This report is sponsored by iovation, which wanted to investigate the state of the U.S. EMV migration and the associated account takeover, CNP fraud, and application fraud trends. The research will help FI executives benchmark their EMV progress against their peers’ and better understand the rapidly shifting fraud landscape.

This paper posits that, “A re-classification of vulnerability rules and their respective attack chains derived through log analysis alerts may now be modified and adjusted through big data processing. Analysis and presentation of attack chain data should be supplied to customers and should cover each stage of a compromised asset or attack.”

This paper provides a simple approach to understanding and implementing GDPR compliance.

This white paper the explore the GDPR. The consequences of non-compliance, and how an organization can use the GDPR to re-examine and upgrade their security posture.

Centrify has worked with the specialist law firm, Cordery, to develop this headline summary of when the GDPR applies, the key impacts and what you need to do to comply with the GDPR.

From the report, “The primary goal of our report is to spark major discussion around cybercrime — and cyber defense — from local, national, and global political and business leaders. We invite broadcasters, publishers, editors, reporters, and bloggers to borrow generously from our report in their efforts raise up cybersecurity in the public’s consciousness.”

A short but informative infographic detailing the impact of cyber attacks on the Healthcare market.

Mandiant consultants’ role as the first responders to critical security incidents gives them a unique vantage point into how attackers’ motives and tactics are changing . The insights and analysis presented here represent their combined experience over the course of hundreds of service engagements . Over the last decade, they have helped clients across more than 30 industries around the globe .

Marsh & McLennan Agency surveyed 1,141 executives from small to middle-market organizations across North America, and found that they are clearly concerned about cyber risk — but, by their own admission, they do not have a grasp of how to protect themselves.

This whitepaper details a malicious program identified as NanHaiShu. Based on analysis, the threat actor behind this malware targets government and private-sector organizations. Notable targets of the malware include the Department of Justice of the Philippines, the organizers of the Asia-Pacific Economic Cooperation (APEC) Summit and a major international law firm.

This paper is designed to help you put together your organization’s network security policy.

This paper from CCS 2017, presents a system that analyzes binary file appearance logs of machines to predict which machines are at risk of infection months in advance.

In this technical whitepaper they explain why there’s no single silver bullet answer to SQL injection.

The State of Mac Security Report takes a pulse check of Mac enterprise adoption, examines the reasons behind their increased popularity and crucially, how to overcome the security risks they pose.

From the report, “Overall, the power of big data analytics is clear, but some fundamental building blocks need to be in place if banks are to unlock that power for commercial benefit.”

By providing an overview of the main areas of research and the key studies conducted in the field to date, and by making some initial recommendations about the potential role of insurers and governments in addressing cyber risks, this report lays the groundwork for discussion and future research on the development of the cyber risk and the cyber insurance market.

This first report in a multipart series, which appraises various cybersecurity occupations using natural language processing (NLP), examines the role of the CISO from the vantage point of employer job ads and CISO resumes . Findings show that the role and prominence of the chief information security officer (CISO) continue to expand and transform . CISOs are no longer seen as technologists tasked to manage their organizations’ security risks . Much more than security tacticians, CISOs are seen as business strategists who reach across organizational boundaries to build business-level relationships and orchestrate business strategies that enable digital transformation and govern compliance-related issues. Key takeaways of the analysis are broken into two sections: 1) hard and soft skills, and 2) education and career demographics .

This paper offers insight into smart cities and the dangers of exposed devices on the network.

This is a recently updated eBook that lays out an action guide for compliance with the EU’s GDPR.

From the report, “Today, there are a great many detection (identification and tracking) tools. However, there is not enough emphasis on trapping, resulting in a lack of effective trapping tools and techniques. An effective technique for automating the tracking of cyber attackers and, once found, trapping them, is deception. When implemented well, deception can automate and scale the hunting process, accurately identifying and tracking attackers, and trapping them to protect valuable assets while reducing valuable human resources in this never-ending competition of wits.”

The purpose of the survey was to understand key concerns and opinions of Chief Information Security Officers and CIOs, focused on information security and cyber-risk, as we head into 2018.