The research reported here was conducted in the RAND Justice Policy Program, which spans both criminal and civil justice system issues with such topics as public safety, effective policing, police–community relations, drug policy and enforcement, corrections policy, use of technology in law enforcement, tort reform, catastrophe and mass-injury compensation, court resourcing, and insurance regulation. Program research is supported by government agencies, foundations, and the private sector.

This report offers insight into the cyber events of 2015 and makes predictions for 2016 - 2019.

This e-book provides a helpful and simple explanation of Multi-Factor Authentication.

This is a handy and simple guide for helping individuals understand and implement Privileged Access Security.

This report takes a look at the SamSam ransomware. A ransomware that unlike most ransomware, goes after specific organizations.

This report is based on a survey that sought to see how organizations were protecting their data.

Positive Technologies regularly performs assessment of information security awareness among employees at major companies all over the world. This report provides statis- tics and analysis from 10 most instructive testing projects in 2016 and 2017, including examples of successful attacks against employees. These projects are based on various social engineering techniques and generally included emails, phone conversations, and communication via social networks.

This white paper tackles the subject of how outsourced labor can cause cybersecurity risk.

This is a threat advisory for Ticketac Mobile Apps

This paper is subtitled “An IT Architect’s Guide to Implementation Considerations and Best Practices When Developing a BYOD Strategy”

This report illustrates how organizations are implementing proper Cyber hygiene, if at all. To gather this data, Tripwire partnered with Dimensional Research, sending a survey to independent sources of IT security professionals. The survey was completed by 306 participants in July 2018, all of whom are responsible for IT security at companies with more than 100 employees.

SaaS companies must understand the needs of enterprise organizations, particularly with regard to security and identity management. This paper addresses the role of identity management and the three ways SaaS companies leverage identity and access management to grow enterprise sales and revenue.

From the paper, “In March 2017, the expectation of privacy while surfing the internet disappeared in the United States. Congress voted to eliminate the broadband privacy rules that required internet service providers (ISPs) to get explicit consent from consumers before selling or sharing web browsing data and other private information to third parties. With no rules in place to protect personal or corporate web browsing data, there are a few proactive steps to take to help safeguard this information.”

This is the 12th annual WhiteHat Security Statistics Report. This year they’ve added some real metrics around DevSecOps. They’ve also added a new SAST section and a mobile security section.

This paper offers a unqiue look into the complications surrounding that adoption of compliant banking solutions. It seeks to help create simple but compliant solutions that customers accept.

This report takes a look at the labor market in California, specifically as it relates to Cybersecurity. It offers insight into the growing need for more cybersecurity employees, as well as educational changes that can be made to fill the void.

This report provides a discussion about the best practices for Email encryption.

The present threat taxonomy is an initial version that has been developed on the basis of available ENISA material. This material has been used as an ENISA-internal structuring aid for information collection and threat consolidation purposes. It emerged in the time period 2012-2015. The consolidated threat taxonomy is an initial version: in 2016, ENISA plans to update and expand it with additional details, such as definitions of the various threats mentioned.

The Stuxnet and Ukranian power grid attacks give us clear ideas about how much damage a determined adversary can inflict not only on the business or operation concerned, but also on the general public. This paper takes a look at critical infrastructure attacks.

This paper presents exclusive research into how chat platforms can be abused and become a cyber security weakness.

This blog post discusses cyber crime as it relates to cryptocurrencies and how it is changing the landscape.