This report draws conclusions from the data to understand why organizations are struggling to take actions from lessons learned from a year of the WannaCry virus.

This paper seeks to provide a new approach to cyber security that enables IT operations and incident response teams to move faster and act smarter.

This paper provides a checklist to address CIS Critical Security Controls.

Measuring & Managing the Cyber Risks to Business Operations, which was sponsored by Tenable and conducted by Ponemon Institute, reveals global trends in how organizations are assessing and addressing cybersecurity risks. We conclude from the findings that current approaches to understanding cyber risks to business operations are failing to help organizations minimize and mitigate threats. We surveyed 2,410 IT and IT security practitioners in the United States, United Kingdom, Germany, Australia, Mexico and Japan. All respondents have involvement in the evaluation and/or management of investments in cybersecurity solutions within their organizations. The consolidated global findings are presented in this report.

In this research, Digital Shadows assessed the sensitive data exposed from some of the most ubiquitous file sharing services across the Internet. We found over twelve petabytes of publicly available data across open Amazon S3 buckets, rsync, SMB, FTP servers, misconfigured websites, and NAS drives.

From the report, “Unless companies come to realize that their security perimeters must grow beyond the corporate firewall to encompass social media networks and other areas such as the Dark Web, then the global cost of cyber crime will continue to mushroom.

This report, prepared by CyberInt, summarises the currently known information regarding the recent breach at Deloitte, one of the ‘big four’ accounting firms, and includes a timeline of events, what is known of the breach itself as well as the aftermath.

This report describes the Sentry MBA, a credential stuffing attack tool, which has become the most popular cracking tool among threat actors in recent months. Among the reasons for its popularity, the Sentry MBA hacking tool is freely and publicly available, extremely effective, and easy to operate.

Guided by Threat Compass, the Blueliv’s Annual Cyberthreat Landscape Report takes a birds-eye view of the major events and trends of last year. The Threat Intelligence analysts at Blueliv then offer their insight into an ever-more sophisticated cybercrime industry for 2018.

“Organizations in the healthcare industry have been in the news a number of times in recent years as a result of significant cyber attacks. In 2017, WannaCry made global headlines as its impact to the UK’s National Health Service (NHS) became known. Other attacks have seen health records stolen or ransoms paid to keep critical systems online at hospitals. Understanding the nature of the threats to the healthcare industry helps define effective ways to counter these threats and help to prevent them from making future headlines.”

A thought piece on trends that are occuring at the senior leadership levels of security professionals. Some survey data is refererenced, though it is unclear if a new survey was conducted for some of the trends identified in this report.

This paper provides information about a comprehensive identity governance strategy. It offers a unique perspective on how an enterprise can gauge their identity strategy, and reduce risk in the organization.

SailPoint’s 2018 Market Pulse Survey found amidst all the change the corporate world is experiencing – digital transformation is top of mind for many organizations – the way people approach security has not changed dramatically. People still have bad habits when it comes to both corporate and personal security, and some are even actively fighting against their organization’s IT department in the search for efficiency. Complicating the situation even more is the development of new threat avenues such as software bots. Read on to learn more.

Digital businesses must manage, govern, and secure customers’ access to systems without hurting the customer experience. As firms increase the digital channels for customer interaction, they also increase the number of potentially confusing consumer authentication experiences. As a result, they’re hemorrhaging customers and suffering increased support costs related to password and authentication. This report outlines 10 barriers to authentication success — and how S&R pros can improve online security without sacrificing experience.

This paper sets out the key privacy implications of processing biometric data in the EU and Switzerland, Canada, USA and the Asia Pacific region (covering Japan, Singapore, Hong Kong and Australia). This paper will touch on legislation and best practice recommendations in these jurisdictions without going into the details of specific laws.

We are living in a world where breaches of consumer privacy are a regular phenomenon. Breaches, such as the Cambridge Analytica-Facebook snafu and the Google+ leak, have dominated headlines in 2018, exposing the personal information of millions of people and shaking our trust in big brands. Many consumers are making drastic changes to the way they interact with brands online, and they believe businesses need to take ultimate responsibility for protecting their data. Ping Identity surveyed more than 3,000 consumers across the U.S., UK, France and Germany to examine consumer attitudes in a post-breach era to help businesses maintain trust and stay ahead of their customers’ expectations.

Almost every individual and every business now has a cyberpresence that needs to be secured. Digital transformation has also created a growing supply of security targets in the form of information-rich storehouses of data. Identity and access management (IAM) platforms offer one way to tackle this problem. IAM platforms provide a set of solutions to identify users and control their access within an IT environment. However, modern identity isn’t just about security, privacy, or even convenience. The key value of an identity platform is enablement, in that it allows an organization to securely provide services to end users. It is all “Yes you can … but only you can.”

The ancient Chinese general Sun Tzu said “If you know the enemy and know yourself, you need not fear the result of a hundred battles.” While it’s unrealistic to think we can win every battle against cyber criminals, Sun Tzu’s words have a lot to offer. The problem that every privacy and security team faces is how to defend on every possible front with finite resources and budget. And the simple answer is, you don’t have to.

This white paper examines challenges for healthcare organizations and presents how the key to effective endpoint and server protection lies in the ability to dynamically analyze behavior in order to recognize malicious software by its actions, not its appearance. Intelligent response at machine speed is required to prevent, contain and mitigate potential threats. Success in this mission results in a major benefit for providers and payers: the ability to keep IT systems operation so medical and non-medical personnel can stay focused on patient care.

From the report, “The survey results show that companies should ensure their online interactions with customers are aligned around three key principles: trust, consent, and education.” Read on to understand more.

In this midyear report, TrendMicro tracks the tendency of security risks to emerge from aspects of computing that are often overlooked and show how costly they can be especially for enterprises.