BlueVoyant performed a cyber posture analysis of the vendors in the media industry sector. The approach was to identify and analyze the most prevalent vendors in the industry, as well as look at the extended vendor ecosystem for comparison, to gain a deep understanding of the issues the industry is facing. (more available)

Now in its seventh year, Sonatype’s 2021 State of the Software Supply Chain Report blends a broad set of public and proprietary data to reveal important findings about open source and its increasingly important role in digital innovation. (more available)

The goal of the study was to provide a state-of-the-market on third-party risk with actionable recommendations that organizations can take to grow and mature their programs across every stage of the third-party risk lifecycle. (more available)

A survey of 200 global security professionals as to their opinions, responses, and outlook of the Solarwinds software chain compromise.

An annual survey on the challenges and response to those challenges of cybersecurity in the Industrial Control Systems (ICS) space.

This study provides new insights into the state of cybersecurity skills and resources across the globe.

A survey of over 1,500 CIOs, CISO, and Chief Procurement Officers on their concerns and actions for supply chain management. This is a US specific version of the main report. (more available)

A survey of over 1,500 CIOs, CISO, and Chief Procurement Officers on their concerns and actions for supply chain management.

Now in its sixth year, Sonatype’s State of the Software Supply Chain Report continues to examine measurable practices of secure open source software development and delivery. (more available)

Using telephone survey of UK business and thirty in-depth interviews, this report reviews awareness and approaches to cyber security in the UK as well as the nature and impact of breaches by firm size and sector. (more available)

A survey of 400 public sector IT decision makers and influencers to determine challenges faced by public sector IT professionals, security threats, and cybersecurity capabilities. (more available)

Uses survey-based polling to identify common challenges organizations face in managing third part risk management (TPRM) programs. Also provides analysis on some possible ways of addressing these concerns. (more available)

This document is the product of a flash survey, an unscheduled, event-driven survey with a fast turnaround to cover a rapidly evolving situation relevant to tech markets. (more available)

The insights presented in this report will help guide your supply chainmonitoring and risk mitigation strategy, enable better informed decision-making processes, and aid the formulationof responses that create more resilient and sustainablebusiness operations. (more available)

For the fourth time, White Ops and the ANA have partnered to measure bot fraud in the digital advertising ecosystem. Previous studies measured bot fraud in the digital advertising ecosystem in August/September 2014, August/September 2015, and November/December 2016. (more available)

This is a study on third party risk from Gartner. It covers how third party risks are changing, how companies are managing third party risks, and taking an iterative approach to third party risks. (more available)

Bomgar outlines how to defend against security threats, showing two distinct groups of threats, prevention techniques, etc.

This paper discusses all of the consequences for GDPR non-compliance.

This report provides exactly what its title offers, 10 predictions for developers in 2019.

Outsourcing is a fact of life for healthcare organizations, from routine functions such as food services and laundry to regulatory compliance and clinical activities. (more available)

State of Cybersecurity 2019 reports the results of the annual ISACA global State of Cybersecurity Survey, conducted in November 2018. While some findings pointed to unforeseen trends, many survey results reinforce previous years’ findings—specifically that the need for trained and experienced cybersecurity professionals vastly outweighs the supply. (more available)