This is our 2nd annual survey of the IT recruitment landscape. A lot has changed in the last 12 months. Social media and job boards are evolving and there seems to be fresh challenges in talent acquisition. This year Curo Talent® decided to look at how the views of hiring managers compared to the outlook of executives in the recruitment department. Naturally, there was a difference of opinion on some issues.

This report offers this key insight, “The heart of the tension between security and efficiency is the key vulnerability within your organization’s cyber security policy: employee passwords.” Read on to discover more.

This e-book offers insight into online fraud and cyber-crime.

Spyglass Consulting Group conducted a primary research study to identify the market opportunities and challenges for healthcare provider organizations to leverage an enterprise-class secure communications platform to address the communications requirements associated with complex clinical workflows.

This report provides some answers related to NIST 800-171 Compliance.

The Law Firm Cybersecurity Scorecard is issued quarterly and is part of their commitment to thoroughly study, understand, and report on the imminent amount and magnitude of threats faced by law firms today as well as the steps they are taking to mitigate the threat. To that point, per a recent Law 3603 report, law firm Managing Partners list cybersecurity as their number three priority, behind financial profits and generating revenue. Even though cybersecurity seems to be an area of particular focus, this scorecard will illustrate that law firms continue to struggle with making operational investments and instituting practices that do not provide a quantifiable financial return. Thus, they jeopardize their reputations, client relationships, and in some cases, financial well-being.

Data breach has become an existential risk to every law firm throughout the world regardless of the number of attorneys, revenues or practice areas. The Law Firm Cyber Security Scorecard is compiled by LOGICFORCE and published bi-annually to educate the legal industry on the current state of Cyber Security preparedness. This second edition also seeks to clearly define de facto cyber security standards for law firms so they can easily determine where their organizations rate in comparison.

Ponemon Institute is pleased to present the results of The 2018 State of Cybersecurity in Small and Medium Size Businesses sponsored by Keeper Security. The goal of this study is to track how small and medium size companies address the same threats faced by larger companies. This report features the findings from 2018 and 2017.

The eighth edition of the NetDiligence® Cyber Claims Study offers insights for business innovation. In the same way that a business gains operational perspective by going through an audit, both the insurer and the insured can use the findings of this research to inform decision making and risk management.

Data breaches have become a risk to every law firm throughout the world regardless of the number of attorneys, revenues or practice areas. The Law Firm Cybersecurity Scorecard is developed by LOGICFORCE and published regularly to educate the legal industry on the current state of cybersecurity preparedness.

Between April and July 2018, Fidelis conducted a study of 582 security professionals to evaluate the adoption of threat hunting practices and overall security posture strengths and weaknesses.

Everything you wanted to know about log management but were afraid to ask.

Historically, the annual Most Wired research has focused on measuring adoption of healthcare information technology to highlight those organizations with the broadest, deepest IT infrastructure. With the ever-growing need to improve healthcare, the research now adds a new emphasis on measuring key areas that can help advance the industry as well as on gathering information about organizations’ technology strategies (which include not just technology adoption but also the refinement of processes and the development of people). With this new focus, this year’s research and future Most Wired research can help identify gaps in healthcare organizations’ technology adoption and strategies and highlight areas in which the industry has opportunities to make progress.

This report provides a “data-driven analysis of vulnerabilities in our industrial and critical infrastructure.”

The first edition of the “State of Cybersecurity report” was well received by customers, industry analysts and cybersecurity professionals. The 2018 edition of the Report maintains the same unique structure to build on the first edition’s ethos and bring in new viewpoints and findings. The rest of this section is reproduced from last year’s report for the benefit of first-time readers.

This special report provides a deep dive into the cybersecurity practices of small and midmarket businesses.

In our 24-criterion evaluation of the emerging managed security services providers (MSSPs) market, we identified the 10 most significant providers, and researched, analyzed, and scored them. This report shows how each provider measures up to help security leaders make the right choice.

In the 2019 Forcepoint Cybersecurity Predictions Report, we explore the impact of businesses putting their trust in cloud providers to protect their data, the impact of end-user trust in those securing personal biometric data, the cascading of trust into the supply chain to protect any critical data in their custodianship, and trust in algorithms and analytics successfully piloting automobiles and alerting security professionals to potential data loss incidents.

On April 20, Proofpoint observed a targeted campaign focused on financial analysts working at top global financial firms operating in Russia and neighboring countries. These analysts were linked by their coverage of the telecommunications industry, making this targeting very similar to, and likely a continuation of, activity described in our “In Pursuit of Optical Fibers and Troop Intel ” blog. This time, however, attackers opportunistically used spearphishing emails with a Microsoft Word attachment exploiting the recently patched CVE-2017-0199 to deploy the ZeroT Trojan, which in turn downloaded the PlugX Remote Access Trojan (RAT). Proofpoint is tracking this attacker, believed to operate out of China, as TA459. The actor typically targets Central Asian countries, Russia, Belarus, Mongolia, and others. TA549 possesses a diverse malware arsenal including PlugX, NetTraveler, and ZeroT. [1][2][3] In this blog, we also document other 2017 activity so far by this attack group, including their distribution of ZeroT malware and secondary payloads PCrat/Gh0st.

Unit 42 threat researchers have recently observed a threat group distributing new, custom developed malware. We have labelled this threat group the Gamaredon Group and our research shows that the Gamaredon Group has been active since at least 2013.

This post discusses the reports of open-source developers receiving malicious emails.