This report takes a good look at Open Banking, it defines what it is, and considers the security implications for using it.

Health Organizations are increasinly using BYOD to adminster care in their facilities. With this technological advancement comes major security concerns. This paper looks at those issues and discusses what can be done to protect Health Data.

October 2015 results from the Raytheon-NCSA survey of young adults in 12 countries about cybersecurity career interest and preparedness.

It would appear that a new variant titled ‘StoneDrill‘ has now hit the wild and conducts operations very similar to that of Shamoon 2.0 and Shamoon malware. Here is a brief analysis of StoneDrill,

The “Trends For 2015 – Targeting the Corporate World” report by the ESET LATAM Research Lab invites you to review some of the most significant cases that affected computer security in 2014, and to consider and present the challenges and threats expected for 2015. This report will try to address the different types of threats and security incidents we have witnessed during the year classified by catego- ry in order to answer the following questions: what will we find during 2015 in terms of IT security? And how, therefore, can companies and individual users prepare themselves to get through next year in safe- ty?

This paper takes a look at the cities of the US, and the cyber threats that occurred there.

The advent of the connected car has thrust the automotive industry into a new competitive arena – that of data-driven services and value. This represents a sea of change for the industry, and the stakes are enormous. Today’s consumers expect to be able to connect to their world any-time from anywhere, including from their cars. This, in turn, is driving the need for auto manufacturers to offer more and more connectivity options. Manufacturers that handle these expectations well stand to build owner loyalty, increase customer touch points and ultimately sell more vehicles. Those that do not take this approach risk sowing disappointment and losing hard-won customers.

Today’s threat landscape is rapidly evolving, which means it is simply not enough for organizations to roll out an annual security training program and then pat themselves on the back for a job well done. Companies need to consistently invest in training and keep their employees updated on the latest vulnerabilities.

In support of National Cyber Security Awareness Month (October), ESET® and the National Cyber Security Alliance (NCSA) commissioned a survey to better understand the role of cybersecurity in the American household, providing an inside-look into how it is adapting in the digital era of the data breach. Given the simultaneous rise in our number of connected devices and cyber threats, this survey underlined the importance of cybersecurity as a core commitment in our digital lives. This paper discusses the findings of that survey.

Every corporation struggles with the decision to Build or Buy an identity management platform. This report seeks to offer advice to aid in that decision.

The article uses the world’s 1,000 largest companies as a sample to help us better understand the extent to which organizations are effected by cyber threats and how threat actors my be looking to exploit these credentials.

What do business leaders make of security? How do they perceive its practice and importance? Where are the gaps between business and security leaders? Part two of the CyberArk Global Advanced Threat Landscape Report 2018 explores these issues via responses from individuals including IT security decision-makers and line of business owners, from organizations ranging in size from 500 employees to 5,000 or more workers.

This annual report offers a quick view of data breach trends for mid-year 2015.

This paper discusses the global regulations placed on the insurance industry. Of note, it does discuss cyber insurance in the United States.

This report takes a look at the mobile threat events for the last quarter of 2017.

This paper examines the struggle that Universities and Campuses have with students and the Interent Of Things.

Network-Attached Storage (NAS) devices are a popular way for people to store and share their photos, videos and documents. Securing these devices is essential as they can contain sensitive information and are often exposed to the Internet. Because Synology is one of the top manufacturers of NAS devices, this paper chose to analyze a Synology DS215j. In doing so it identifies a number of exploitable security flaws. In this paper, they discuss in detail the analysis performed, methodologies used, and vulnerabilities found during the summer of 2015.

This report from September 2016 takes a look at Firewall VULNS, RIG Popularity, diversified ransomware, POS System attacks, and a few other specific threats.

Drama, intrigue and exploits have plagued 2016 and, as we take stock of some of the more noteworthy stories, we once again cast our gaze forward to glean the shapes of the 2017 threat landscape. Rather than thinly-veiled vendor pitching, we hope to ground these predictions in trends we’ve observed in the course of our research and provide thought-provoking observations for researchers and visitors to the threat intelligence space alike.

Veracode’s intention is to provide security practitioners with tangible AppSec benchmarks with which to measure their own programs against. They’ve sliced and diced the numbers to offer a range of perspectives on the risk of applications throughout the entire software lifecycle. This includes statistics on policy pass rates against security standards, the statistical mix of common vulnerability types found in applications, flaw density and average fix rate.

This report discusses the results of a survey conducted in 2016 that asked respondents what makes something a “thing” instead of a “computer.”