We annually gather and analyze raw data from hundreds of IT and industrial control systems (ICS) security practitioners across a variety of industries, people whose work places them in positions of responsibility to identify risks and safeguard control systems and networks from malicious and accidental actions. It is our mission to turn these inputs into actionable intelligence that can be used to support new developments and address ongoing trends in the field, to inform the crucial business decisions that determine allocation of resources, prioritization of protective measures on critical assets and systems, and planning of new initiatives.

In early 2017, SolarWinds MSP investigated the cybersecurity preparedness, experiences, and failings of 400 SMBs and enterprises, split equally across the UK and the US. While 87% of organizations have complete trust in their security techniques and technology—and 59% believe they are less vulnerable than they were 12 months previously—71% of those same organizations have been breached in the past 12 months. The belief that “it will never happen to us” simply doesn’t hold true.

The survey results and relevant observations are as follows: The inner workings of this underground economy havecome to play an influential role in many of the cyberand physical risks facing organizations today. Toenhance the context within which these illicit goodsand services are obtained, abused, and ultimatelycontribute to such risks, Flashpoint analysts conducteda survey of the prices for various offerings listed forsale across the Deep & Dark Web. While analysts’findings should be interpreted as case studies andgeneral observations rather than precise statistics, thisreport can and should serve to inform the security andrisk strategies of organizations across all sectors.

This guide was constructed with insight from a global panel of Malwarebytes experts and external experts from a variety of disciplines. It also features a brief review of cybercrime history, the emergence of new participants and the impact on businesses and individuals.

Using survey data from 2,500 security professionals who indicated they have some measure of privacy responsibilities, this report provides analysis on the ROI for privacy efforts, maturity of privacy programs, vendor selection, and other topics.

Ponemon Institute is pleased to present the findings of the second study on vulnerabilityand patch management. As shown inthis research, the severity and volume ofcyberattacks is increasing. However, mostorganizations are not comparably enhancingtheir abilities to prevent hackers fromexploiting attack vectors. In fact, it’s takinglonger to detect and longer to patch criticalvulnerabilities than last year. The cost andconsequences of this failure are myriad.

This year’s Internet Crime Report highlights the IC3’s efforts to monitor trending scams such as Business Email Compromise (BEC), Ransomware, Elder Fraud, and Tech Support Fraud. As the report indicates, in 2019, IC3 received a total of 467,361 complaints with reported losses exceeding $3.5 billion. The most prevalent crime types reported were Phishing/Vishing/Smishing/Pharming, Non-Payment/Non-Delivery, Extortion, and Personal Data Breach. The top three crime types with the highest reported losses were BEC, Confidence/Romance Fraud, and Spoofing. More details on each of these scams can be found in this report.

The Worldwide Security Spending Guide examines the security opportunity from a technology, industry, company size, and geography perspective. This comprehensive database delivered via IDC’s Customer Insights query tool allows the user to easily extract meaningful information about the security technology market by viewing data trends and relationships and making data comparisons.

X-Force Incident Response and Intelligence Services (IRIS) compiled IBM Security software and security services analyses from the past year, which show that 2019 was a year of reemerging old threats being used in new ways.

A long form narrative on several threat trends seen in recent months.

2020 edition of the Unit 42 Cloud Threat Report, ourteam of elite cloud threat researchers focused theirattention on the practices of DevOps. The research aimedto uncover where cloud vulnerabilities are surfacing.DevOps teams are shortening the time to productionusing infrastructure as code (IaC) templates. But the IaCtemplates themselves are not the issue. It’s the flawedprocess by which they are being created.

A survey-based report with findings in four major areas: current security posture, perceptions and concerns, current and future investments, and practices and strategies.

In this special CTNT report on healthcare, wefocus on the top threat categories and familiesthat plagued the medical industry over the lastyear, as well as the most common attack methodsused by cybercriminals to penetrate healthcaredefenses. In addition, we highlight the securitychallenges inherent to organizations, from smallprivate practices to enterprise health maintenanceorganizations (HMOs), as well as the reasons whyhackers look to infiltrate their defenses. Finally,we look ahead to future biotech innovations andthe need to consider security in their design andimplementation.

This is a study on third party risk from Gartner. It covers how third party risks are changing, how companies are managing third party risks, and taking an iterative approach to third party risks.

This is a survey conducted by Cisco, mainly talking about their findings that people care about privacy, and a surprisingly large number have already taken actions to protect it.

The 2020 Insider Threat Report reveals the latest trends and challenges facing organizations, how IT and security professionals are dealing with risky insiders, and how organizations are preparing to better protect their critical data and IT infrastructure.

The Herjavec Group goes over changes to Cybersecurity in 2019, looking at the cyber attack surface, cybersecurity spending, and ransomware rising.

This report outlines the state of open source security, including open source adoption, known vulnerabilities, and vulnerability identification.

This report goes in-depth into trends in healthcare data security, surveying 26,000 companies and analyzing terabytes of information.

This global survey was carried out during the third quarter of 2019. 271 brokers and 96 underwriters – all involved in cyber insurance - shared with us their observations and views of the cyber insurance marketplace

The 2019 Data Exposure Report is based on our survey of 1,028 information security leaders, as well as 615 business decision-makers, all with budgetary decision-making power. The report examines the role of employee actions in causing insider threat, organizational attitudes toward intellectual property and the ability of legacy data loss prevention technologies to stem insider threats.