Based on that data and Sophos threat research, we see that ransomware continues to have the greatest impact on smaller organizations. But other threats also pose an existential threat to small businesses. Data theft is the focus of most malware targeting small and medium businesses—password stealers, keyboard loggers, and other spyware made up nearly half of malware detections. Email attacks have begun to move away from simple social engineering toward more active engagement with targets over email, using a thread of emails and responses to make their lures more convincing.

The report explores the thinking of 750 global cloud decision-makers and users about the public, private and multi-cloud market. It shares their current and future cloud strategies, often showing year-over-year (YoY) changes to help identify trends. And it offers perspective on how some trends have changed over the years. The survey began in the first quarter of 2020 during the early days of the COVID-19 outbreak spreading outside of China.

This tenth annual Flexera 2021 State of the Cloud Report (previously known as the RightScale State of the Cloud Report) delves into the details of what respondents had to say to reveal what’s happening with all things cloud—from spend allocation to cost management to strategies. Leveraging this data can help IT professionals plan the next steps of their cloud journey. The report explores the thinking of 750 global cloud decision-makers and users about the public, private and multi-cloud market. It shares their current and future cloud strategies, often showing year-over-year (YoY) changes to help identify trends.

High-functioning enterprises increasingly rely on ITAM practitioners to tackle new and evolving challenges. Saving money has increasingly become ITAM teams’ number one initiative, but new responsibilities don’t end there. FinOps teams, central cloud teams, security teams, ESG (environmental, social and governance) teams, ITSM teams and enterprise architecture teams are improving their business outcomes by leveraging data from ITAM teams and tools. This year’s survey is weighted more heavily toward larger companies, with 89% of respondents in organizations with more than 2,000 employees and 14% in organizations with more than 50,000 employees.

This Index provides a comprehensive view of what organizations need to be ready to tackle the security challenges of the modern world, and more importantly where companies across the globe are lacking. It provides a detailed point of reference and serves as a guide on what organizations need to do to improve their cybersecurity resilience.

The Arctic Wolf State of Cybersecurity: 2024 Trends Report took the temperature of organizations around the globe and sought to understand how they were responding to these areas of challenge. Our research revealed that ransomware continues to be a perennial area of concern. For the third year in a row, ransomware ranked as the top concern for respondents. This concern is not without merit when we consider that 45% of the organizations we spoke with admitted to being the victim of a ransomware attack within the last 12 months, a 3% increase over last year.

This analyst report contains information about cyberattacks investigated by Kaspersky in 2023. Kaspersky provides a wide range of services — incident response, digital forensics, malware analysis, etc. — to help organizations affected by information security incidents. The data used in this report is derived from working with organizations that have sought assistance with responding to incidents or conducted professional events for their internal incident response teams.

In this report we share runZero’s observations from our unique perspective as an applied security research team. Our goal is to provide insight into how the security landscape is changing, and recommendations on what you can do to get ahead of these changes.

This report presents key insights drawn from hundreds of thousands of attack path assessments conducted through the XM Cyber Continuous Exposure Management (CEM) platform during 2023. These assessments uncovered over 40 million exposures affecting 11.5 million entities deemed critical to business operations. Data gathered from the XM Cyber platform were anonymized and provided to Cyentia Institute for independent analysis to generate the insights.

The Edgescan Vulnerability Stats Report aims to demonstrate the state of full stack security based on thousands of security assessments performed globally, as delivered by the Edgescan SaaS during 2020. This report has also become a reliable source for representing the global state of cyber security vulnerability management.

The 9th edition of the Edgescan Vulnerability Stats Report 2024. This report demonstrates the state of full stack security based on thousands of security assessments and penetration tests on millions of assets that were performed globally from the Edgescan Cybersecurity Platform in 2023. This is an analysis of vulnerabilities detected in the systems of hundreds of organizations across a wide range of industries – from the Fortune 500 to medium and small businesses. The report provides a statistical model of the most common weaknesses faced by organizations to enable data-driven decisions for managing risks and exposures more effectively.

The report stated that “Equifax lacked a comprehensive IT asset inventory, meaning it lacked a complete understanding of the assets it owned. This made it difficult, if not impossible, for Equifax to know if vulnerabilities existed on its networks. If a vulnerability cannot be found, it cannot be patched.” The Equifax case is one example of an existential and underreported cybersecurity issue: the vast majority of organizations do not have comprehensive visibility of every asset they need to secure.

In our third State of the Cybersecurity Attack Surface report, we continue to see enterprises struggle with many of the same issues they’ve been grappling with—they are blind to IT assets missing endpoint protection, patch management, and, as we now include in this report, vulnerability management. “Stale” IT assets continue to proliferate across corporate networks. Organizations are unnecessarily paying for unused licenses while facing budget cuts and economic challenges.

This report presents a combined look at what Google knows about zero-day exploitation, bringing together analysis from TAG and Mandiant holistically for the first time. The goal of this report is not to detail each individual exploit or exploitation incident, but look for trends, gaps, lessons learned, and successes across the year as a whole. As always, research in this space is dynamic and the numbers may adjust due to the ongoing discovery of past incidents through digital forensic investigations.

In the 2024 State of Omnichannel Fraud Report, TransUnion brings together trends, benchmarks, and identity and fraud expertise from across our organization. It provides insight to those responsible for preventing fraud and streamlining customer experiences to deliver better business outcomes. Use this report to evaluate current fraud prevention programs in the context of the broader market.

In this special year-end edition of the WatchTower Digest, we discuss the threats we observed and investigated in 2023, and look ahead to the 2024 threat landscape. Our findings are based on SentinelOne’s Singularity telemetry across tens of millions of endpoints, operating across a diverse number of industries and global geographies.

In 2023, malicious email threats bypassing secure email gateways (SEGs) increased by more than 100% . In other words, your email security solutions aren’t stopping the threats you think they are. Security threats are real, they continue to grow, and they are likely to penetrate an organization through email . Organizations simply cannot settle for ‘Good Enough’ email security and sole reliance on a SEG is not enough . As we all know, it only takes one breach to damage a company’s financial status, brand reputation, and/or relationship with its employees and customers.

Our sixth annual retrospective, this report is based on in-depth analysis of nearly 60,000 threats detected across our more than 1,000 customers’ endpoints, networks, cloud infrastructure, identities, and SaaS applications over the past year. This report provides you with a comprehensive view of this threat landscape, including new twists on existing adversary techniques, and the trends that our team has observed as adversaries continue to organize, commoditize, and ratchet up their cybercrime operations.

The 2024 Cybersecurity Risk Report from the FAIR Institute shows broadly positive trends compared to last year’s survey. At the FAIR Institute, they believe that effective cyber risk management can only be achieved through transparent and defensible risk analysis using a standard such as FAIR and quality cyber risk data.

The 2023 Arctic Wolf State of Cybersecurity Trends Report took the temperature of organizations around the globe and sought to understand not only their current and future concerns, but how they were responding to the problems that had plagued them in previous years. Our research shows that, despite the enduring nature of many of these challenges, organizations are making measurable strides in areas where progress has proven limited in previous years.

This research aims to equip cloud security professionals, DevOps, DevSecOps, CISOs, and development leaders with valuable insights and practical recommendations for safeguarding their cloud environments, and in doing so, help to secure the cloud for everyone. In some ways, our study confirmed what is already widely known: attackers are constantly scanning the Internet for lucrative opportunities.