at The Australian National University partnered to facilitate a cyber security–focused 360o Discovery Exercise in Canberra. The exercise used plausible scenarios to explore the chal- lenges Australia faces in securing cyberspace by placing pres- sure on government authorities, industry capabilities, users’ tolerance for malicious cyber activity, and the ability to develop interdisciplinary solutions to pressing cyber security challenges. The scenarios considered the security of the Internet of Things and intellectual property theft against a backdrop of evolving international norms of behaviour in cyberspace.

This report takes a look at the GDPR, and what it means for the world.

From the report, “It’s time for businesses to recalibrate the way they think about their security budgets. Seen as a separate expense to IT infrastructure, it appears hard to justify until disaster strikes. But understood as an essential part of the IT environment – including mobile devices and virtualized machines – its value is obvious, especially in the context of the damage and huge costs it can prevent.”

This monthly threat report takes a look at the month of January 2018. Specifically, it looks at two VULNS, the hacking of nuclear weapons, and the increase in suspected Chinese Cyber activity.

This report provides the results of a unique survey designed to analyze their IoT technologies and the struggles and challenges of providing and preparing for security issues related to thos devices.

In this quarterly threats report, they highlight three Key Topics: In the lead story, they analyze the recent WannaCry and Petya attacks, the perpetrators’ likely motives, and the business impact. The second Key Topic departs from their usual threat analysis stories. Because threat hunting is becoming increasingly important, in this story they offer detailed advice and recommendations for using certain types of indicators of compromise when hunting for threats. In the final Key Topic, they explore script-based malware—why it is used, how authors obfuscate scripts, how it propagates, and its growth in popularity.

This is a fun little infographic that provides information on the top threats of 2017.

This report concerns itself with the standards and practices related to credit and debit card payment options.

This guide provides an overview of connected or IoT medical devices, their benefits and risks, real life use cases and best practice security guidelines.

This report presents the consolodiated global findings to better understand the nature of the CISO role and reveal insights, challenges, and approaches to security strategy in today’s global threat landscape.

The Bureau of Justice Statistics (BJS) within the U.S. Department of Justice (DOJ), along with the U.S. Department of Homeland Security (DHS), conducted the National Computer Security Survey (NCSS), a nationally representative sample of businesses across 36 industry sectors. This report will be of interest to researchers and analysts who are interested in under- standing the methodology underlying the NCSS, including questionnaire design, survey field- ing, sampling, and weighting methodologies for this large-scale survey. The report will also be informative for scholars who are interested in analyzing the NCSS public-use data file.

The Procrastinator’s Guide to Preparing for the GDPR, is an extensive guide to help you understand key requirements of the regulation and the approach you should take to address your organization’s compliance.

Here is another helpful eBook to provide insight into the GDPR compliance situation.

Cyber attacks against UK companies present a daily threat to normal UK business operations and are increasing in severity. This report focuses on how insurance can help make UK companies more resilient to the cyber threat, and is the result of four months of co-operation between representatives of the UK Government and the insurance industry, led by the Cabinet Office and Marsh.

This small report gives a analysis of DDoS attacks and how they are launched and deployed.

As we look to redefine security where every access is authenticated and authorized, selecting the right IDaaS vendor becomes a critical decision to make. Identity-as-a-Service (IDaaS) is an emerging solution category for managing and simplifying access to apps, but there are a number of feature, architecture and maturity considerations when selecting an IDaaS. This paper will discuss six of the top considerations.

While there are many security concerns in the cloud, this report focuses on 12 specifically related to the shared, on-demand nature of cloud computing. To identify the top concerns, CSA conducted a survey of industry experts to compile professional opinions on the greatest security issues within cloud computing. The Top Threats working group used these survey results alongside their expertise to craft the final 2016 report.