Multiple Polish banks have fallen victim to malware. This post contains what information was public about the attack at the time.

A report by VMware exploring the evolving threat for UK universities and how they can guard against cyber attacks to preserve their intellectual property

This report analyzes the data submitted by 1,718 security awareness professionals from around the world to identify and benchmark how organizations are managing their human cyber security risk. The analysis includes how factors such as security awareness program maturity, funding, and staffing combine to make successful programs.

SecurityScorecard ran an analysis, looking at the security ratings of organizations over a six month period and identified which organizations improved those scores the most; whether overall or within a specific risk area.

Since June 2016, the Global Cyber Alliance (GCA) has been working to accelerate adoption of DMARC, an email security standard, by providing a set of easy-to-use tools and campaigns to drive deployment. This paper investigates and measures the economic benefit from that work. Having reviewed the available data, we have chosen to focus on Business Email Compromise (BEC) because it is a rapidly growing issue, with high direct losses, and relevant data is available for analysis from multiple sources. We derive a conservative minimum bar estimate for the loss avoidance tied to GCA’s initiatives and discuss the potential scale of other benefits gained from DMARC.

This white paper explains common use cases for privilege management on Unix/Linux servers.

This document deals with malware on mobile devices.

This report is an annual Cyber Claims Study. It includes informative numerical and graphical descrip-tions of the types of data exposed, causes of loss, business sectors involved, sizes of affected organizations, insider involvement, and third party involvement. It also includes several new analyses: Cloud Involvement, Cyber Extortion/Ransomware, Phishing, Phishing and Wire Transfer Fraud, POS-Related/Common Point of Purchase/CPP Investigations.

A survey of 1,600 IT professionals on the risks being faced by organizations, the common reactions to those concerns, and the challenges with which individuals are struggling.

Verizon’s annual report on data breaches in 2018

This group takes a look at Threat Hunting and examines how organizations are moving to a pro-active approach to cybersecurity.

This paper is a simple yet practical guide to understanding and becoming GDPR Compliant.

In this paper, they explore the modern enterprise — a hybrid organization with infrastructure spread across on-premises data centers as well as hosted in the cloud and one where IT functions are split between internal and 3rd-party administrators. They look at these and related trends impacting our data security and specifically, best practices on how to manage and govern privileged user access to mitigate these risks.

This is a report on cloud security trends.

This report sets out the results of a study of consumer attitudes toward data breaches, notifications that a breach has occurred, and company responses to such events. The report should provide valuable information that can be used by businesses and policymakers as they develop policies and best prac-tices related to information security and data breach response. More- over, it should be of interest to individuals who conduct business with any organization that holds their personal and confidential data.

A total of 117 US insurers were found to have underwritten cyber insurance in 2015. This paper has analyzed these filings and has outlined them to provide insights for insurers that either currently offer or seek to offer cyber insurance to help them benchmark and drive decisions on underwriting and reinsurance purchase.

This report provides a comprehensive list of all the data breaches that have occurred in the spring of 2018.

This document reviews the primary CASB deployment modes and then describes the 20 most common CASB use cases, revealing which deployment mode best supports each of the use cases.

The Identity Ecosystem Functional Model deliverable was developed by the IDESG Security Committee to provide context to discussions of identity ecosystems and a consistent model upon which to center descriptions of identity solutions. This is not a model of the IDESG as an organization but a representation of online identity interactions and the various components needed to execute those interactions.

This Infographic provides some very quick results of a survey conducted in 2018.

This report is the second release of the Dtex Insider Threat Intelligence Report – an initiative started in 2015 to track, analyze, and share the impact of human behavior on enterprises of all sizes and industries.