RiskRecon studied 1,000 publicly reported destructive ransomware events that occurred between January 2016 and November 2022. These publicly reported events were identifies through internet keyword searches, monitoring of event disclosure sites, dark web sites, and 8K SEC filings. (more available)

The global energy sector is facing a time of uncertainly due to a confluence of geopolitical, economic, and environmental factors. In tandem, the cyber threat landscape is growing increasingly complex, further complicating the picture for global energy suppliers. (more available)

As a leader in automotive cybersecurity and automotive cyber threat intelligence, Upstream Security continually monitors and analyzes worldwide cyber incidents to protect the automotive ecosystem from cyber threats and misuse. (more available)

This report was created by analyzing 900+ publicly reported incidents that occurred since 2010, with an increase of more than 225% in the number of incidents taking place in 2021 alone, when compared to 2018. (more available)

This report marks Upstream’s fifth annual report, uncovering the expanding and emerging automotive cybersecurity risks, and how they impact the entire smart mobility ecosystem. (more available)

We identified 50 of the largest multi-party cyber incidents over the past several years in an effort to understand their causes and consequences from beginning to end. (more available)

In this years report, we’ll focus attention on how organizations are moving past problem identification and mitigating cyber risk challenges within supply chain vendors. (more available)

In our report, we investigate the cyberthreats that have been launched on the automotive industry in 2021 and 2022. We dig into the most prominent attacks, point out high-risk areas that could be targeted in the future, and give our security recommendations and predictions for 2023. (more available)

BlueVoyant performed a cyber posture analysis of the vendors in the media industry sector. The approach was to identify and analyze the most prevalent vendors in the industry, as well as look at the extended vendor ecosystem for comparison, to gain a deep understanding of the issues the industry is facing. (more available)

Now in its seventh year, Sonatype’s 2021 State of the Software Supply Chain Report blends a broad set of public and proprietary data to reveal important findings about open source and its increasingly important role in digital innovation. (more available)

The goal of the study was to provide a state-of-the-market on third-party risk with actionable recommendations that organizations can take to grow and mature their programs across every stage of the third-party risk lifecycle. (more available)

A survey of 200 global security professionals as to their opinions, responses, and outlook of the Solarwinds software chain compromise.

An annual survey on the challenges and response to those challenges of cybersecurity in the Industrial Control Systems (ICS) space.

This study provides new insights into the state of cybersecurity skills and resources across the globe.

A survey of over 1,500 CIOs, CISO, and Chief Procurement Officers on their concerns and actions for supply chain management. This is a US specific version of the main report. (more available)

A survey of over 1,500 CIOs, CISO, and Chief Procurement Officers on their concerns and actions for supply chain management.

Now in its sixth year, Sonatype’s State of the Software Supply Chain Report continues to examine measurable practices of secure open source software development and delivery. (more available)

Using telephone survey of UK business and thirty in-depth interviews, this report reviews awareness and approaches to cyber security in the UK as well as the nature and impact of breaches by firm size and sector. (more available)

A survey of 400 public sector IT decision makers and influencers to determine challenges faced by public sector IT professionals, security threats, and cybersecurity capabilities. (more available)

Uses survey-based polling to identify common challenges organizations face in managing third part risk management (TPRM) programs. Also provides analysis on some possible ways of addressing these concerns. (more available)

This document is the product of a flash survey, an unscheduled, event-driven survey with a fast turnaround to cover a rapidly evolving situation relevant to tech markets. (more available)