This report takes a look at a threat that specifically attacks Android users.

For many organizations, dealing with HTTPS traffic is something of a double edge sword. Recent moves to encryption challenge the status quo in terms of organizational oversight. Finding a balance between competing interests will be critical to moving forward, but while present technology limitations hamper those efforts, technological advancements can enhance them.

System designers have long struggled with the challenge of determining how to control when untrusted applica- tions may perform operations using privacy-sensitive sen- sors securely and effectively. Current systems request that users authorize such operations once (i.e., on install or first use), but malicious applications may abuse such authorizations to collect data stealthily using such sensors. Proposed research methods enable systems to infer the op- erations associated with user input events, but malicious applications may still trick users into allowing unexpected, stealthy operations. To prevent users from being tricked, we propose to bind applications’ operation requests to the associated user input events and how they were ob- tained explicitly, enabling users to authorize operations on privacy-sensitive sensors unambiguously and reuse such authorizations.

Based on this research on the growing age gaps in the workforce, Centrify has been able to identify some key recommendations that senior decision makers can follow to help bridge the gap and harmonise approaches to data security and privacy in the workplace.

The Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data reveals that the majority of healthcare organizations represented in this study have experienced multiple data breaches. Despite the increased frequency of breaches, the study found that many organizations lack the money and resources to manage data breaches caused by evolving cyber threats, preventable mistakes, and other dangers.

This report provides data to help understand the need of helping employees understand PCI compliance in the retail industry.

This helpful report provides analysis of the GDPR, some misconceptions, and some helpful tips for becoming compliant.

The digital trust perception gap, and other findings in this ground-breaking study, highlight the need for business leaders to understand how much consumers trust organizations, what drives digital trust, and the business impact of losing that trust.

From the report, “Good privacy and security practices are often common sense—but ensuring that this common sense is applied consistently and rigorously makes all the difference in the world. In a truly risk-aware organization, employees combine policy know-how, common sense, and a keen eye for detail as they regularly align their actions with your organizations security and privacy principles. How will you ensure that you’ve got such a culture?”

This report from 2017 is based on a survey conducted during October and November of 2016. They surveyed over a thousand senior security executives from across the globe, including from key regional markets in the US, UK, Germany, Japan, Australia, Brazil, and Mexico, and key segments such as federal government, retail, finance, and healthcare.

This very thorough report is based on a survey that sought to understand the security status of China’s Fintech Enterprises.

When tackling cyber risk, board involvement and effective communication continue to drive performance. Learn more in this report on the key findings from Protiviti’s 2017 Security and Privacy Survey.

This paper discusses how the GDPR will affect you as a non-European company and provides insights into what you should do to prepare.

This special report brought to you by the folks at Symantec, takes a hard look at the security issues that surround smart speakers.

This report offers insight into Android and its use in the modern enterprise.

This paper will take a quick look at two real-world examples of product releases gone wrong and overview the risks & challenges inherent in optimizing performance of wireless medical devices. They then outline best practices for cost-effectively mitigating risk and euring quality in life-critical deployment scenarios.

This paper provides an in-depth look at current cryptominer trends and the technology behind Monero. Additionally, it explores the projected attack methods that threat actors are likely to adopt, as well as tactics and best practices that security teams can utilize to keep themselves on the right side of this emerging cat-and-mouse game.

This is Redspin’s 6th annual Breach Report: Protected Health Information (PHI). At the conclusion of each year, they analyze the complete statistical data set of large breaches that have been reported to HHS. In the report, they assess the overall effectiveness of the current policies and controls designed to safeguard PHI. In 2105, they identify significant trends and draw attention to the specific areas most in need of improvement. They then offer Redspin’s recommendations for preventive measures and corrective actions to address any critical gaps or weaknesses. Their goal is to help the healthcare industry continually improve its ability to protect patient information.

This is a report based on a one man’s experience with IoT security.

This document enumerates and evaluates consensus data categories that enterprise risk owners and insurers could use to assess risks, identify effective controls, and improve cybersecurity culture and practice. It is the second in a series of white papers.

Fueled by technological advances and social factors, the quantified self movement has experienced rapid growth. Quantified self, also known as self-tracking, aims to improve lifestyle and achievements by measuring and analyzing key performance data across a range of activities. This report deals with the threats and vulnerabilities that are present in the devices used to provide those measurements and analysis.