The biggest shift the IBM X-Force team observed in 2023 was a pronounced surge in cyberthreats targeting identities. Attackers have a historical inclination to choose the path of least resistance in pursuit of their objectives. In this era, the focus has shifted towards logging in rather than hacking in, highlighting the relative ease of acquiring credentials compared to exploiting vulnerabilities or executing phishing campaigns. Lack of identity protections was corroborated by IBM X-Force penetration testing data for 2023, which ranked identification and authentication failures as the second most common finding.

The Workplace Identity Security Trends and Challenges report investigates the identity security landscape and challenges facing organizations today. The research finds that many struggle to build an integrated and comprehensive identity security strategy, relying on disconnected tools and practices that create inefficiencies and leave organizations seriously vulnerable to attacks and breaches.

Our respondents were asked to open up about the challenges they’ve faced while securing their digital enterprises over the past year. We are at a critical juncture in digital transformation. The distributed workforce is now the norm, and companies must support remote productivity of which cloud will play a key role. This requires leaders to plan security for hybrid infrastructure – a distinct departure from the inherited on-premises strategies of most organizations. That’s why there is a lot to learn from this year’s temperature check on the industry.

This report aims, simply, to help you build a proactive defense that anticipates and thwarts tomorrow’s threats. So, for the second year running we rallied the community for the largest predictions survey the cybersecurity awareness community has seen. We’ve harnessed their expertise, experience, and frontline intel.

This report is broken into four different threat types: identity, cloud, computer-based, and phishing. Keep in mind, though, that these threats are tightly related. Compromise of user identities can occur through phishing and can impact an organization’s cloud assets and endpoints, or malicious activity on an endpoint may be indicative of an exploited vulnerability. We’ll highlight that interconnectivity throughout.

By leveraging its huge user dataset, Hornet security is uniquely positioned to conduct a detailed examination of email-based threats and distill this into important insights for IT security professionals. Email continues to be an essential communication channel. However, in our analysis of more than 45 billion emails, 36.4% are categorized as “unwanted.” 96.4% of unwanted emails are spam or rejected outright due to external indicators, and just over 3.6% were flagged as malicious.

The Cyber Security Report (formerly Cyber Threat Report) is an annual analysis of the current cyber threat landscape based on real-world data collected and studied by Hornet security’s dedicated Security Lab team. Hornet security processes more than two billion emails every month. By analyzing the threats identified in these communications, combined with a detailed knowledge of the wider threat landscape, the Security Lab reveals major trends and can make informed projections for the future of Microsoft 365 security threats, enabling businesses to act accordingly. Those findings and data are contained within this report.

The Hiscox Cyber Readiness Report 2021 reveals that US firms are a global leader in cyber readiness, with more classified as ’cyber experts,’ (25%) compared to other countries. But there is still work to be done when it when it comes to dealing with ransomware and phishing emails, as US businesses are the most likely to pay a ransom. In this year’s report, we saw a disparity when it came to the level of cyber expertise US businesses have versus the actions they take when an attack actually occurs.

In this report, CybSafe and The National Security Alliance surveyed over 6,000 people across the United States, Canada, the United Kingdom, Germany, France, and New Zealand to get a better understanding of the security behaviors and attitudes. They asked the people about their knowledge of cybersecurity risks, their security best practices, and challenges they face in staying safe online. Cybercriminals know if they want to target an organization, they need to target its people. They believe this report will help organizations to better protect themselves and their people.

The report presents the findings of the analysis of statistical data obtained using the Kaspersky Security Network (KSN) distributed antivirus network. The data was received from those KSN users who gave their voluntary consent to have data anonymously transferred from their computers and processed for the purpose described in the KSN Agreement for the Kaspersky product installed on their computer.

This is the third edition of ThreatQuotient’s annual survey of senior cybersecurity professionals, exploring the topic of cybersecurity automation adoption. Read this report to understand how CISOs and senior cybersecurity professionals are handling the incorporation of cybersecurity automation into their strategies to protect the complex, extended enterprise – and their analyst teams – from the pressures of escalating cyber threats.

The purpose of this report is to assess and summarize the current threat landscape facing organizations as a result of the digital identities that they issue to legitimate users. We called this report “The Unpatchables” because digital identities represent a source of technical risk that is impossible to completely mitigate even in theory.

In this study on general phishing awareness, over 9,000 simulated phishing emails were sent to users who signed up in 2022. Participants were sent three simulated attacks over the course of a week- all classified as moderate in terms of complexity. The users had to identify these emails. If they clicked, they were forwarded to contextual learning resources.

The 2023 OpenText Cybersecurity Threat Report is based on data continuously and automatically captured by the BrightCloud Platform — the proprietary machine learning based architecture that powers all of our Webroot protection and BrightCloud services. This data comes from over 95 million real-world endpoints and sensors, specialized third party databases, and intelligence from end users protected by our technology partners. In this report, we’ll break down a broad range of threat activity, offer insights into the trends we’ve observed, discuss wide reaching impacts for industries, geographies, companies, and individuals, and reveal what our threat experts expect to see in the coming year.

With security threats putting everything from personal information to critical infrastructure at risk, and with the incidence of ransomware attacks and other data breaches increasing, the 2023 RSA ID IQ Report provides cybersecurity professionals with insights into users’ understanding and behavior. By reviewing users’ answers on the identity components needed to develop a zero trust framework, multi-factor authentication, the vulnerability of mobile devices, and other cybersecurity threats, leaders can prioritize actions and implement best practices to keep their organizations secure.

In this report, we dive into measuring engagement, along with the most popular content types, and a roundup of the events that resonated most with audiences, offering key marketing takeaways on everything from intent topics to what has generated the most engagement through Q3 2022. We have also highlighted the brands generating the most engagement from their content marketing efforts. And we factor in how newsworthy cybersecurity events impact audience engagement, and content preferences.

This paper aims to provide a high-level overview of the implications of ChatGPT in the cybersecurity industry, without delving into the granular details of artificial intelligence. We will explore the key concepts and domains that are crucial for understanding ChatGPT’s capabilities, as well as the potential impact on businesses.

This report features some of the most compelling data from our survey and gives actionable insights to leaders hoping to accelerate progress and enhance the employee experience in the Everywhere Workplace.

CISOs are facing increased challenges in an escalating threat landscape, with email as the primary target for attacks. This white paper breaks down the requirements for modern email security in protecting organizations from advanced and novel threats – moving from historically-trained tools to a behavioral, AI-driven approach.

There is a new security reality facing mid-sized business leaders and security professionals today. In this guide, you’ll find answers to these challenges and how an MDR solution can help you efficiently maximize security investments and effectively manage security risks to your business.

Attackers persistently adapted their email-based techniques throughout 2022, cycling through new and old tactics in the hopes of evading human and cyber security measures.