In this report, 15 CISOs identified some practical steps that may help remedy some of the challenges many of organizations experience when developing and implementing an insider threat program.

“Across all technologies and capabilities examined in the survey, about 80 percent or more of insurance executives are “confident” or “extremely confident” about their effectiveness. That might seem reasonable given the progress, but a case can be made that leadership is overconfident. Attackers are becoming increasingly sophisticated and attacks can shut down the business or expose customer data. If about one in five attempted breaches is successful, that’s still a lot of breaches. And, given the findings that 45 percent of breaches are not detected for more than a week (9 percent require more than a month), that’s a lot of risk exposure.”

Phishing attacks have become the primary hacking method used against organizations. In the past, there was a tendency to blame the user, but attacks have evolved to appear so genuine that even the most security-savvy recipient can be fooled. Phishing attacks have recently experienced newfound success with the proliferation of SaaS in the workplace. This paper discusses what a company can do to deal with this new reality.

As stated in the report, “The purpose of this study is to shed light on the problem of medical data loss—how it is disclosed, who is causing it and what can be done to combat it.”

This eBook provides information based on a 2017 survey that reveals the power of identity governance and privileged access security.

This paper is an Analysis of cyber attack and incident data from IBM’s worldwide security services operations.

The series will show you how to take practical steps to aid your organization in meeting GDPR requirements for protecting personal data.

This newly released SANS survey suggests the need to broaden the definition of endpoint to include the user. The two most common forms of attacks reported are browser-based attacks and social engineering, both of which are directed at users, not technology. Download this survey report to learn other key issues surrounding endpoint protection.

This paper is intended to give a high-level view on the insider threat for those looking to implement a defensive programme. It considers the types of attack that may take place and some of the common weaknesses that aid insider attacks. It also covers some of the policies and controls that can be implemented to detect, deter or defend against the insider threat. This paper is intended to be a summary, however, the final section details further reading and resources that provide more in-depth information.

This resource is designed to help you see the importance of people-focused solutions to cybersecurity risk mitigation. Here they’ve collected 17 statistics to help make the point that, “a cybersecurity budget isn’t complete until you’ve allocated money to building your human capacity to identify and respond to cybersecurity risk.”

The Forcepoint 2016 Global Threat Report is a definitive breakdown of many of today’s most impactful cybersecurity threats with far-reaching technical, operational and cost impacts on affected organizations. Each section of this report closes with guidance from the Forcepoint Security Labs team on how to best address the outlined threat(s).

This paper gives a profile of China.

In this report, we detail the types of sensitive data stored in cloud services, how that data is shared within organizations and with third parties, and how risky employee behavior can expose data. We also examine the external threats that use the cloud to exfifiltrate sensitive data pilfered from on-premises systems as well as attacks directed at sensitive data stored in cloud services. Finally, we cover general usage trends including the top most widely used cloud services.

Banking and capital markets firms have several things to be happy about in Accenture Security‘s comprehensive research study. Compared with the findings from last year’s report, the percentage of successful security breaches has decreased. The number of cybersecurity capabilities in banking increased from 15 to 19. Give this report a read.

This is a handy and simple guide for helping individuals understand and implement Privileged Access Security.

This report is based on a survey that sought to see how organizations were protecting their data.

This book offers some insight into email cybersecurity issues. It posits that email doesn’t have to be scary.

This study is a summary of responses from over 400 cybersecurity professionals to provide a comprehensive snapshot on the evolving threat landscape, insider and external threats, preventative measures, threat monitoring and data collection, threat intelligence, threat detection, threat hunting, threat analytics, incident response, and incident recovery.

This report is based on a survey conducted from a variety of groups with regards to Secops and why are there is a gap between what it intends to do and the reality of what it is.

This is an infographic summary based on the 2017 Security Pressures report.

This paper seeks to discuss the weaknesses of cybersecurity management.