This paper is the result of detailed research into classic and unique ransomware families. Its purpose is to provide a solid foundation for developing protective measures in your organization. Reading this paper offers a thorough understanding of the different types of ransomware, how it can be created and the course of itsevolution,especiallyasitexpandsintonewterritories such as mobile devices and IoT.

From the report, “Risk and Responsibility in a Hyperconnected World, a joint effort between the World Economic Forum and McKinsey & Company, assesses the necessary action areas, and examines the impact of cyberattacks and response readiness. The report sets these against three alternative scenarios in which economic value from technological innovations is realized or lost depending on models of cyber resilience. It draws on knowledge and opinions derived from a series of interviews, workshops and dialogues with global executives and thought leaders to estimate the potential value to be created through 2020 by technological innovations. It examines the value that could be put at risk if the adoption of such innovations is delayed because more frequent, intense cyberattacks are not met with more robust cyber resilience. Finally, the report draws conclusions from the analysis and research, and offers a 14-point roadmap for collaboration.”

This BitSight Insights report, Risk Degrees of Separation: The Impact of Fourth Party Networks on Organizations, focuses on aggregate risk and the issue of single points of failure. Insurance companies tackle this risk by monitoring whether a common set of threats impact their entire portfolio of insureds. However, without visibility into cyber risk aggregation, an insurance company could be jeopardized if there is a breach or any type of network disruption that affects a majority of their insureds.

This report from November 2016 takes a look at 6 different types of threat events and discusses the insights gleaned from research about those events.

This report examines the weaknesses in Apple products and the growing trend of attacks on the Apple system.

This paper offers some solutions to the best practices for securing Amazon Web Services.

This is the transcript from Amit Yoran’s presentation at the 2016 RSA Conference.

In this, the eighth volume of this report, they present metrics that are based on real application risk postures, drawn from code-level analysis of nearly 250 billion lines of code across 400,000 assessmnets performed over a period of 12 months between April 1, 2016 and March 31, 2017.

Following the Equifax hack, this document is a guide to help your organization protect their Open-Source information.

In this ebook, FireEye explains why senior executives must be more proactive about cyber security — before, during and after an event — and how they can help create and maintain a strong security posture.

This is the final report of a study commissioned by the UK Ministry of Defence (MOD) through the Defence Human Capability Science and Technology Centre (DHCSTC) framework. The study was conducted over a period of six weeks and examines the academic debate pertaining to the moral landscape of conflict that spans different military domains (air, maritime, land, space, cyber). The investigation which is the subject of this report was commissioned by the Programme and Delivery Directorate of the Defence Science and Technology Laboratory (Dstl).

During the summer of 2017, a study was done on the security issues related to the TUF framework.

This ia a threat advisory for Lycos Mail

This is a quarterly report that looks at the current cubery security threats from each quarter.

The Proofpoint Threat Report explores threats, trends, and transformations that they see within their customer base and in the wider security marketplace.

This case study attempts to connect all the dots when it comes to security analysis by using nine anecdotes cited in the top threat’s for its foundation. Each of the nine examples are presented in the form of (1) a reference chart and (2) a detailed narrative. The reference chart’s format provides an attack-style synopsis of the actor, spanning from threats and vulnerabilities to end controls and mitigations. They encourage architects and engineers to use this information as a starting point for their own analysis and comparisons.

This report takes a look at Business Email Compromise attacks and examines why the FBI was able to report that it has become a billion dollar industry.

This paper discusses the evolution of enterprise security.

This is an in-depth study into organisations’ attitudes towards the cyber threat, the management control processes they have in place, and their understanding and use of cyber insurance as a means of risk transfer. The benchmarking data in this report was collected from risk professionals and CFOs from large and medium-sized corporations from across the UK. It is the hope that the aggregated information will provide useful benchmarking data and reference points against which the reader can compare their own company’s positions.

For our 3rd Annual Underground Hacker Markets Report, Dell SecureWorks engaged two of our top intelligence analysts from our CISO INTEL Team. The team members spend time tracking hackers on the numerous underground hacker forums and marketplaces all over the world. While much of the cybercrime hitting organizations throughout the world is the result of cooperation by hackers working outside the confines of publicly-accessible marketplaces, these underground forums provide a small window into the world cybercriminals occupy. In this report, we concentrated on marketplaces located on the Russian Underground and on English-speaking marketplaces between Q3 2015 and Q1 2016.

This is the transcript of testimony given before the US House Committee On Energy And Commerce.