This free public report from the Cyentia IRIS Risk Retina series clears away the fog of FUD, providing parameters for frequency and loss of publicly discoverable cyberevents in the nonprofit sector. (more available)

This report looks at data breach events in 2020. It then compares key aspects and trends of these breaches to data breaches in previous years. (more available)

This report examines publicly disclosed data breach events, and describes trends and key changes for Q3 2020.

This mid year report covers publicly disclosed data breaches first reported between January 1, 2020 and June 30, 2020 and compares current observations to the same time period for prior years. (more available)

DivvyCloud researchers compiled this report to substantiate the growing trend of breaches caused by cloud misconfigurations, quantify their impact to companies and consumers around the world, and identify factors that may increase the likelihood a company will suffer such a breach. (more available)

Using breach information from Advisen, this report seeks to fill in missing gaps in the loss frequency and impact side of quantitative risk analysis. (more available)

This report goes in depth into the overall changes in data breaches in the first part of 2020. Some highlights are that the number of publicly reported breaches decreased by 42% from 2019. (more available)

Gemalto outlines changes to threats in 2017, including data from incidents in the year.

Bitglass’ fifth annual Healthcare Breach Report analyzes the data from the US Department of Health and Human Services’ “Wall of Shame. (more available)

Law firm Clyde & Co and risk analytics platform Corax have collaborated to bring you a joint white paper identifying the key drivers of frequency and cost for cyber insurance claims. (more available)

The eighth edition of the NetDiligence® Cyber Claims Study offers insights for business innovation. In the same way that a business gains operational perspective by going through an audit, both the insurer and the insured can use the findings of this research to inform decision making and risk management. (more available)

This report is an annual Cyber Claims Study. It includes informative numerical and graphical descrip-tions of the types of data exposed, causes of loss, business sectors involved, sizes of affected organizations, insider involvement, and third party involvement. (more available)

Bitglass’ fourth-annual Healthcare Breach Report analyzes data from the US Department of Health and Human Services’ “Wall of Shame,” where organizations that store or handle PHI are required to disclose breaches that affect at least 500 individuals. (more available)

The fifth annual NetDiligence® Cyber Claims Study uses actual cyber liability insurance reported claims to illuminate the real costs of incidents from an insurer’s perspective. (more available)

From the report, “Following are some of the most notable data breaches in 2016, including the number of compromised records, type of breach, and the BLI risk assessment score. (more available)

This is an in depth presentation of the data breaches that occurred in the first half of 2015. It contains very detailed graphics, charts, and analysis. (more available)

IBM Security and Ponemon Institute are pleased to release the 2018 Cost of Data Breach Study: Global Overview1. They conducted interviews with more than 2,200 IT, data protection, and compliance professionals from 477 companies that have experienced a data breach over the past 12 months. (more available)

This global study examines 383 companies in 12 countries. It finds that $4 million is the average total cost of a data breach. (more available)

This year’s study examines the costs incurred by 62 U.S. companies in 16 industry sectors after those companies experienced the loss or theft of protected personal data and then had to notify breach victims as required by various laws. (more available)

In this report, they examine two factors that affected the financial consequences of a data breach. The first is executive involvement in their organization’s IT security strategy and response to data breaches. (more available)

This is a useful article that takes a look at the financial numbers of paying for a defensive strategy vs. paying for a breach. (more available)