The Google Cloud Threat Horizons Report brings decision-makers strategic intelligence on threats to cloud enterprise users and the best original cloud-relevant research and security recommendations from throughout Google’s intelligence and security teams.

The past year, the VOID grew from 2,000 to nearly 10,000 incident reports from close to 600 organizations. We rigorously collect the same metadata, along with a new value: severity. This enabled us to investigate whether there is a relationship between the reported length of the incident and the impact (or severity) of the incident.

Our hope is the results of the survey report and our expert analysis helps you prepare for obtaining and renewing cyber insurance, with coverage and rates that accurately reflect your risk profile.

To celebrate Sysadmin Day 2021, we surveyed 732 sysadmins from a variety of organizations worldwide to learn how the exceptionally weird year affected them and their organizations. This special report details what we discovered and celebrates the power and resistance of sysadmins, the very heart of the IT force!

This report will help organizations concentrate their security efforts on what really matters and highlight the main obstacles on their way to safe cloud computing.

The 2021 Malware Report is to reveal the latest malware security trends, challenges, and investment priorities. Malware is continuously evolving and organizations are facing significant challenges in responding to the threat and protecting their IT environments against new types of viruses, worms, spyware, ransomware, and crypto-jacking malware.

Malware and ransomware continue to wreak havoc as some of the most destructive security threats affecting organization of all sizes, from SMBs to large enterprise and government agencies. This report is to reveal the latest malware security trends, challenges, and investment priorities.

This report is based on the results of a comprehensive online survey of 225 cybersecurity professionals, to gain more insight into the latest trends, key challenges, and solutions for malware and ransomware security. The respondents range from technical executives to managers and iT security practitioners, representing a balanced cross-section of organizations of varying sizes across multiple industries.

Organizational leaders of all types understand that ransomware can cause extreme damage to the organization’s ability function and, in some cases, even survive. Ransomware is not just an IT issue but a situation involving the highest levels of management, including the CEO. Ransomware attacks can be so significant that they trigger a disaster response using traditional disaster recovery (DR) tools and methods.

This report includes incidents that occurred during 2015-2019. A total of 3,547 claims were analyzed, and data was distilled into over 100 categories. To compare, the fifth Cyber Claims Study, published in 2015, analyzed 207 cyber insurance claims. While many of the categories over the last five years have remained the same, the data has changed, sometimes dramatically.

For the fourth year in a row, we asked DevOps teams to tell the truth about their practices and processes, their challenges and their careers. With a global pandemic swirling, we were surprised when nearly 4,300 people took time to do just that this past February. In 2021, teams are poised to step out of the DevOps “culture” battle and into the real work of technology implementation and (surprisingly) upbeat results.

The scourge of ransomware has resulted in an entire ecosystem necessary to combat its spread and prevent organizations from becoming victims of an increasingly motivated set of criminals. Our research, which gleaned insights from close to 400 survey responses in July of 2022, provides key data points that infer strong correlation between organizations with board involvement in ransomware preparedness and positive outcomes related to it.

This report aims to bring new insights into the reality of ransomware incidents through mapping and studying ransomware incidents from May 2021 to June 2022. The findings are grim. Ransomware has adapted and evolved, becoming more efficient and causing more devastating attacks. Businesses should be ready not only for the possibility of their assets being targeted by ransomware but also to have their most private information stolen and possibly leaked or sold on the Internet to the highest bidder.

The intent of the exercise was to assess public and private sector-wide communications and information-sharing mechanisms, crisis management protocols, and decision-making, as well as legal and regulatory considerations as exercise participants responded to and recovered from significant ransomeware attacks targeting the financial sector. The scenario emphasized global cross-jurisdiction information sharing among financial firms, central banks, regulatory authorities, trade associations and information-sharing organizations.

This 2022 Cloud Security Report, based on a comprehensive global survey of cybersecurity professionals, reveal these security challenges and offers insights on the state of the cloud and cloud security today. The study reviews organizations’ choices and responses as they try to gain more confidence in securing their cloud environments.

For many cybersecurity community, the past several months have been a dumpster fire. We’ve analyzed and tracked definitive data from more than 1,500 incident response and forensic cases over 12 months to provide unique visibility into the state of ransomware.

As ransomware operators were attacking state and municipal networks alongside hospitals and schools, a global pandemic response to COVID-19 necessitated a move to remote work for a significant portion of the economy. Many security teams were forced to suspend wide-ranging analyses around the adoption of remote work policies and instead focus on a supply chair attack from a trusted platform.

This report is a technical overview of the IsaacWiper malware reported by ESET. The malware was primarily delivered to Ukrainian organizations coincident with the Russian invasion of Ukraine.

This report will give a snapshot of 2020’s mobile threat landscape and dive into emerging trends we anticipate carrying into 2021.

We do two very important and timely things in this report. We first explore ways to measure exploitability for individual vulnerabilities—and far more importantly—entire organizations. Second, we create a simulation that seeks to minimize organizational exploitability under varying scenarios combining vulnerability prioritization strategies and remediation capacity. Bottom line: If you’re looking for proven ways to squeeze the most risk reduction from your vulnerability management (VM) efforts, this report is for you.

This report shares seven key lessons learned by breach victims. Each lesson includes simple recommendations and tips, many of which do not require organizations to purchase any tools.