The goal of this project was to develop an initial framework for cybersecurity that considers the roles of government, industry, advo- cacy organizations, and academic institutions and how these stake- holders’ concerns relate to each other.

This paper lays out the appropriate steps companies should take to protect their business from cyber attacks and ransomware.

In this report, they describe FIN10’s activities and tactics, techniques and procedures (TTPs), and provide a glimpse into how they execute their operations.

Druva conducted its annual ransomware survey to better understand what impact ransomware has had on organizations, how they have responded to breaches, and what their outlook is regarding the future of these types of malware attacks.

This survey was created to act as a barometer to measure the involvement of public company directors in cyber-risk management.

This report is based on the results of an independent survey conducted by market research specialist Vanson Bourne.

This report takes a look at retail security. It discusses the challenges, and options available to help solve some of the problems involved in defending retail markets.

The report describes consumers’ account security practices, their exposure to security incidents and their expectations for companies to protect their mobile and online accounts. Data are drawn from an online survey of 1,300 adults conducted in September 2016.

This report provides detailed information about Iranian Threat, Extended Supply Chain Threats, Critical Infrastructure, Advanced Persistent Threats, Miner Malware, and Ransomware.

This is a report based on a collaborative survey. Taken as a whole, there continues to be low hanging vulnerabilities which are not addressed in the middle market space. This survey is meant to highlight some of these vulnerabilities and provide risk professionals with a tool to help mitigate both privacy and security risk.

This paper discusses the new threat vector that has been created by bringing an enterprise into the mobile age.

Researchers built a number of scanning devices using Raspberry Pi minicomputers and, by taking them out to athletic events and busy public spaces, found that tracking of individuals was possible.

The series will show you how to take practical steps to aid your organization in meeting GDPR requirements for protecting personal data.

This monthly threat report takes a look at the month of September 2017. More specifically, it takes a look at VULNS, Apache Exploits, and the Equifax breach.

This paper discusses some API’s and how you can protect them from an attack.

This IDC perspective proposes that corporations should reconsider how they think about data in order to improve how it can be secured.

This initial paper explores how digital organizations are leveraging new technology safeguards to build a cybersecurity and privacy program that jumpstarts success—and creates a truly differentiating business capability.

This newly released SANS survey suggests the need to broaden the definition of endpoint to include the user. The two most common forms of attacks reported are browser-based attacks and social engineering, both of which are directed at users, not technology. Download this survey report to learn other key issues surrounding endpoint protection.

While a data loss incident can be a disaster for an organization’s reputation, there is now a new imperative around inbound information as well. Unwanted data acquisition can create problems just as much as data leaving the organization. There are a couple of scenarios which should be considered. Read this paper to know more.

This report provides a walkthrough of creating an Incident Response Plan.

This is a Quarterly Report that looks at Cyber security issues in New Zealand and around the world.