Adaptive Shield commissioned CSA to develop a survey and report to better understand the industry’s knowledge, attitudes, and opinions regarding SaaS application use, SaaS security policies and processes, SaaS threats, and SaaS security strategy/solutions. Adaptive Shield financed the project and co-developed the questionnaire with CSA research analysts. The survey was conducted online by CSA in March of 2023 and received 1130 responses from IT and security professionals from organizations of various sizes and locations. CSA’s research analysts performed the data analysis and interpretation for this report.

The Financial Services Industry (FSI) adoption of cloud services has grown extensively in recent years and is expected to increase with further adoption and integration of cloud service provider (CSP) functions replacing traditional technology of banking, commerce, and other methods of performing financial transactions and exchanging financial data. The intention of this report was to evaluate the current state of adoption, compared to the industry’s readiness just three years ago when CSA conducted a similar survey and identify the current issues and opportunities that FSI leaders are addressing in their progression to further utilizing cloud services.

Expel commissioned CSA to develop a survey and report to understand better the industry’s knowledge, attitudes, and opinions regarding security’s relationship to innovation, outcomes of security-enabled innovation, and trends in cloud use. Expel financed the project and co-developed the questionnaire with CSA research analysts. The survey was conducted online by CSA in May of 2023 and received 1018 responses from IT and security professionals from organizations of various sizes and locations. CSA’s research analysts performed the data analysis and interpretation for this report.

The global Study on Closing the IT Security Gap: Addressing Cybersecurity Gaps from Edge to Cloud, now in its third year, is sponsored by Hewlett Packard Enterprises (HPE) to look deeply into the critical actions needed to close security gaps and protect valuable data. In this year’s research, Ponemon Institute surveyed 2,084 IT and IT security practitioners in North America, the United Kingdom, Germany, Australia, Japan, and for the first time, France. All participants in this research are knowledgeable about their organizations’ IT security and strategy and are involved in decisions related to the investment in technologies.

Gurucul conducted a survey of attendees at the 2022 Black Hat USA security conference focused on the Security Operations Center (SOC). We asked security professionals who worked in the SOC about what they needed to be successful, the technologies and attacks they’re most focused on, and their plans for the SOC in the next year.

The FutureSec State of Security Report 2023 is a comprehensive analysis of the current state of cybersecurity, highlighting the challenges and trends in the industry. The report reveals the increasing sophistication of cybercriminals and the emerging threat of cyber-warfare and cyberterrorism. With a significant shortage of skilled cybersecurity professionals, organizations are struggling to keep up with the rising threats and costs of data breaches. The report further discusses the concept of zero trust and how Softchoice can work with organizations from consultation to implementation to optimization. Download the report now to learn about the latest developments in cybersecurity and how to protect your organization.

This report, our third in an annual series, draws upon a comprehensive survey of corporate digital forensics & incident response (DFIR) professionals in North America (NA) and Europe, the Middle East, and Africa (EMEA), and aims to provide intelligence—with analysis, interpretation, and insights, rather than just data— tailored to the needs of enterprise decision-makers, particularly those involved with IT, cybersecurity, and governance.

ESG conducted an in-depth survey of 255 cybersecurity and IT/information security professionals familiar with their organization’s network security tools and processes and responsible for evaluating, purchasing, and/or operating corporate network security controls across public cloud infrastructure and on-premises data centers/private cloud. Survey participants represented mid-market (500 to 999 employees) and enterprise-class (1,000 employees or more) organizations in North America (United States and Canada).

In the 2023 edition, we wanted to understand the specific challenges related to building and maintaining Insider Risk programs, technologies and training. To explore this, we surveyed 700 respondents – cybersecurity leaders, cybersecurity managers and cybersecurity practitioners – from US companies with 500 or more employees from a range of public and private sectors.

As health care delivery organizations have increased their reliance on health information technology, they have also increased their exposure to new cybersecurity risks, such as ransomware attacks.

Mimecast’s seventh annual State of Email Security report comes as organizations all over the world grow more skittish over rising economic volatility and intensifying geopolitical tensions. Now is definitely not the time to become lax on cybersecurity.

This report shares detailed insights and data on the breaches impacting consumers in 2020 and provides year-over-year comparisons to breaches affecting consumers in the U.S. in 2019. It clearly demonstrates the need for organizations to adopt a comprehensive identity and access management (IAM) solution to help prevent identity-related data breaches, protect their brands, and preserve customer relationships.

Our report focuses on confirmed breaches in which confidential data is exposed and/or stolen. A confirmed breach can refer to a single record being stolen — and such a breach must be analyzed and remediated to determine the source — but because most breaches are financially driven, attackers target large caches of data that they can hold for ransom or sell on the dark web.

This report focuses on confirmed breaches in which confidential data has been exposed and/or stolen, ranging from very small breaches to large caches of data that provide financial incentives to hackers to hold for ransom, sell on the dark web, or both. . Many breaches that occurred as a result of third parties (vendors, suppliers, contractors, or other organizations) were researched to determine the root causes.

This Insider Risk Investigations Report highlights the expertise of our team, who has been providing insights from real hands-on investigations since 2017. As always, we are pleased to present our findings in the spirit of sharing these insights as we work towards building greater resilience from insider risk for our customers.

In this data-driven report, based on our scanning of over 200,000 cloud accounts, including more than 30% of the Fortune 100 environments, we analyze the latest industry trends and developments, presenting a factual and data-based assessment of the current state and progression of cloud technology. We examine how the cloud has evolved over the past year and attempt to shed light on some of the complexity of cloud environments, including aspects such as organizational usage of multi-cloud and both managed and non-managed services.

This report aims to take a look at the times when things did not work as intended—not to point fingers but to help us all learn and improve. In a time where almost everyone, corporations and individuals alike, is looking at ways to do more with less, we believe a close analysis of when our defenses failed can be very beneficial. While times of great change are always challenging, they often also prompt us to take stock of our situation and, if necessary, refocus both our viewpoint and our energies. Such is the case with the DBIR this year. As a team, we decided to take a step back toward the fundamental things that got us where we are, an intense focus on actual data breaches analyzed using our own VERIS Framework. And speaking of VERIS, one of the new goodies this refocusing brings is an even better mapping between VERIS and MITRE ATT&CK through a collaboration with MITRE Ingenuity and the Center for Threat Informed Defense (CTID).

This report is different in that we’re focusing on explicit relationships that are manually configured by organizations using RiskRecon’s platform. In other words, we’re examining curated portfolios of vendors and suppliers tracked as part of organizations’ third-party risk management program. We started with a dataset extracted from RiskRecon’s platform consisting of over 100,000 primary organizations and more than 300,000 monitored third-party relationships. We’re focusing on direct relationships in this report, but the data supports the analysis of indirect (fourth- to nth-party) relationships.

In this latest edition of the Invicti AppSec Indicator, we asked development and security practitioners how they deal with all the excess AppSec noise in the face of relentless pressure to deliver business-critical software on time without compromising security.

In our bi-annual AppSec Indicator report, we uncover insights and trends to guide best practices in vulnerability identification and remediation. For this year’s Spring edition of the Invicti AppSec Indicator, we analyzed data from 1.7 million scans conducted by the 1,700 customers that use our cloud dynamic application security testing (DAST) offering, representing approximately half of our entire customer base.

The basis of this report is the Zscaler ThreatLabz research team’s analysis of nearly 6 billion data loss policy violations from November 2021 through July 2022. We’ll look at what and how enterprise data is being shared, where it’s going, which malicious actors are targeting it, and how you can improve your datasharing hygiene so as to mitigate risk without stifling productivity.