Outsourcing is a fact of life for healthcare organizations, from routine functions such as food services and laundry to regulatory compliance and clinical activities. Large numbers of vendors must be properly managed in order to reduce clinical, financial and regulatory risk. This paper discusses how to reduce complexity in third-party vendor risk management, and how to turn uncertainty and confusion into efficiency and confidence.

How is cyber-resilience defined and measured? How are breach risk and cyber resilience related, and what is the best way to improve cyber-resilience for an enterprise? This paper will answer these questions and shed light on steps you can take to improve the cyber-resilience of your enterprise.

From the Report, “When you are faced with multiple risks and regulatory requirements, as well as constantly-changing industry trends, how do you connect the dots? How do you bring all this information together in a way that is meaningful to your organization? MetricStream Research offers you a range of cutting-edge GRC research reports, insights, and analyses that empower you to make informed and effective decisions on your GRC Journey®. Through primary and secondary research, we analyze the latest GRC trends and developments, and transform this data into the intelligence you need to drive exceptional performance.”

This report offers insight into issues that Global Banks have in maintaining Global Compliance.

From the report, “All three of our stories in this issue of the State of the Internet / Security report are about things most organizations aren’t examining. Whether the cause is that organizations don’t perceive some issues as important to their environment, if they don’t have tooling to monitor these issues, or if the resources to monitor this traffic are not available, this traffic is often being overlooked.”

In this paper, a depp look into existing cybersecurity practices, their shortcomings, and the urgent need to avoid breaches altogether and not just mitigate them after the fact.

This brief but important report offers information into the events and data from the holiday shopping season of 2018.

From the report, “This technical whitepaper presents and discusses the concept of “Connectivity as Code”, a complementary concept to “Infrastructure as Code” (IaC), and we will explain how it can be incorporated into the DevOps lifecycle for a more agile application delivery. We will also describe how empowering the developer to define the application’s connectivity requirements will bridge the gap between developers and network security, and help to automate the application delivery process end-to-end. The solution presented in this whitepaper seamlessly weaves network connectivity into the DevOps methodology, while ensuring continuous compliance, so that automation does not compromise security.”

The State of Payment Processing & Fraud: 2018 Inaugural Survey & Report is a first-of-its kind study brought to you by Kount and The Fraud Practice. The inaugural survey reached hundreds of acquirers, processors, gateways, payment facilitators and issuers to get their take on the state of the industry and what is most critical for attracting and retaining clients and growing processing volumes.

This is a handy guide that provides information useful for understanding online fraud.

This report offers 14 tips to fortify your public cloud environment. From the report, “This edition of RedLock’s Cloud Security Trends marks the report’s one year anniversary, and it’s been a sobering year in terms of public cloud breaches, disclosures and attacks. This report highlights key learnings from these incidents along with research by the RedLock Cloud Security Intelligence (CSI) team to shed light on the trends that we can expect this year.”

This report has been produced in partnership with the 400,000 member Cybersecurity Insiders community of IT security professionals to explore how AWS user organizations are responding to security threats in the cloud, and what tools and best practices IT cybersecurity leaders are prioritizing in their move to the cloud.

From the report, “Widespread data breaches, the EMV migration, and efforts to extend the longevity of the SSN, have created an ideal environment in which synthetic identity fraud is flourishing. Furthermore, consumers’ physical and digital footprints are becoming more complicated, meandering across locations, devices, and geographies. This makes it more difficult than ever to differentiate legitimate user behavior from fraudsters. Businesses need to prevent synthetic identities from entering their ecosystems by understanding anomalies to individual user behavior and helping to correlate the seemingly disconnected events and security incidents in real time. Combining historical and real-time data and leveraging machine learning to analyze individual behavior across channels can reveal complex patterns to help detect and block synthetic identities without causing friction for real customers.”

RiskIQ uses its repository of scanned mobile application stores to perform analysis on threat trends in the mobile application space. Q3 showed a nearly 220 percent increase in blocklisted apps over Q2. Due to a surge in total apps observed, the percentage of blocklisted apps dropped from 4% in Q2 to 3% in Q3.

This report offers insight into how you can use the theory of 8 degrees of separation in threat research.

In this new research, Farsight Security selected the primary domain for nearly 4000 organizations, including leading global corporations and higher education institutions. We then tested those domains using key DNS indicators to assess adoption of emerging technologies and risk exposure.

A survey of financial services executives responsible for digital security measures at their firms (see Methodology) sheds light on the industry’s objectives for digital channels, perceptions about the scale of the threat posed by fraud and a range of vectors for attack, and confidence in existing defenses.

This study’s principal conclusion clearly mirrors today’s cybersecurity landscape: every organization is vulnerable to a cyber attack. This report uses measures of awareness and readiness to assess three degrees of vulnerability, each of which indicate differing needs to take action.

Cybersecurity incidents are increasing at astonishing rates with no end in sight. The impact of these incidents in business disruption, cost and invasion of individual privacy has provoked a groundswell of legislation and government regulation across the globe. With new regulations coming fast and furious, security professionals are often in uncharted territory, forced to juggle conflicting goals of security and privacy on one side and business growth and innovation on the other—and all under the umbrella of compliance and monitoring. Read on to learn more helpful information.

This report provides new mindsets and methods for measuring and minimizing business risk.

Cybercriminals will use any and all devices available to them in order to lie, cheat and steal from you. Until they’re blocked. Then they switch to different devices, counting on your fraud prevention efforts to forget about their old devices. When that happens, they start using their old devices again. They would love for you to believe that device history isn’t important. That’s why your fraud prevention tools shouldn’t forget older devices either. It’s essential to know when a device, especially one that’s new to your business, has a history of fraud. Even if that fraud happened years ago.