Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

NIST

Below you will find reports with the tag of “NIST”

image from 2022 Attack Vectors Report

2022 Attack Vectors Report

For this year’s report, we have incorporated additional data from previous years to provide an enhanced view of the present threat climate. Additionally, given the prevalence of internal compromises over external, we chose to focus the bulk of our analysis on internal attack vectors, and then compared this data to maturity scores.

(more available)
Added: August 8, 2023
image from The State of Noncompliance in Cyber Risk Management

The State of Noncompliance in Cyber Risk Management

The goal of this report is to offer a view on the state of compliance in today’s typical organization, including: the rate of noncompliance among a typical organization’s assets, the compliance standards that are hardest for organizations to adhere to, how well compliance tracks against the overall risk surface and the most common security controls causing non-compliance.

(more available)
Added: October 12, 2022
image from Public Power Cybersecurity Scorecard 2019 Annual Report

Public Power Cybersecurity Scorecard 2019 Annual Report

This report creates an overall picture of the cybersecurity capabilities of public power utilities. Moreover, it supports the previous year’s findings and provides a consistent approach for supporting DOE’s Multiyear Plan for Energy Sector Cybersecurity.

(more available)
Added: January 14, 2022
image from Security Outcomes Study Vol. 2

Security Outcomes Study Vol. 2

Over 5,100 IT and security professionals across 27 countries were asked about their organizations’ approaches to updating and integrating security architecture, detecting and responding to threats, and staying resilient when disaster strikes. They shared a wide range of insights, struggles, strategies, and successes. Responses were analyzed in multiple ways and key findings were extracted.

(more available)
Added: December 7, 2021
image from The 2021 Security Outcomes Study

The 2021 Security Outcomes Study

Based on a survey of over 4,800, this report reviews the practices that lead to positive outcomes for security programs. Linking together practices that are more (or less) successful to the characteristics of positive outcomes, this report aims to give guidance for where practitioners can focus their efforts to achieve similar outcomes.

(more available)
Added: December 1, 2020
image from Moving Forward: Setting the Direction

Moving Forward: Setting the Direction

This report evaluates the state of security in healthcare in 2020, and compares it against 3-years’ worth of historical client data.

(more available)
Added: October 18, 2020
image from 2019 Cyber Risk Management Maturity Benchmark Survey Results

2019 Cyber Risk Management Maturity Benchmark Survey Results

The 2019 Survey of 211 participants covers Overall risk security, Risk Management, and also covers what job titles are involved, and what industries are involved.

(more available)
Added: February 9, 2020
image from Common and Best Practices for Security Operations Centers: Results of the 2019 Survey

Common and Best Practices for Security Operations Centers: Results of the 2019 Survey

A survey of over 300 security professionals on security operations center (SOC) practices and how those practices relate to outcomes.

(more available)
Added: November 25, 2019
image from Common and Best Practices for Security Operations Centers: Results of the 2019 SOC Survey

Common and Best Practices for Security Operations Centers: Results of the 2019 SOC Survey

This 2019 edition of the SANS Security Operations Center (SOC) Survey was designed to provide objective data to security leaders and practitioners who are looking to establish a SOC or optimize their existing SOCs. The goal is to capture common and best practices, provide defendable metrics that can be used to justify SOC resources to management, and to highlight key areas on which SOC managers can focus to increase the effectiveness and efficiency of security operations.

(more available)
Added: October 1, 2019
image from 2019 SANS Automation & Integration Survey

2019 SANS Automation & Integration Survey

Automation balances machine-based analysis with human-based domain knowledge to help organizations achieve optimal workflows in the face of staff shortages and alert fatigue, all caused by an increasing number of destructive threats. Yet, 59% of survey respondents indicate that their organizations use low levels or no automation of key security and incident response (IR) tasks. In this new SANS survey, we wanted to understand and explore some of the misconceptions versus facts around automation and what to do about it.

(more available)
Added: April 19, 2019
image from Striking Security Gold: Uncovering Hidden Insights in a decade's worth of RSA Conference abstracts

Striking Security Gold: Uncovering Hidden Insights in a decade's worth of RSA Conference abstracts

From the report, “But what exactly do we talk about when we talk “security?” That’s the question we seek to answer in this report, which has its roots in a similar question asked by an eight-year-old daughter two and a half years ago: “What’s the RSA Conference about, Daddy?” That root sprouted into a four-part blog series and a panel discussion a year later where we analyzed 25 years of session titles in honor of the 25th anniversary of RSA Conference.”

