This is a short guide for helping organizations become SOC 2 compliant.

This annual report takes a look at the most popular vulnerabilites used by cybercriminals. It intends to help organizations make good, informed decisions about their cyber security.

This whitepaper follows a specific Phishing attack and details the events that took place.

This report discusses the reality that everyone is susceptible to fraudulent emails. It discusses why that is the case, and offers some solutions.

This is a threat advisory for the Tiscali App.

This paper discusses the top 20 Center for Internet Security (CIS) Critical Security Controls (CSC) come into play, providing organizations with 20 key controls that they can implement to mitigate some of the threats they are facing.

Verizon’s annual report on all data breaches in 2015

The object of this report is to answer the question, what will happen in 2018?

This report examines key trends across the threat landscape and application usage, including topics on how organizations can educate users and utilize controls to effectively reduce the attack surface available to an adversary, the potential effects of non-standard network activity, the reuse of legacy attack tactics, and the benefits of open threat intelligence sharing.

This whitepaper presents 15 best practices for making users a powerful layer of phishing defense.

This report offers some significant predictions of phishing attacks in 2018.

EY’s Global Information Security Survey investigates the most important cybersecurity issues facing businesses today. It captures the responses of 1,755 participants around the globe and across sectors, and our findings and conclusions are based on those insights and on our extensive global experience working with clients to help improve their cybersecurity.

This monthly threat report takes a look at the month of October 2017. More specifically, it takes a look at the shift in Phishing campaigns, the WIFI WPA Security VULN, and a variety of other threats.

This blog post provides great discussion and insight into an APT operating out of Iran that is specifically targeting the Aerospace and Defense Industries.

This special report analyzes Email and the threats that occur in that environment.

This report provides insights into the security events in mobile threats from the 3rd quarter of 2017

From the Report, “A common refrain from community banks and credit unions is that since they are not experiencing a fraud attack at the moment, they don’t see any need to invest in fraud protection. Now apply the same logic elsewhere – it follows then, that purchasing home insurance doesn’t make sense, as my house isn’t currently on fire. This kind of reasoning is short-sighted and leaves banks and their customers vulnerable to fraud–related financial losses. It also ignores a growing, if unfortunate, precedent – that losses from cyberattacks number in the billions of dollars annually (one report put it as high as $445 billion), and it continues to rise every year.”

This is a quarterly report that looks at cyber security issues in New Zealand and around the world.

This quarterly report offers key takeaways from the fourth quarter of 2017. Those takeaways come from Email, Exploit Kits, Web-Based Attacks, and Social Media and Domain Research.

Positive Technologies regularly performs assessment of information security awareness among employees at major companies all over the world. This report provides statis- tics and analysis from 10 most instructive testing projects in 2016 and 2017, including examples of successful attacks against employees. These projects are based on various social engineering techniques and generally included emails, phone conversations, and communication via social networks.

This book offers some insight into email cybersecurity issues. It posits that email doesn’t have to be scary.