This report includes research on the evolving state of cloud security.

This report focusses on the analysis of the cyber security posture of three industries: Finance and Insurance, Healthcare and Social Assistance, and Public Administration. The study looks into the number of event types by year from 2012 to 2016, the security ratings for cyber insurance by industry, and many other key data.

This blog post discusses the point that organizations need to assess cybersecurity as a business enabler, rather than a hindrance.

The emerging field of cybersecurity economics could benefit from better data, better under- standing, and better methods for using resources wisely, not only to protect critical products and services but also to provide assurances that software will work as expected. This research brief presents findings that address these key cybersecurity concerns, perceptions of the importance of cybersecurity, and considerations for cybersecurity invest- ment decisions. In particular, it suggests that companies, the government, and other organizations can help improve our under- standing of cybersecurity economics by moni- toring cybersecurity incidents and responses, soliciting and using standard terminology and measures, and sharing data whenever possible.

This whitepaper provides insight into getting ready for the GDPR.

From the report, “This quarter, we’re taking a deeper look into the attacks directed against the hospitality industry - including hotel, travel, and airline sites - in an effort to understand why five out of six logins at these sites use fake or stolen credentials. We were surprised to find that many of these login attempts were coming from Russia and China, a departure from the general attack trends.”

This paper posits that, “A re-classification of vulnerability rules and their respective attack chains derived through log analysis alerts may now be modified and adjusted through big data processing. Analysis and presentation of attack chain data should be supplied to customers and should cover each stage of a compromised asset or attack.”

This paper from CCS 2017, presents a system that analyzes binary file appearance logs of machines to predict which machines are at risk of infection months in advance.

Based on a survey conducted in 2017, this e-Book offers a unique perspective on the cost effectiveness of DDoS security.