The second annual RSA Cybersecurity Poverty Index is the result of an annual maturity self-assessment completed by 878 individuals across 24 industries. The assessment was created using the NIST Cybersecurity Framework (CSF) as the measuring stick to provide global insight into how organizations rate their overall cybersecurity maturity and practices. This report presents what was learned.

This project comprised two main research and development phases. The first phase of the project entailed a requirements analysis and architecture-design effort. For further details on this phase, please refer to the first study report. The second phase of the project entailed the development of a proof-of-concept toolbox. This report presents the proof-of-concept toolbox.

Based on this research on the growing age gaps in the workforce, Centrify has been able to identify some key recommendations that senior decision makers can follow to help bridge the gap and harmonise approaches to data security and privacy in the workplace.

This report takes a very deep look at the subject of Spear Phishing and the impact it is having on business.

This report documents research conducted as part of the project “Building a Strategy for Cyber Support to Corps and Below.” RAND Arroyo Center was asked by U.S. Army Cyber Command’s G35 office to develop and document an Army strategy for providing cyber sup- port to corps and below (CSCB) units that describes how the Army should use its available resources to achieve mission objectives.

This annual study is conducted by Ponemon Institute to understand trends and changes in endpoint risk in organizations. An endpoint can include servers, desktops, laptops, smartphones, and even printers, ATMs and PoS devices. They surveyed 694 US IT and IT security practitioners who are involved in endpoint security in a variety of organizations.

This paper will take a quick look at two real-world examples of product releases gone wrong and overview the risks & challenges inherent in optimizing performance of wireless medical devices. They then outline best practices for cost-effectively mitigating risk and euring quality in life-critical deployment scenarios.

This article asks some experts local to the Boston area about CyberSecurity. It provides for interesting discussion and insight.

This report offers helpful insight into preparing for compliance with NIST-800-171.

The Rise of Nation State Attacks, sponsored by CounterTack | MCSI and conducted by Ponemon Institute, reveals organizations’ lack of readiness to respond to nation state attacks due to an uncertainty as to what a nation state attack is and how to identify the key characteristics, methods and motives of these attacks that originate with foreign governments.

The emerging field of cybersecurity economics could benefit from better data, better under- standing, and better methods for using resources wisely, not only to protect critical products and services but also to provide assurances that software will work as expected. This research brief presents findings that address these key cybersecurity concerns, perceptions of the importance of cybersecurity, and considerations for cybersecurity invest- ment decisions. In particular, it suggests that companies, the government, and other organizations can help improve our under- standing of cybersecurity economics by moni- toring cybersecurity incidents and responses, soliciting and using standard terminology and measures, and sharing data whenever possible.

This white paper provides the results of a survey that looked to understand the weaknesses in the current state of database security.

As such, this survey sought to explore the state of DNS security in the cybersecurity/IT market, discover how highly IT and cybersecurity professionals rank DNS security, and gauge the strength of the DNS protections enterprises have in place.

You’re convinced that protecting privileged accounts is paramount in your security strategy. But how do you go about selecting the right solutions from the right provider? You need a guide to know what to expect, and what to look for as you evaluate potential privileged account security solutions. To help you make informed decisions, the following are seven questions to ask every potential vendor as part of your assessment.

Bitglass reports on the results of their survey regarding how cybersecurity teams are mitigating various threats in the cloud.

This edition of Spotlight features a selection of work carried out in 2017 by the Rand Corporation, to help meet new and evolving challenges. They have completed several studies that examine the implications of Brexit for the UK, the EU, and beyond. They have examined the potential of increasingly advanced technology, including in the areas of cybersecurity and digital transactions. And they have evaluated and recommended improvements to be made along the path to better systems in health, policing and education.

This whitepaper provides an excellent resource for understanding SQL Injection attacks, in a web application environment.

From the report, “Internet of Things (IoT) technology holds incredible promise for transforming the enterprise, but one of the biggest hurdles for companies implementing IoT will be extracting insight from the incredible volumes of fast-moving data these systems produce and integrating that resulting intelligence into business processes in real time.”

An Annual Showcase of Data Breaches.

The ever-changing cyber threat environment is forcing IT decision-makers (ITDMs) to re- evaluate their security strategies. How well equipped are SMBs to protect their data? How are they adapting their approaches to keep pace with a barrage of new cyber threats? To find out, Webroot commissioned a study of ITDMs in the US, UK, and Australia to evaluate the current security concerns and strategies of SMBs around the world. This report discusses the results of that survey.

When employees leave a company, whether voluntarily or involuntarily, it is quite common for them to take sensitive and confidential data with them. This paper examines this problem in detail and provides solutions for employers to mitigate the risks.