(more available)
Added: March 16, 2019
image from Top Three Use Cases: Automated OT Asset Discovery and Management

Top Three Use Cases: Automated OT Asset Discovery and Management

This report takes an inside look at Industrial Control Systems and the need for them to be updated for the new Cyber Security Threats.

(more available)
Added: March 9, 2019
image from Building Trust In The Cloud: Overcoming Cybersecurity Concerns To Reap Cloud's Benefits

Building Trust In The Cloud: Overcoming Cybersecurity Concerns To Reap Cloud's Benefits

The HIMSS Media survey, Cloud Security Insights, sponsored by the Center for Connected Medicine, sought to better understand attitudes and perceptions about cloud security among hospitals and health systems. It’s findings: among the IT, cybersecurity and informatics professionals surveyed, more than half cited cybersecurity concerns as “significantly limiting” their use of cloud services.

(more available)
Added: March 1, 2019
image from Cloud Security Trends: May 2018

Cloud Security Trends: May 2018

This report offers 14 tips to fortify your public cloud environment. From the report, “This edition of RedLock’s Cloud Security Trends marks the report’s one year anniversary, and it’s been a sobering year in terms of public cloud breaches, disclosures and attacks. This report highlights key learnings from these incidents along with research by the RedLock Cloud Security Intelligence (CSI) team to shed light on the trends that we can expect this year.”

(more available)
Added: February 12, 2019
image from Summary of Reports Issued Regarding Department of Defense Cybersecurity from July 1, 2017, Through June 30, 2018

Summary of Reports Issued Regarding Department of Defense Cybersecurity from July 1, 2017, Through June 30, 2018

From the report, “DOur objective was to (1) summarize unclassified and classified reports issued and testimonies made from the DoD oversight community and the Government Accountability Office (GAO) between July 1, 2017, and June 30, 2018, that included DoD cybersecurity issues; (2) identify cybersecurity risk areas for DoD management to address based on the five functions of the National Institute of Standards and Technology (NIST), “Framework for Improving Critical Infrastructure Cybersecurity,” April 16, 2018 (Cybersecurity Framework); and (3) identify the open DoD cybersecurity recommendations. This summary report also addresses the Federal Information Security Modernization Act of 2014 (FISMA) requirement to provide an annual independent evaluation of the agency’s information security program by using the identified findings to support the responses made in our assessment.”

(more available)
Added: January 31, 2019
image from Report On Improving Cybersecurity In The Health Care Industry

Report On Improving Cybersecurity In The Health Care Industry

This report provides information cultivated by the Task Force, which offers the opportunity to address significant cybersecurity concerns in the health care industry.

(more available)
Added: November 24, 2018
image from Trends In Security Framework Adoption

Trends In Security Framework Adoption

This report, is based on a survey of 338 IT and security professionals in the US. The goal of the survey was to quantify adoptions of security frameworks.

(more available)
Added: October 26, 2018
image from 6 Questions To Ask Before Implementing A Vulnerability Disclosure Program

6 Questions To Ask Before Implementing A Vulnerability Disclosure Program

This guide provides some thoughts about implementing a Vulnerability Disclosure Program.

Added: October 24, 2018
image from Cloud Best Practices:Audit Checklist For Endpoint Security

Cloud Best Practices:Audit Checklist For Endpoint Security

This 10-point checklist outlines best practices for designing a security architecture that protects cloud data at the endpoint. Enterprise computing architectures have changed fundamentally in the last ten years, as employees consume an ever-growing collection of business cloud services through mobile apps. The traditional security approach of network perimeter and locked-down endpoints is not suitable for this app-to-cloud model of modern work.

(more available)
Added: October 15, 2018
image from Cybersecurity Poverty Index

Cybersecurity Poverty Index

The second annual RSA Cybersecurity Poverty Index is the result of an annual maturity self-assessment completed by 878 individuals across 24 industries. The assessment was created using the NIST Cybersecurity Framework (CSF) as the measuring stick to provide global insight into how organizations rate their overall cybersecurity maturity and practices. This report presents what was learned.

(more available)
Added: October 15, 2018
image from Where Do We Go From Here? 2017 Risk Management Maturity Benchmark Survey

Where Do We Go From Here? 2017 Risk Management Maturity Benchmark Survey

In this report they seek to answer four important questions. How mature is the profession today? Where are we weakest/strongest? Which improvements in maturity are likely to matter most? How do we rate against others in our industry?

(more available)
Added: October 12, 2018
© Cyentia Institute 2025
Library updated: June 23, 2025 20:08 UTC (build b1d7be4)