In this edition of Risk and Regulatory Outlook a Deloitte subject matter expert outlines the situation, specifies existing or prescient change, and suggests practical steps in each of the nine key areas of regulatory change we focus on.

This paper is the presentation of data found through a survey administered in November and December of 2015.

This paper takes a good look at the new era that is being ushered in by the Internet Of Things. It discusses the “perfect storm” that is being created by the issues and innovations ahead.

This eBook provides information based on a 2017 survey that reveals the power of identity governance and privileged access security.

Before slowing down development and causing customers to revolt, security and risk pros should read this report to understand the current state of application security and how emerging techniques support the speed your business needs.

This Threat report details some early 2018 threats like cryoticurrency mining, hardware vulns, and government sponsored cyber threats.

“2017 was a huge year for mobile security. Malicious actors returned with a vengeance and cyber attacks grew rapidly in sophistication. Ransomware outbreaks like WannaCry and Petya hit enterprises globally causing unparalleled disruption, new vulnerabilities like BlueBorne were discovered and malware variants grew more aggressive and prevalent by the day. This report will summarise the key mobile security trends that emerged in 2017, and summarise thoughts for the mobile threat landscape for the year ahead.”

As the threatscape continues to evolve rapidly in both sophistication and scale, the need to protect organizations’ intellectual property, operations, brand and shareholder value, in addition to their customers’ data, is ever more critical. But how do organizations build controls for the security risks they don’t even know about yet?

Overpowering today’s attackers and responding to threats requires EDR plus NGAV. The bad guys treat all of an organization’s machines as possible entry points. EDR plus NGAV takes this concept and uses it to the defender’s advantage by using all of a company’s endpoints for protection.

This report is based on a security audit of the opening ceremony of ZCash.

This year’s CrowdStrike Intelligence Global Threat Report contains a wealth of intelligence regarding adversary behavior, capabilities, and intentions. More importantly, it ties it back to the events that influenced those activities. By understanding the events that shape the beliefs and motivations of threat actors—regardless if they are criminal, nation-state, or hacktivist—it is possible to comprehend what drove the adversaries to behave as they did, and perhaps to understand what this will mean for the future.

Subtitled “Insight for helping businesses manage risk through payment security”

This global study examines 383 companies in 12 countries. It finds that $4 million is the average total cost of a data breach. It sees a 29% increase in total costs of data breaches since 2013. It finds that $158 is the average cost per lost or stolen record. Finally, there has been a 15% increase in per capita cost since 2013.

This paper is an Analysis of cyber attack and incident data from IBM’s worldwide security services operations.

This report deals with predicting the cyber threat landscape for 2016 through 2020. It does this by looking back 5 years, and analyzing the past, and also talking to folks who make predictions for the 5 years in the future.

This is an annual report that discusses the latest malware and hacking trends in compromised websites.

This report reviews the cyber security threats that occurred in the first half of 2017.

Offering insight into a variety of issues related to cloud security, this report discusses several key issues, including, the biggest threats to cloud security, legacy security tools that do not work in the cloud, and the growth of cloud security budgets.

This report takes a look at 5 key trends that are shaping IT security practices, with findings that provide insight into customer challenges, threat actor behavior, and the global threat landscape.

Subtitled, “Threat Intelligence, Industry Analysis, and Cybersecurity Guidance, for the Global Cyber Arms Race,” this report seeks to fully disclose the research done by the authors, in order to aid all of those involved in the cybersecurity realm.

DevOps and security leaders recognize that DevOps requires a fresh approach to security that mitigates risk and uncertainty without impairing velocity. This e-book presents six guiding principles for enabling DevOps security at scale.