This paper seeks to provide a new approach to cyber security that enables IT operations and incident response teams to move faster and act smarter.

This paper provides insight into the tools an IT security pro needs to rapidly hunt, find and investigate dynamic threat indicators.

This paper exerts that there exists very little data on whether companies are winning the war against cyber crime. It seeks to answer several questions with this survey of 270 IT security professionals in North America.

This guide is designed to help enterprises endpoint security solutions.

This paper provides a helpful checklist for NIST adoption.

Measuring & Managing the Cyber Risks to Business Operations, which was sponsored by Tenable and conducted by Ponemon Institute, reveals global trends in how organizations are assessing and addressing cybersecurity risks. We conclude from the findings that current approaches to understanding cyber risks to business operations are failing to help organizations minimize and mitigate threats. We surveyed 2,410 IT and IT security practitioners in the United States, United Kingdom, Germany, Australia, Mexico and Japan. All respondents have involvement in the evaluation and/or management of investments in cybersecurity solutions within their organizations. The consolidated global findings are presented in this report.

This paper outlines the results of the DomainTools second annual Cybersecurity Report Card Survey. More than 500 security professionals from companies ranging in size, industry and geography were surveyed about their security posture and asked to grade the overall health of their programs.

After analyzing the activities of cyber threat actors this year, the DomainTools Research Team has identified four key cybersecurity concerns that security teams, executives, consumers and government officials can expect to encounter next year. From hacked drones with the potential to cause physical harm, to advancing activity from North Korea and Hidden Cobra, this paper connects the dots between the past, present and future to help organizations get ready for the security challenges of 2018.

The current environment for doing business forces business leaders to face an expanding attack surface, more sophisticated threats and threat actors, and mounting regulatory compliance. These factors are creating a perfect storm that puts your organization and your customers at risk. Now is the time to act. As a Board member or executive, it is not only your goal, but your responsibility to shareholders to protect their interests. The threat to your bottom line from a single incident are significant but a digital risk management strategy can help.

The purpose of this document is to briefly describe the features of Necurs malware. During the analysis, we have been able to identify the different “features” and “capabilities” of the Necurs malware.

From the report, “Our survey examined the most common malware threats that organizations are grappling with, how often those threats result in actual compromises, and the challenges involved in responding to them. Respondents included CIOs, CTOs, CSOs, IT directors, network administrators, and senior executives from organizations in more than 20 industries.”

“Threat intelligence has become a significant weapon in the fight against cybersecurity threats, and a large majority of organizations have made it a key part of their security programs. Among the key findings of the report are that organizations are leveraging threat intelligence data for a number of use cases, and many rate themselves fairly competent in their use of threat intelligence to identify and remediate cyber threats. The most common benefits of threat intelligence platforms include better threat analysis, faster detection and response, more efficient security operations, and better visibility into threats.”

“Despite the massive impact the WannaCry ransomware attack had on businesses across the globe and the immediate changes to security practices following it, a year later businesses still have a reactive approach and struggle to implement comprehensive security policies that target employees and management. With cyber threats evolving so rapidly, businesses need to learn how to be quick on their toes and expedite the development and enforcement of cyber security policies to better prevent future breaches.”

“Almost immediately following the WannaCry cyberattack, the NotPetya malware affected countries and organisations around the globe that had strikingly similar repercussions and lessons to take away. This attack exemplified the chronic failings organisations and nation-states continue to have despite the blatant and ongoing threats cyberspace poses. With cyber threats remaining a critical issue for organisations, there is still a great deal organisations need to do to mitigate these for future resilience.”

This e-book contains insights on breach readiness, response and resiliency based on in-depth interviews conducted with the Security for Business Innovation Council (SBIC). The SBIC is comprised of forward-thinking security executives from Global 1000 enterprises committed to advancing the state of information security worldwide by sharing insights from their real-world experience.

In this midyear report, TrendMicro tracks the tendency of security risks to emerge from aspects of computing that are often overlooked and show how costly they can be especially for enterprises.

In our 24-criterion evaluation of the emerging managed security services providers (MSSPs) market, we identified the 10 most significant providers, and researched, analyzed, and scored them. This report shows how each provider measures up to help security leaders make the right choice.

Unit 42 has identified malware with recent compilation and distribution timestamps that has code, infrastructure, and themes overlapping with threats described previously in the Operation Blockbuster report, written by researchers at Novetta. This report details the activities from a group they named Lazarus, their tools, and the techniques they use to infiltrate computer networks. The Lazarus group is tied to the 2014 attack on Sony Pictures Entertainment and the 2013 DarkSeoul attacks. This recently identified activity is targeting Korean speaking individuals, while the threat actors behind the attack likely speak both Korean and English. This blog will detail the recently discovered samples, their functionality, and their ties to the threat group behind Operation Blockbuster.

Herein we release our analysis of a previously undocumented backdoor that has been targeted against embassies and consulates around the world leads us to attribute it, with high confidence, to the Turla group. Turla is a notorious group that has been targeting governments, government officials and diplomats for years. They are known to run watering hole and spearphishing campaigns to better pinpoint their targets. Although this backdoor has been actively deployed since at least 2016, it has not been documented anywhere. Based on strings found in the samples we analyzed, we have named this backdoor “Gazer”.

This report provides a detailed analysis of survey data that was gathered to provide research findings on best practices and impact.

Accenture research reveals the five steps that can help business leaders not only close the gap on cyber attackers, but also continue to transform and embed security into the fabric of their organizations within the next two to three years.