A report derived from NTT’s managed SOC service, seeking to identify modern and emerging trends observed across industries and regions.

This report comes from a survey conducted by WSJ Intelligence and sponsored by Forcepoint. It explores the current state of cybersecurity as well as challenges that lie between current cybersecurity systems and risks going forward.

The inaugural report from AT&T Business. Leverages data from the AT&T network operations groups as well as outside research firms and network partners.

Year end report from AppRiver using telemetry from the AppRiver security products and events observed by the AppRiver Security Analysts.

A year in review report drawing on the events observed by AppRiver Security analysts and the telemetry from the AppRiver security platforms. Includes predictions for 2020.

The fifth edition of Edgescan’s vulnerability statistics report. Uses both scan data and survey data to report on vulnerability management, with a special focus on web application vulnerabilities.

The seventh annual survey from Sonatype covers the differences between mature and immature DevOps practices. Special focuses on developer satisfaction, security policy adherence, and security investments. Over 5,000 respondents in this year’s survey.

A survey of 166 US health information security professionals. Discusses the prevalence of significant security events (primarily e-mail based), positive advances in healthcare security, the threat of complacency when managing programs, and area where there are control gaps.

Using breach information from Advisen, this report seeks to fill in missing gaps in the loss frequency and impact side of quantitative risk analysis. Using real world reported data on publicly-discoverable breaches, commonly held myths of cost per record estimates are debunked and replacement hard statistics are given to replace incorrect estimates.

Using breach data from Advisen, this report defines ripple effects of breaches as the impacts on companies more than one degree of separation from the company directly affected by the breach. As vendor relationships are both broad and deep, a breach in any one company in a network can have distant effects on companies not directly related. The implications upon third party risk management are explored.

Using case data from IBM’s external incident response service involvement in cloud-related security incidents over 2019, this report covers threat actors, threat actions, common control weaknesses, and makes recommendations for increase cloud security postures. Additional data contributed by Intezer and DarkOwl.

The second annual application protection report (APR) from F5 Labs combines data from F5’s global customer base with network telemetry from Baffin Bay to catalog and analyze the major threats facing application security practitioners. Includes recommendations for appsec professionals.

This threat report covers traffic and attack trends, with industry and geographical breakdowns, for the first several months of 2020. A special focus on the use of cloud and SAAS providers supporting telework is included.

Each year, Check Point Research (CPR) reviews previous year cyber incidents to gather key insights about the global cyber threat landscape. In this 2020 Cyber Security Annual Report, the authors offer a review of 2019’s major cyber incidents, suggest predictions for 2020, and recommend best practices to help keep organizations safe from cyber attacks.

Insider threat continues to be a problem for organizations, regardless of size or industry. Companies are trying to mitigate this risk by continuously investing in tools, people, and processes. The Securonix Threat Research Team has analyzed hundreds of incidents across several industry verticals in order to understand the various behavior patterns that impose risk to organizations. In this report we take a closer look at such behaviors by examining reallife incidents across number of dimensions such as motive and type of risks against industry verticals.

Automation and integration is often hailed as a great enabler for the future. This survey identified how respondents are adopting systems, where their systems currently stand and what is on the planning horizon.

Verizon’s 2020 edition of the keystone DBIR. Covering breaches and attack trends across the previous year.

This report seeks to provide actionable insight and practical advice to help organizations increase talent-gap resilience and avoid being left behind as the industry evolves.

To protect the data we store on our devices and upload online, we first need to understand where the key risks may lie. This report reviews some of the main stories and tactics we have seen affecting data privacy over the past 12 months and provides advice on how individuals can keep control over their personal data at every turn.

A look at the unique threat and risk landscape of the manufacturing industry. Discussing the challenges brought about by Industry 4.0, and recommends measures and best practices for securely reaping the benefits of connected production. We also reiterate that securing the manufacturing industry requires regular risk assessments and a resilient cybersecurity framework that is able to detect, respond to, and protect against a variety of security holes.

This report goes in depth on Cybercrime in 2017.