This report includes incidents that occurred during 2015-2019. A total of 3,547 claims were analyzed, and data was distilled into over 100 categories. To compare, the fifth Cyber Claims Study, published in 2015, analyzed 207 cyber insurance claims. While many of the categories over the last five years have remained the same, the data has changed, sometimes dramatically.

This study, based on over 2,000 cyber claims, provides a comprehensive view of recent cyber claim events. The 2019 report also included data from NetDiligence studies published in 2015-2018, representing 1,008 events that occurred in 2014 to 2017. After the elimination claims that were less than $1,000, the combined dataset included 2,081 events, each one a data breach insurance claim.

The SANS CTI survey shows that many CTI programs can meet the challenge. While some programs are just getting started due to increased cybersecurity needs and a growing, complex threat environment brought on by the rapid shift to remote work, organizations can rely on CTI providers and information-sharing groups to fill in the gaps as their programs mature.

This SOTI report looks at current state of online gaming. it also examines the most pervasive threats coming from online criminals. Ans to fully explore the topic of attacks on gaming, we dig deeper into the data around web application and API attacks, Distributed Denial of Service (DDoS) trends, the overarching goals of attackers, and more. This report also explored the threat landscape that has grown out of the pandemic in the gaming industry and the impact of cyberattacks on gaming companies.

Mimecast’s State of Email Security 2022 (SOES) study sheds light on the gains in cyber resilience that many companies are making, even as it reveals shortfalls and places where there is considerable room for improvement.

The scourge of ransomware has resulted in an entire ecosystem necessary to combat its spread and prevent organizations from becoming victims of an increasingly motivated set of criminals. Our research, which gleaned insights from close to 400 survey responses in July of 2022, provides key data points that infer strong correlation between organizations with board involvement in ransomware preparedness and positive outcomes related to it.

The Secureworks Counter Threat Unit (CTU) research team analyzes security threats to help organizations protect their systems. During May and June, CTU researchers identified the following noteworthy issues and changes in the global threat landscape: government-sponsored threat groups use ransomeware to, don’t leave the door to your data unlocked, and business email compromise (BEC) is as big a problem as ransomeware.

The State of XIoT Security report is Claroty’s contextual analysis of cyber-physical security. The data presented in this edition of the report covers the first six months of 2022, and sheds light on the key trends and recommended actions you can apply within your enterprise.

The EY Global Information Security Survey 2021 (GISS)finds Chief information Security Officers (CISOs) and security leaders battling against a new wave of threats unleashed by COVID-19. Our report illustrates the devastating and disproportionate impact that the crisis has had on a function that is striving too position itself as an enabler of growth and a strategic partner to the business. It also outlines what cybersecurity leaders need to know now about their current operating environment and what they need to do to transform it.

The year’s Global Economic Crime and Fraud Survey enquired about organizations’ attitudes towards fraud and financial and economic crime in the current environment and drew responses from 1,296 respondents in 53 countries and regions. This survey, our first snapshot of 2022, homed in on fraud trends and conduct risk.

BlueVoyant performed a cyber posture analysis of the vendors in the media industry sector. The approach was to identify and analyze the most prevalent vendors in the industry, as well as look at the extended vendor ecosystem for comparison, to gain a deep understanding of the issues the industry is facing. A total of 485 vendors were assessed.

In this report we take a closer look at how cyber warfare has intensified to become an essential part of the preparation for, and conduct of, actual military conflict. Furthermore, we uncover what the fallout of this will be for governments and enterprises all over the world, even those that are not directly involved in the conflict.

The report surfaces the most significant data we’re seeing in our threat detection and response effort, curates that data into trends that can impact your cybersecurity posture, and offers resilience recommendations to protect your organization.

These reports provide data and insights on the attack we’re seeing, how to spot them, and the top ways you can protect your organization. These trends are based on incidents our security operations center (SOC) identifies through investigations into alerts, emails submissions, and threat hunting leads in the second quarter (Q2) of 2022. We analyzed incidents across our customer base, spanning organizations of various shapes, sizes, and industries, from April 1, 2022 to June 30, 2022.

In our H1 2022 FortiGuard Labs Threat Landscape Report, we examine the cyber threat landscape during the year’s first half to identify trends and offer recommendations about what CISOs and security teams should pay close attention to in the months ahead. The report’s findings are based on data collected through our global array of sensors monitored by the FortiGuard Labs team.

First, the bad - adversaries continued to innovate and alter strategies aimed at taking down DDoS protections with direct-path DDoS attacks and high-powered server-class botnets. Meanwhile, a little good news came in the way of a decrease in some reflection/amplification vectors, floating overall DDoS attack number down. Despite this decrease, the bad news tells us we must remain vigilant to combat ever-changing attacker methodologies and tactics.

This report aims to bring new insights into the reality of ransomware incidents through mapping and studying ransomware incidents from May 2021 to June 2022. The findings are grim. Ransomware has adapted and evolved, becoming more efficient and causing more devastating attacks. Businesses should be ready not only for the possibility of their assets being targeted by ransomware but also to have their most private information stolen and possibly leaked or sold on the Internet to the highest bidder.

This report will look at how ransomware caused gas shortages on the east coast, why a Justin Bieber tour might have put on the phone with a malware distributor, and what an increase in SMS phishing means for mobile security. We’ll also explore the evolving relationship between malware distributors and one of the world’s most successful ransomware gangs, and how legitimate cloud services now provide the infrastructure for a majority of malicious activity.

In this, our eighth annual State of the Phish report, we explore user vulnerabilities from multiple angles. We look at issues driven by poor cyber hygiene and those that could result from a lack of knowledge and clear communication. We discuss ways organizations can become more attuned to their risks. And we outline opportunities to build and sustain engaging security awareness training initiatives in the challenging climate.

The IBM Security X-Force Threat Intelligence Index maps new trends and attack patterns we observed and analyzed from our data - drawing from billions of datapoints ranging from network and endpoint detection devices, incident response (IR) engagements, domain name tracking and more. This report represents the culmination of that research based on data collected from January to December 2021.

Get the latest Cortex Xpanse “Attack Surface Threat Report” to understand the risks, and learn how automation can help security teams stop chasing a moving post and reduce risks. The Cortex Xpanse research team studied the global attack surface by monitoring scans of 50 million IP addresses associated with 100+ global enterprises and discovered that the attack surfaces of all industries continue to grow. As security teams struggle to keep up, the constant stream of new issues becomes an ever-expanding backlog of exposure - misconfigured RDP, exposed admin portals, insecure Apache Web servers or Microsoft Exchange servers, and more.