Common Vulnerabilities and Exposures (aka CVEs) in containers, at least according to the interviews conducted for this study, are a pain (in the vuln). Chainguard conducted ten interviews with software professionals at a range of companies that build or operate containers. The interview questions dealt with the processes and workflows that these professionals use to identify, triage, and remediate CVEs in containers. Many of the questions either involved a request for a time estimate of each step of the process or probed the “why” behind the process or workflow.

Connectivity is continuing to transform the Automotive and Smart Mobility ecosystem, increasing cybersecurity risks as more functionality is exposed. 2023 marked the beginning of a new era in automotive cybersecurity. Each attack carries greater significance today, and may have global financial and operational repercussions for various stakeholders. Upstream’s 2024 Global Annual Cybersecurity Report examines how cybersecurity risks have evolved from experimental hacks into large-scale risks, focusing on safety and trust, operational availability, data privacy, and financial implications.

In this year’s survey, they revisited questions around how organizations are developing effective third-party cyber risk management (C-TPRM) programs with robust technology and services and determining how to best collaborate with third parties on their shared security posture. They also asked some new questions related to how organizations refine their risk management approaches over time. To assure an accurate reflection of industry trends and observations, BlueVoyant commissioned its fourth annual survey undertaken by independent research organization, Opinion Matters, in October 2023. A total of 2,100 respondents represent a variety of executive roles within their organizations, but are all responsible for managing supply chain and cyber risk.

The annual Cybersecurity considerations report identifies eight considerations that CISOs should prioritize in the year ahead as they seek to accelerate recovery times, reduce the impact of incidents on employees, customers and partners and aim to ensure their security plans enable — rather than expose — the business. The report also explores the key actions CISOs should take to meet the challenges ahead and to help ensure security is the organization’s golden thread, woven into the business across the board — providing the basis for trust.

The report provides an overview of the current supply chain cybersecurity practices followed by essential and important entities in the EU, based on the results of a 2022 ENISA study which focused on investments of cybersecurity budgets among organizations in the EU. The report also gathers good practices on supply chain cybersecurity derived from European and international standards. It focuses primarily on the supply chains of ICT or OT.

In this eBook, we will discuss the challenges of securing today’s rail networks in the face of increasingly frequent and severe cyber threats, the impact of intensifying regulatory requirements and the potential damage that malicious actors could leave behind. Finally, we will explore the most critical things to look for in a security solution for rail transportation networks.

Our CEO Report on Cyber Resilience draws on 37 interviews with CEOs of large global enterprises. It explores the role chief executives need to play in successfully managing cybersecurity risks. Our interviews with CEOs reveal that this shift to thinking about cyber resilience requires fundamental changes in approach: how they think about cybersecurity (their mindsets) and how they act (their playbooks).

Hyperproof conducts an annual survey to uncover the top challenges IT compliance professionals face and what issues they are focused on in the coming year. We’ve asked over 1,000 survey respondents about their pain points, IT risk and compliance budgets, staffing, risk management best practices, and much more to provide an in-depth view of the market’s current state and what to prepare for this year.

As digital transformation and workload migration continue at a higher pace than ever, cloud technologies are also rapidly growing in importance. Executive teams are focused on modernisation to meet the new expectations of users and customers while also being positioned to take advantage of new commercial opportunities. Now is the time to ensure your ITAM is well aligned to help these initiatives succeed.

Everstream’s proprietary risk scoring model incorporates historic, present, and future risk across more than 20 major categories. Using human and artificial intelligence, we predict overall risk exposure, probability, severity, and relevance for our individual clients and end users. Every day Everstream identifies relevant events that help our clients avoid disruption, including these from 2022.

By the end of 2022, 5G subscriptions are expected to reach 1 billion, and more smart 5G devices with additional capabilities are expected in the market during 2023. Our outlook for 2028 is that 5G subscriptions will pass 5 billion and Fixed Wireless Access (FWA) connections will reach 200 million, where 5G will account for almost 80 percent of FWA connections.

RiskRecon studied 1,000 publicly reported destructive ransomware events that occurred between January 2016 and November 2022. These publicly reported events were identifies through internet keyword searches, monitoring of event disclosure sites, dark web sites, and 8K SEC filings. Events in which the impact was limited to data theft were excluded.

The global energy sector is facing a time of uncertainly due to a confluence of geopolitical, economic, and environmental factors. In tandem, the cyber threat landscape is growing increasingly complex, further complicating the picture for global energy suppliers. While governments and regulatory bodies urge the critical infrastructure sector to double down on cyber defense.

As a leader in automotive cybersecurity and automotive cyber threat intelligence, Upstream Security continually monitors and analyzes worldwide cyber incidents to protect the automotive ecosystem from cyber threats and misuse. This report was created by analyzing 633 publicly reported incidents since 2010, 207 of them in 2020 as of November 25, 2020.

This report was created by analyzing 900+ publicly reported incidents that occurred since 2010, with an increase of more than 225% in the number of incidents taking place in 2021 alone, when compared to 2018. Our researchers have carefully categorized the data we have collected, analyzing each incident’s attack methods, attack vectors, impact, target industries, and many other aspects.

This report marks Upstream’s fifth annual report, uncovering the expanding and emerging automotive cybersecurity risks, and how they impact the entire smart mobility ecosystem.

We identified 50 of the largest multi-party cyber incidents over the past several years in an effort to understand their causes and consequences from beginning to end. Tsunami draws from the same rigorous methodology in the rest of the IRIS series. We started with a huge dataset of cyber loss events, identified those that involved multiple organizations, and then researched each event to understand who was behind it, what happened, how the after effects propagated through the supply chain, and the financial losses for all parties involved.

In this years report, we’ll focus attention on how organizations are moving past problem identification and mitigating cyber risk challenges within supply chain vendors. We’ll also explore the challenges identified by this year’s respondents in establishing internal and third-party sourced functions and technologies for supply chain risk mitigation.

In our report, we investigate the cyberthreats that have been launched on the automotive industry in 2021 and 2022. We dig into the most prominent attacks, point out high-risk areas that could be targeted in the future, and give our security recommendations and predictions for 2023.

BlueVoyant performed a cyber posture analysis of the vendors in the media industry sector. The approach was to identify and analyze the most prevalent vendors in the industry, as well as look at the extended vendor ecosystem for comparison, to gain a deep understanding of the issues the industry is facing. A total of 485 vendors were assessed.

Now in its seventh year, Sonatype’s 2021 State of the Software Supply Chain Report blends a broad set of public and proprietary data to reveal important findings about open source and its increasingly important role in digital innovation.