This report looks at data breach events in 2020. It then compares key aspects and trends of these breaches to data breaches in previous years. (more available)

This report looks at the malware used by a group called Sunburst. It gives a detailed timeline of attacks, and the code used in them. (more available)

This report was created after a survey of more than 900 Senior IT security decision-makers. It looks at how they allocate finite resources in a way that best serves their organization. (more available)

This report is based off of a survey of 7,000 office workers around the world. It looks at worker’s understanding of phishing and email clicking habits. (more available)

This report looks at the costs of cybercrime, money or otherwise, and the effect it has on selected sectors. It then gives recommendations for decision makers in order to prevent cybercrime. (more available)

This report is based on a survey of 75 IT decision-makers and 500 students. It aims to look at cybersecurity in education, and why preparation for a cyber threat matters. (more available)

This report breaks down several of the most common and most prominent types of cyber threats that impact automobile manufacturers and retailers. (more available)

This report is based on a survey aimed at understanding how businesses keep information safe. They outline 10 data breach trends and how they have changed in 2020. (more available)

This report covers vulnerabilities disclosed this year. It aims to help the reader navigate the current vulnerability landscape. It provides valuable insight into vulnerability trends and how they are impacting organizations. (more available)

A deep dive into the nature of the finance sector’s public risk surface. Reviewing subsectors of the finance ecosystem, including supply chains. (more available)

Akamai’s end of year review of the key events of 2020 affecting information security. Compiles findings from other SOTI reports with additional commentary and data from the Akamai service footprint. (more available)

This report looks at cybercrime in 2020, going into the changes in cybercrime, nationwide threats, security involving remote work, and how to improve security. (more available)

This report is a market analysis of companies in Asia-Pacific. It aims to look at new security challenges they face due to remote work. (more available)

This survey looked at company security on the employee level, finding that many employees are not careful with their data.

Based on a survey of over 4,800, this report reviews the practices that lead to positive outcomes for security programs. Linking together practices that are more (or less) successful to the characteristics of positive outcomes, this report aims to give guidance for where practitioners can focus their efforts to achieve similar outcomes. (more available)

This report focus on the data security of the financial industry: banking, insurance, and investments. It draws correlations between the current state of the security and the threats that are yet to come. (more available)

This report looks at the scale and complexity of cyberattacks on individuals and firms. It then goes into what needs to be done to deal with the complex and evolving threat of cyber attacks. (more available)

A survey of 2,200 IT professionals from organizations of 250 or more employees. Focuses on attitudes on and about cybersecurity.

A review of the threat volume and characteristics affecting e-commerce.

The 2020 edition of this annual report reviews five years of phishing events from F5’s Security Operations Center. This data is supplemented with active and confirmed phishing sites from Webroot and darkweb market data from Vigilante for a broad view of the volume and techniques of phishing activity. (more available)

The IRIS 20/20 Xtreme is a follow-up to the IRIS 20/20 study earlier this year, this time focusing on the 100 largest cyber incidents of the last five years, totaling $18 billion in reported losses and 10 billion compromised records. (more available)