This is Redspin’s 6th annual Breach Report: Protected Health Information (PHI). At the conclusion of each year, they analyze the complete statistical data set of large breaches that have been reported to HHS. In the report, they assess the overall effectiveness of the current policies and controls designed to safeguard PHI. In 2105, they identify significant trends and draw attention to the specific areas most in need of improvement. They then offer Redspin’s recommendations for preventive measures and corrective actions to address any critical gaps or weaknesses. Their goal is to help the healthcare industry continually improve its ability to protect patient information.

This report includes research on the evolving state of cloud security.

From the UK, this report was commissioned by the Department for Culture, Media and Sport (DCMS) and it details the findings from a quantitative and qualitative survey with UK businesses on cyber security.

This report focusses on the analysis of the cyber security posture of three industries: Finance and Insurance, Healthcare and Social Assistance, and Public Administration. The study looks into the number of event types by year from 2012 to 2016, the security ratings for cyber insurance by industry, and many other key data.

This whitepaper discusses the disconnects that have emerged between cybersecurity threats and organizations’ contermeasures.

This is a report based on a one man’s experience with IoT security.

This paper presents the Testimony of Lillian Ablon before the Committee on Financial Services Subcommittee on Terrorism and Illicit Finance United States House of Representatives on March 15, 2018

In this paper, they explore the underlying challenges with regard to Cyber Risk management and analyze the nature of increasingly stringent regulatory demands. Putting these pieces together, they frame five strategic moves which they believe will enable business needs, their fiduciary responsibilities with regard to Cyber Risk, and regulatory requirements.

This document enumerates and evaluates consensus data categories that enterprise risk owners and insurers could use to assess risks, identify effective controls, and improve cybersecurity culture and practice. It is the second in a series of white papers.

In this report, you’ll find a few highlights of what FortiGuard Labs analysts gleaned from Q1 intelligence collections. After that, they hope you’ll hang around while they dig deep into the threat landscape to unearth nuggets of insight you definitely won’t want to miss.

This report gives detailed ideas behind having the proper plans for how to deal with Cybersecurity breaches.

This report was based on 10 in-depth interviews and an additional online survey with 545 senior executives worldwide across multiple industries and geographies. The survey was fielded through July and August 2016. The scope of the research covers perceptions of and experiences with cyber and security risk.

This monthly threat report takes a look at the month of April 2018. Specifically it looks at Ransomware and Cryptojacking battling for top threat spot, Russia Nation-State targeting network infrastructure, and supply chain attacks.

This report takes a look back at the events of the last year and ponders what might occur in 2018.

This Health Care Cyber Research Report for 2017 shares very recent research on cyberattacker activity in 2017 and the virtual explosion in the reported use of ransomware in attacking health care institutions. 2017 has been a very challenging year for health care institutions. They remain under sustained attack by cyberattackers that continue to target their networks through the use of well understood vulnerabilities.

To better understand how security issues, such as privileged access management (PAM), affect the adoption of next-generation technologies, BeyondTrust – the leader in PAM – commissioned the 2018 Implications of Using Privileged Access Management to Enable Next-Generation Technology survey. The results are a wake-up call for anyone looking to leverage these next-generation technologies.

This report is based on the findings of a collaborative survey that was designed to gain insight into the current state and ongoing trends in information security and cyber liability risk management. The survey was completed at least in part by 448 respondants which included risk managers, insurance buyers, and other risk professionals.

Cisco provides a brief report that discusses intent based networking and the enterprise.

This blog post discusse the issues surrounding business data security, and provides some steps that can be taken to improve the situation.

From the report, “For our M-Trends® 2017 report, we took a look at the incidents we investigated last year and provided a global and regional (the Americas, Asia Pacific (APAC) and Europe, Middle East, Africa (EMEA)) analysis focused on attack trends and defensive and emerging trends. For the second consecutive year, we have included insights from our FireEye as a Service (FaaS) teams. FaaS monitors organizations 24/7, which gives them a unique perspective into the current threat landscape. Additionally, this year we partnered with law firm DLA Piper for a discussion of the upcoming changes in EMEA data protection laws.”

This blog post discusses the point that organizations need to assess cybersecurity as a business enabler, rather than a hindrance.