The Hiscox Cyber Readiness Report 2023 reveals that small business owners are getting smarter, but so are cyber criminals. Although 63% of small businesses in the US are cyber intermediates and 4% are cyber experts, almost half (41%) experienced at least one cyber-attack during the past year. The report surveyed over 5,000 professionals responsible for their company’s cyber security strategy from the US, UK, France, Germany, Spain, Belgium, Republic of Ireland, and The Netherlands, including more than 500 US small business professionals.

COVID-19 has dramatically changed the workplace and has created new cybersecurity risks and exacerbated existing risks. The purpose of this research, sponsored by Keeper Security, is to understand the new challenges organizations face in preventing, detecting and containing cybersecurity attacks in what is often referred to as “the new normal”. All respondents in this research are in organizations that have furloughed or directed their employees to telework because of COVID-19.

The Security Navigator reflects first and foremost the reality of the conflictual nature of cyber warfare. It mirrors the disinhibition of threat actors motivated by state strategies or hacktivism as well as criminal opportunities. In this environment, espionage, sabotage, disinformation and extortion are becoming increasingly intertwined. This document is also intended to become the cornerstone of the partnership of trust that we wish to build with you. It must enrich our debates within a community that is still too isolated.

The 2023 State of Web Application Security Report investigates the evolving security practices, tools, and technologies employed by organizations worldwide to enhance file upload security. 97% of survey participants reported using containers in environments that host web applications. Additionally, web applications that accept file uploads are increasingly being hosted on cloud-based platforms, including both Infrastructure as a Service (IaaS) and Software as a Service (SaaS) solutions

When you overlap Resilience’s claims data with data from ransomware incident response partner Coveware, blockchain analytics firm Chainanalysis, security partner Zscaler, and security firm Sophos, it reveals five key findings that impact both network defenders and the cyber insurance industry at large.

The BlackBerry Global Threat Intelligence Report has become a key reference guide for cybersecurity professionals worldwide, including CISOs and other decision makers, to keep the security community informed of the latest cybersecurity threats and challenges globally affecting their industries and platforms. This report covers threats encountered in June 2023 through August 2023. It examines the challenges faced by many industry sectors, with a focus on protecting government and public entities, risks within the healthcare sectors, safeguarding critical infrastructure, and the importance of protecting vulnerable entities within the financial sector.

The report explores a notable shift towards instability within the threat landscape and an increase in unnamed ransomware variants, potentially due to affiliates shifting between names to find the highest profits while reducing exposure to law enforcement. It also explores trends in ransom demands and payments across various industries. Finally, we discuss what may be coming in Q4 as the ransomware ecosystem continues to shift.

The report presents the findings of the analysis of statistical data obtained using the Kaspersky Security Network (KSN) distributed antivirus network. The data was received from those KSN users who gave their voluntary consent to have data anonymously transferred from their computers and processed for the purpose described in the KSN Agreement for the Kaspersky product installed on their computer.

Our findings in this year’s Skybox Vulnerability and Threat Trends Report, detailed below, make the urgency of the situation abundantly clear. Vulnerabilities have skyrocketed, eclipsing all previous records. Attacks are increasing in velocity and impact. Threat actors are targeting more sensitive assets and inflicting more damage. They are better organized—backed increasingly by large crime rings and nation-states—and are employing more sophisticated tools and tactics, such as a growing assortment of backdoor malware and advanced persistent threat (APT) attacks.

As the findings in this report show, these attacks are also having a greater impact, adding to pressure on security leaders to choose the right solutions and keep the entire environment safe, without sacrificing overall performance or innovation. The 1,200 respondents agreed overwhelmingly on the effectiveness of segmentation in keeping assets protected, but their overall progress in deploying it around critical business applications and assets was lower than expected.

In April 2023, ReversingLabs partnered with Dimensional Research to survey 321 security and IT professionals on their software supply chains for its report, “Software Supply Chain Security Risk Survey.” This analysis presents key findings and actionable recommendations for security organizations in four key areas: traditional applications security shortcomings, software supply chain complexity and security, security in software development and enterprise-wide security risks.

The Threat Horizons Report will continue to highlight advanced threats to the cloud, sophisticated attack campaigns, and novel techniques used to target victims in the cloud. By focusing on good cloud hygiene, defenders will raise the bar necessary for attackers to be successful while reducing the risk of becoming a victim to a common attack.

This report covers the threat landscape, as encountered by our sensors and analysts in the first half of 2023. General malware data presented in the report is gathered from January–May of this year, and reflects threats targeting endpoints that we observed in these months. The report represents a global outlook and is based on over 1,000,000 unique endpoints distributed around the world. Most of the statistics discussed focus on threats for Windows operating systems, as these are much more prevalent then those targeting macOS and Linux.

Our annual Threat Intelligence Report is aimed at anyone interested in cybersecurity, from the technical specialist to the senior CISO. The main focus, however, is to guide decision-makers responsible for developing strategic plans for their organization’s cybersecurity to ensure that resources are well invested. Our report last year focused on technical challenges; this year’s report will focus on real-world changes and how they can impact your organization’s cybersecurity.

The 2023 Elastic Global Threat Report is a summary of more than a billion data points distilled down to a small number of distinct categories. We describe the tools, tactics, and procedures of threats from the perspective of endpoints and cloud infrastructure — the most common enterprise attack surfaces — so readers with varying priorities can determine the best course of action to take next.

The 2023 Comcast Business Cybersecurity Threat Report was developed to help technology and security leaders get a deeper understanding of trends in cybersecurity threats—and the steps they can take to help protect their organizations from an evolving set of threats. Our goal is to provide insights from billions of threat data points and context around common ways that cybersecurity attacks arise and unfold.

This report is based on the summary statistical analysis of over 9,000 cyber claims for incidents that occurred during the five-year period 2018–2022. By comparison, the third Cyber Claims Study, published in 2013, analyzed fewer than 150 cyber insurance claims.

In this fourth annual edition of the Microsoft Digital Defense Report, we draw on our unique vantage point to share insights on how the threat landscape has evolved and discuss the shared opportunities and challenges we all face in securing a resilient online ecosystem which the world can depend on.

Coalition’s 2023 Cyber Claims Report: Mid-year Update features data from organizations across the United States. Cyber risk is global in nature, and we believe the trends and risk mitigation strategies within this report are applicable regardless of location. We’re proud to share these insights to help our policyholders, broker partners, and others in the cyber insurance industry stay informed about the ever changing threat landscape.

The 2023 OpenText Cybersecurity Threat Report is based on data continuously and automatically captured by the BrightCloud Platform — the proprietary machine learning based architecture that powers all of our Webroot protection and BrightCloud services. This data comes from over 95 million real-world endpoints and sensors, specialized third party databases, and intelligence from end users protected by our technology partners. In this report, we’ll break down a broad range of threat activity, offer insights into the trends we’ve observed, discuss wide reaching impacts for industries, geographies, companies, and individuals, and reveal what our threat experts expect to see in the coming year.

Today’s apps are multifunctional, combining communication, collaboration, and commerce. The fragmentation of mobile devices, cloud computing, and third-party components and services have changed how apps store, transmit, and process data. As a result, sensitive information is at risk thanks to the expansion of the attack surface and the rapid evolution of threats.