This global survey was carried out during the third quarter of 2019. 271 brokers and 96 underwriters – all involved in cyber insurance - shared with us their observations and views of the cyber insurance marketplace

Sonicwall outlines the changes in the threat landscape in 2020 for companies to utilize.

A report by DZone showing trends in the changing AppSec industry.

Risk Based Security has been sharing our Vulnerability QuickView reports with the world, providing detailed analysis on the vulnerability landscape based on data from our vulnerability intelligence product, VulnDB . Continuing from our previous 2019 Mid-Year report, this edition of the QuickView delves into the months of August through October. The information collected is displayed in a series of charts depicting various groupings, classifications, insights, and comparisons of the data

A review of current maturity levels and practices as seen from Micro Focus’s five year history of reviewing security programs.

Using data from the Verizon DBIR and other sources, this report reviews the value of DNS in overall organizational security.

The PSR has the unique role of measuring the strengths and weaknesses of the PCI DSS and tracking the sustainability of compliance. It also measures and tracks challenges associated with implementing and maintaining security controls required for PCI DSS compliance.

The VIPR report (Verizon Incident Preparedness and Response Report) outlines preparations and responses to data breaches. This includes 6 phases, planning and preparation, detection and validation, containment and eradication, collection and analysis, remediation and recovery, and assessment and adjustment.

A survey based report on the attitudes and beliefs of security professionals to the challenges and opportunities in cloud security.

This report compiles information gained by the Trustwave SpiderLabs who maintain a presence in some of the more prominent recess of the online criminal underground. The provide information on the dark web’s code of honor, reputation systems, job market, and techniques used by cybercriminals to hide their tracks from law enforcement.

From the report, “[This] report also captures the changing strategies used by attackers and highlights how organizations today are bolstering their defenses to stay one step ahead. It concludes with a peek into the cybersecurity areas that will be pertinent in the near future. We hope that you will benefit from the global and industry-specific insights available in this edition of the State of Cybersecurity Report and that together, we will be able to make our enterprises more resilient to withstand and recover from future attacks!”

From the report, “The challenges facing security teams are, perhaps unfortunately, common knowledge by now. A constant rise in alert volume, a stark security skills gap, piecemeal processes, and siloed tools have made security operations a tough place to be. In 2018, Demisto commissioned a large study to delve deeper into these issues, their manifestations, and possible solutions. The 2019 report broadens the perspective from Security Orchestration, Automation, and Response (SOAR) to the security incident response lifecycle. Demisto commissioned a study with 552 respondents to find out specific challenges at each stage of the incident response lifecycle, how current product capabilities help overcome these challenges, and what capabilities are missing within security products today.”

From the report, “We wanted to do something different for this report. Instead of looking at a single type of attack, we stepped back to look at attacks against banks, credit unions, trading companies, and other organizations that make up financial services as a whole. Most defenders only see a very small segment of the overall traffic, whether they’re the target or the vendor supplying defensive tools. The breadth of Akamai’s products and our visibility into a significant portion of Internet traffic allows us to research multiple stages of the attack economy.”

This report seeks to explore user knowledge of a broad range of best practices for cyber hygiene, security and compliance.

This report takes a look at how Russia’s nationalism along with new internet laws are fueling Russian cybercrime.

The Bromium Threat Insights Report is updated on a regular basis to track notable threats and the information gleaned from them.

Whether accidental or malicious, insider incidents can result in financial fraud, privacy abuses, intellectual property theft, or damage to infrastructure. It’s difficult for security pros to detect this suspicious activity because insiders need to have privileged access to data to do their jobs. Since insiders are people and, therefore, entitled to privacy and due process, security pros must handle these incidents with greater care than external threats. This report describes how to build an insider threat program.

From the report, “BEC is a specific type of phishing email that operates without links and without attachments (two of the standard markers that perimeter defenses look for). However, instead of taking over a computer or stealing data, BEC hackers impersonate an executive (a known CEO, CFO or other CxO), and persuade the recipient (an employee) to perform some action – like wiring money or attaching information to an email. " Read on to learn more.

In this report they explore: • Why AI-enabled cybersecurity is increasingly necessary • How organizations are benefitting from AI in cybersecurity • Where organizations should focus their cybersecurity initiatives • Building a roadmap for implementing AI in cybersecurity

This report covers trends in retail and hospitality in 2019. It covers Cyber espionage that impacts hospitality, how virtual skimming threat data poses risk to payment card data, and an analysis and comparison of point-of-sale malware companies.

This report is essential reading for executives, security practitioners and development teams who want to better understand the present state of software security risk, and who seek to benchmark and improve their own organization’s performance.