This annual report outlines expected cybersecurity trends for the coming year.

This report aims to reveal top trends that will shape the cybersecurity industry in 2020.

The 2020 update of this survey-based review of the costs of a data breach, as reported by practitioners in the field.

This report focuses on an analysis of security controls effectiveness across the multiple stages of attack lifecycles within 11 global industries. To gather data, our experts executed thousands of tests comprised of real attacks, specific malicious behaviors, and actor-attributed techniques and tactics. The report data provides measured evidence of leading enterprise production environments across network, email, endpoint and cloud-based security controls.

This report goes into the general state of cyber resilience. At a glance, Innovation investment is growing, Cybersecurity basics are better, and leading organizations are getting better at preventing and fixing breaches.

After the CARES act was passed in March of 2020, fraudsters worked towards making money off of it. This report seeks to understand all of the components of fraud happening on the dark web in relation to the CARES act.

A review of 63 events where Kivu participated in payouts of ransomware events on behalf of clients engaged via a post-incident response. Provides firmographic breakdown of ransomware payouts.

A review of doxxing related ransomware cases handled by Kivu Consulting in a post-breach role. Explores firmographics of the organizations involved in various variants of ransomware families.

An annual report using Carbon Black’s data sets of the Carbon Black Cloud customer footprint, Carbon Black User Exchange, public samples, Carbon Black Endpoint Standard data, and internal sources. Leverages the ATT&CK framework to determine common tools-techniques-processess (TTPs).

A survey of over 3,500 IT managers with data and workloads in the public cloud.

The Threat Intelligence Executive Report by Secureworks analyzes security threats and helps organizations protect their systems. During March and April of 2020, Secureworks noticed 3 developments in threat intelligence: Multiple threat actors leverage COVID-19, Remote access security is essential in the current working environment, and big breaches begin with small intrusions.

The Threat Intelligence Executive Report by Secureworks analyzes security threats and aims to help organizations protect their systems. In the first two months of 2020, they identified 3 main trends: Lesser-known government-sponsored threat groups putting data at risk, Citrix vulnerability disclosure causing spikes in incidents, and ransomware operators leveraging risk of GDPR fines as a threat.

The Threat Intelligence Executive Report by Secureworks is a report designed to analyze security threats and help organizations protect their systems. In this report, they look into Iranian espionage operations in 2020, Customized Magecart attacks, and China based threat groups targeting NGOs and Asian government networks.

A survey of stakeholders in operational technology (OT) environments across four industries: manufacturing, energy and utilities, healthcare, and transportation.

A deep dive into the state of deploying the latest TLS version (v1.2) and the use of this signal for correlating with broader public-facing risk surfaces and characteristics of firms.

Drawn on over 1,000 incidents that The Crypsis Group responded to in 2019, this report looks for trends in industry and attack patterns for the past year. Primary focus areas for the report are ransomware, business email compromise (BEC), and data breaches. Also includes suggestions on defensive measures where appropriate.

This report by Akamai, sought to find out how much consumers trust companies. The study found that American consumers are very forgiving with companies that have access to their personal information.

This report sought to understand the health and security of Free and Open Source Software (FOSS) as it is today. It identifies the most commonly used free and open source software components in production applications, and examines them for potential vulnerabilities.

The annual report from Snyk on the state of open source software from a security perspective. Includes survey data from 500+ developers, internal Snyk vulnerability data from the projects monitored by Snyk, and additional aggregated source code repository data.

The fourth annual report from Hiscox. This survey based report collected responses from IT managers, executives, and other professionals across multiple sectors and countries. Focuses on assessing the cyber readiness of firms, budget spend, and losses experienced.

A review of cybersecurity breach trends affecting public companies from 2011 through 2019. Use the breach database compiled and maintained by Audit Analytics.