In June of 2018 Claroty asked the experts about the state of industrial cybersecurity. This paper discusses what they said.

The essays in this eBook provide a wealth of information and present an inside look at an aspect of cybersecurity that is still not well understood. I am certain that anyone responsible for critical industrial operations will benefit from the advice and experiences of those who have contributed to this eBook.

The Internet of Things: A New Era of Third Party Risk was sponsored by Shared Assessments and conducted by Ponemon Institute to understand organizations’ level of awareness and preparedness for the upcoming enterprise IoT wave. We hope the research findings will help organizations address the risks associated with the proliferation of IoT devices. We surveyed 553 individuals who have a role in the risk management process and are familiar with the use of IoT devices in their organizations.

Outsourcing is a fact of life for healthcare organizations, from routine functions such as food services and laundry to regulatory compliance and clinical activities. Large numbers of vendors must be properly managed in order to reduce clinical, financial and regulatory risk. This paper discusses how to reduce complexity in third-party vendor risk management, and how to turn uncertainty and confusion into efficiency and confidence.

This paper recognizes the growing evolution of compliance programs, and asks the question how can we use those events as a trigger for growth? They offer a few best practices that can help organizations make their compliance program an enabler for growth.

“The future of GRC will not just be about managing known risks or monitoring compliance. It will be about sustaining an organization’s social license to operate.”

This report reveals findings around the cybersecurity landscape. To inform this report they surveyed ,3,200 security leaders asking questions in three categories, Set Up - how do you set yourself up for success, Architecture - what is your approach to vender/solution selection, and finally Breach Readiness and Response.

From the report, “Let’s face it: senior leaders at organizations across the globe are already pressed for their time and attention. Today’s changing threat landscape requires executives and managers to fundamentally rethink their approach when it comes to addressing and mitigating cyber-risk. With the growth in cloud, mobile, and IoT, combined with employee and supply chain access to critical data and intellectual property, security and privacy awareness is now front and center for executives in the fight against cyberthreats. Yet finding the time for executives to effectively educate themselves in order to prevent cyberthreats continues to be a challenge. Take a look [in the report and discover] how executives and managers across various industries compared to the general population in terms of their knowledge of cybersecurity and data privacy best practices.”

In the last two years, businesses and governments have seen data breaches like Equifax and Marriott impact 100s of millions of accounts each, as well as critical intellectual property (IP) and core operations. A global survey of 600+ cybersecurity leaders and professionals by Ponemon Institute shows that 67% of organizations are not confident that they can avoid a data breach, and what the primary security and IT challenges that are causing this. The survey also provides fundamental recommendations that can reduce breach risk through innovating and improving a vulnerability management program.

Nominet commissioned Osterman Research to conduct a survey of 408 CISOs overseeing security for organisations with a mean average of 8,942 employees. This comprises 207 companies in the USA and 201 companies in the UK, spread across a range of sectors. The objective was to collect and analyse a large enough dataset to make valid conclusions into the opinions, behaviours and mindset of those making cyber security decisions at large organisations.

AlgoSec recently surveyed 450 C-level executives and senior security and network professionals to investigate the hybrid cloud security strategies of their organizations. The survey revealed that many organizations are embracing hybrid cloud as part of their enterprise infrastructure, and plan to increase their adoption of cloud platforms over the next three years. However, the majority of enterprises do have some serious security concerns and encounter significant challenges when managing security across hybrid environments, both during and after cloud migrations.

Retailers can’t get paid if their payment processing doesn’t work. And if a transaction proves fraudulent, a retailer not only loses the value of the sale and the merchandise, but also risks losing the loyalty of a customer who was billed incorrectly for the purchase. Here’s a look at the essential components of payment processing that every online retailer should consider—no matter their size— in order to provide both a positive customer experience and to successfully collect payment.

Abstract: Enterprises increasingly operate in a digitally interconnected world where third parties like suppliers, customers, channel partners, and others are often directly connected to their internal IT systems, and where their underlying IT infrastructure may be owned and managed by an outside organization. These business relationships can knowingly or unknowingly introduce different types of risks that need to be identified and managed as if these third parties were part of the enterprise itself. Recorded Future’s latest risk intelligence offering enables threat intelligence teams to better understand, monitor, and measure their real-time exposure to these third-party risks. Armed with this information, organizations can better assess and prioritize risk mitigation actions.

The Open Banking & API Report 2017 gives insight into the nascent landscape of Open Banking in Europe. Divided into two parts, it aims to give you both the basis of knowledge necessary to understand the latest developments on the topic, as well as practical examples and best practices in Open Banking. First, the report elaborates on the innovations in Open Banking and the issues that still stand in the way of universal adoption. Afterwards, we will dive into the best practices and new business models in both banking and fintech.

This very thorough report offers insight into how criminals take advantage of technology. It also reports on how breakthrough technologies can help financial institutions achieve better results with fewer staff.

Using an important analogy from Star Wars, this report provides insight into threat intelligence. May the Force Be With You.

This report posits the following, “When effectively harnessed, AI and ML can form the core of a dynamic predictive IT system, saving money, streamlining operations, and raising productivity as organizations become more adept at avoiding operational, and security issues that could affect their bottom line.”

This unique report offers insight into the world of hackers. It seeks to stand apart from other annuals and quarterlies by presenting information other reports are not discussing.

At Splunk, we’re working on shaping the future. Our experts are embracing new developments, focusing on the future of artificial intelligence (AI) and machine learning (ML), IT operations, security and IoT. Pulling together insights from our thousands of customers and our dedicated research teams, our experts have assembled a shortlist of the top predictions for 2019.

This report offers some brief but thorough information on issues related to the hiring, retention and education of cybersecurity talent.

From the report, “Demisto recently sponsored an independent, third-party survey conducted with security professionals around the world working for companies ranging from less than 500 employees to greater than 20,000 employees. More than 200 responses were analyzed. The purpose of the survey was to discover challenges faced by incident response teams and how they are addressing them (or not) currently. This is the first industry study to span and cover all aspects of incident response, including SOC location, training issues, tools utilization, and what metrics are being tracked.” Read on to find out more.