This report helps uncover vulnerabilities missed by traditional security tools and detect unnoticed malicious activities. To understand how security professionals utilize threat hunting, we surveyed 218 security analysts to identify effective strategies, challenges, and metrics for success.

This year’s research explored three key outcomes and the capabilities that contribute to achieving those outcomes: Organizational performance, team performance and employee well-being. The research also explored means or performance measures that we often talk about like ends-in-themselves: software delivery performance and operational performance.

The Global Cybersecurity Outlook flagship report identifies the trends and analyzes the near-term future cybersecurity challenges. The accelerated shift to remote working during the COVID-19 pandemic coupled the recent high-profile cyberattacks have resulted in bringing cybersecurity top of mind among key decision-makers in organizations and nations.

In a year of new and evolving cyber risks, our community banded together to protect the global financial system and the people it serves. From the latest in phishing lures to nation-state threats, from new ransomware tactics to managing supply chain risk. we focused on arming our members with the intelligence and knowledge they need to keep our sector secure and resilient.

The SANS CTI survey shows that many CTI programs can meet the challenge. While some programs are just getting started due to increased cybersecurity needs and a growing, complex threat environment brought on by the rapid shift to remote work, organizations can rely on CTI providers and information-sharing groups to fill in the gaps as their programs mature.

The threat landscape is constantly evolving- and the tools you used to protect your business yesterday certainly won’t keep you safe tomorrow. In this white paper, you’ll learn three ways an intelligent, integrated approach can streamline your security operations.

The intent of the exercise was to assess public and private sector-wide communications and information-sharing mechanisms, crisis management protocols, and decision-making, as well as legal and regulatory considerations as exercise participants responded to and recovered from significant ransomeware attacks targeting the financial sector. The scenario emphasized global cross-jurisdiction information sharing among financial firms, central banks, regulatory authorities, trade associations and information-sharing organizations.

This report describes how money laundering is typically performed in the context of large-scale cyber heists. It illustrates key parts of the typical processes used by cyber criminals with examples to help better inform readers on areas they should focus on to better prevent, detect and respond to money laundering. In addition, the report offers perspectives on areas in which controls could be further improved and how money laundering techniques may evolve

This report creates an overall picture of the cybersecurity capabilities of public power utilities. Moreover, it supports the previous year’s findings and provides a consistent approach for supporting DOE’s Multiyear Plan for Energy Sector Cybersecurity.

The initial global cybersecurity index report. Using a survey based approach, this report attempts to create a global index for the state of cybersecurity and establish country specific wellness profiles.

A survey driven review of 25 indicators via 157 questions spanning 193 respondents. This attempts to focus on factors influencing cybersecurity strategy design and implementation on a year-over-year basis.

A survey driven review of 25 indicators via 50 questions spanning nearly 160 respondents. This attempts to focus on factors influencing cybersecurity strategy design and implementation on a year-over-year basis.

The third annual report from Hacker One on the state of the hacker/security testing community. Data is drawn from Hacker One’s community of bug bounty registrants and subscribing platforms.

A lot of progress has been made in the past few years around requirements. Next steps in this area include identifying when and why to update intelligence requirements—even ad hoc adjustments can be planned for by identifying the circumstances under which they would need to be changed. It is also clear that there are numerous positive trends in the community, such as more organizations producing intelligence instead of just consuming it. But there are also many challenges, such as getting the appropriate staffing and training to conduct cyber threat intelligence. Tools and data sources are always going to be vital to the process, but the world of intelligence analysis is inherently analyst driven and a focus is rightfully placed there.

This year’s SANS survey saw an increase in usage and interest in CTI, along with a diversification in how the intelligence is being used by organizations. While the use of CTI continues to grow, there is no one-size-fits-all approach. Organizations leverage different types of CTI to meet different needs. This survey focuses on how and why CTI is being used, how it is helping defenders, what data sources are being leveraged, and how data is converted into usable intelligence.

Upon request by the United States Senate Select Committee on Intelligence (SSCI), New Knowledge reviewed an expansive data set of social media posts and metadata provided to SSCI by Facebook, Twitter, and Alphabet, plus a set of related data from additional platforms. The data sets were provided by the three primary platforms to serve as evidence for an investigation into the Internet Research Agency (IRA) influence operations.

This report offers insights into why a CSIRT is crucial in today’s world. It provides some helpful tips and steps that can improve any organization’s response team.

Ponemon Institute is pleased to present The Value of Threat Intelligence: Annual Study of North American and United Kingdom Companies, sponsored by Anomali. The purpose of this research is to examine trends in the benefits of threat intelligence and the challenges companies face when integrating threat intelligence with existing security platforms and technologies.

This report offers insights and guides into the new Help America Vote Act.

This whitepaper is intended to help firms understand how security automation can accelerate analyst response time to incoming phishing alerts and minimize the impact of these malicious attacks on their environment.

This report provides information cultivated by the Task Force, which offers the opportunity to address significant cybersecurity concerns in the health care industry.