A survey driven review of 25 indicators via 157 questions spanning 193 respondents. This attempts to focus on factors influencing cybersecurity strategy design and implementation on a year-over-year basis.

A survey driven review of 25 indicators via 50 questions spanning nearly 160 respondents. This attempts to focus on factors influencing cybersecurity strategy design and implementation on a year-over-year basis.

This report outlines changes in healthcare cybersecurity in 2019 as well as changes predicted to happen in 2020.

This annual report outlines expected cybersecurity trends for the coming year.

After the CARES act was passed in March of 2020, fraudsters worked towards making money off of it. This report seeks to understand all of the components of fraud happening on the dark web in relation to the CARES act.

A review of the cybersecurity job market in the UK, the nature and extent of skill gaps and shortages. A combination of surveys, qualitative research with firms, and a review of job postings.

A review of 63 events where Kivu participated in payouts of ransomware events on behalf of clients engaged via a post-incident response. Provides firmographic breakdown of ransomware payouts.

A review of doxxing related ransomware cases handled by Kivu Consulting in a post-breach role. Explores firmographics of the organizations involved in various variants of ransomware families.

Using telephone survey of UK business and thirty in-depth interviews, this report reviews awareness and approaches to cyber security in the UK as well as the nature and impact of breaches by firm size and sector.

Using publicly available breach information, this report seeks to analyze the breaches and incidents occurring in the US K-12 educational sector.

An annual report using Carbon Black’s data sets of the Carbon Black Cloud customer footprint, Carbon Black User Exchange, public samples, Carbon Black Endpoint Standard data, and internal sources. Leverages the ATT&CK framework to determine common tools-techniques-processess (TTPs).

A survey of over 3,500 IT managers with data and workloads in the public cloud.

The Threat Intelligence Executive Report by Secureworks analyzes security threats and helps organizations protect their systems. During March and April of 2020, Secureworks noticed 3 developments in threat intelligence: Multiple threat actors leverage COVID-19, Remote access security is essential in the current working environment, and big breaches begin with small intrusions.

The Threat Intelligence Executive Report by Secureworks analyzes security threats and aims to help organizations protect their systems. In the first two months of 2020, they identified 3 main trends: Lesser-known government-sponsored threat groups putting data at risk, Citrix vulnerability disclosure causing spikes in incidents, and ransomware operators leveraging risk of GDPR fines as a threat.

The Threat Intelligence Executive Report by Secureworks is a report designed to analyze security threats and help organizations protect their systems. In this report, they look into Iranian espionage operations in 2020, Customized Magecart attacks, and China based threat groups targeting NGOs and Asian government networks.

A survey of stakeholders in operational technology (OT) environments across four industries: manufacturing, energy and utilities, healthcare, and transportation.

Drawn on over 1,000 incidents that The Crypsis Group responded to in 2019, this report looks for trends in industry and attack patterns for the past year. Primary focus areas for the report are ransomware, business email compromise (BEC), and data breaches. Also includes suggestions on defensive measures where appropriate.

The fifth annual survey uses survey results from over 3,4000 It and security professionals on organization’s ability to detect, prevent, contain, and respond to cybersecurity incidents.

This report sought to understand the health and security of Free and Open Source Software (FOSS) as it is today. It identifies the most commonly used free and open source software components in production applications, and examines them for potential vulnerabilities.

The annual report from Snyk on the state of open source software from a security perspective. Includes survey data from 500+ developers, internal Snyk vulnerability data from the projects monitored by Snyk, and additional aggregated source code repository data.

The fourth annual report from Hiscox. This survey based report collected responses from IT managers, executives, and other professionals across multiple sectors and countries. Focuses on assessing the cyber readiness of firms, budget spend, and losses experienced.