Outsourcing is a fact of life for healthcare organizations, from routine functions such as food services and laundry to regulatory compliance and clinical activities. Large numbers of vendors must be properly managed in order to reduce clinical, financial and regulatory risk. This paper discusses how to reduce complexity in third-party vendor risk management, and how to turn uncertainty and confusion into efficiency and confidence.

How is cyber-resilience defined and measured? How are breach risk and cyber resilience related, and what is the best way to improve cyber-resilience for an enterprise? This paper will answer these questions and shed light on steps you can take to improve the cyber-resilience of your enterprise.

NopSec has pioneered the research, measurement, and analytics of vulnerability threats since 2013. Its annual State of Vulnerability Risk Management reports are widely used and cited in the cybersecurity industry for its insights and actionable information. As presented in this report, vulnerability threats are ever more expanding and evolving, and NopSec is once again leading the research for new ways to expose these threats and protect valuable assets from getting compromised.

This year, NopSec predicts that the biggest cyber threats will be massive data breaches, ransomware, opportunistic crypto-mining attacks and IoT hacking.

It’s been another headline-grabbing 12 months for cybersecurity. There were many large and damaging compromises affecting retailers, airlines and credit rating companies, to name just a few. Thousands of organizations weren’t prepared and had sensitive data stolen, suffered downtime of key systems or were affected in some other way. Are you ready?

“The future of GRC will not just be about managing known risks or monitoring compliance. It will be about sustaining an organization’s social license to operate.”

This report takes a look at the risk involved with third party cybersecurity issues.

This report examines emerging cyber security challenges and risks that businesses are facing as they embrace cloud services at an accelerating pace. The report provides leaders around the globe and across industries with important insights and recommendations for how they can ensure that cyber security is a critical business enabler. Cyber security leaders and practitioners can use this report to educate lines of business about the real security risks the cloud can present.

This is the infographic that reveals the key information revealed in the report of the same name.

Ponemon Institute is pleased to present The Value of Threat Intelligence: Annual Study of North American and United Kingdom Companies, sponsored by Anomali. The purpose of this research is to examine trends in the benefits of threat intelligence and the challenges companies face when integrating threat intelligence with existing security platforms and technologies.

This annual report from Symantec offers insights into formjacking, cryptojacking, ransomware, supply chain attacks, targeted attacks, the cloud, IoT, and even discusses Election Interference. As always the facts and figures are intriguing. Read on!

From the report, “It should be another momentous year for mobile security, with cyber attacks growing rapidly in sophistication and distribution. This report will cover the key mobile security trends that emerged last year as well as summarize thoughts for the mobile threat landscape for the year ahead.”

Here at Cobalt, we’ve done over 350 penetration tests to date. The information included in this report (Time to Fix, Vulnerability Types, Findings Criticality, Issues Fixed) is summary data from all of the penetration tests performed in 2017. Additionally, we provide survey data (Portfolio Coverage, Pen Test Frequency) from 75 respondents in security, management, operations, DevOps, product, and developer roles. All data has been anonymized to protect the privacy of our contributors.

From the report, “Business applications are critical business resources for companies of all sizes — and they’re increasingly under attack. To gain deeper insights into the state of application security, Cybersecurity Insiders conducted an in-depth study in partnership with the 400,000 member Information Security Community on LinkedIn. This report is the result of a comprehensive survey of 437 cybersecurity professionals designed to reveal the latest application security trends, how organizations are protecting applications, and what tools and best practices IT cybersecurity teams are prioritizing to find, fix and prevent vulnerabilities in next-gen applications.”

In the last two years, businesses and governments have seen data breaches like Equifax and Marriott impact 100s of millions of accounts each, as well as critical intellectual property (IP) and core operations. A global survey of 600+ cybersecurity leaders and professionals by Ponemon Institute shows that 67% of organizations are not confident that they can avoid a data breach, and what the primary security and IT challenges that are causing this. The survey also provides fundamental recommendations that can reduce breach risk through innovating and improving a vulnerability management program.

IT security organizations today are judged on how they enable business transformation and innovation. They are tasked with delivering new applications to users and introducing new technologies that will capture new customers, improve productivity and lower costs. They are expected to be agile so they can respond faster than competitors to changing customer and market needs.

Abstract: Enterprises increasingly operate in a digitally interconnected world where third parties like suppliers, customers, channel partners, and others are often directly connected to their internal IT systems, and where their underlying IT infrastructure may be owned and managed by an outside organization. These business relationships can knowingly or unknowingly introduce different types of risks that need to be identified and managed as if these third parties were part of the enterprise itself. Recorded Future’s latest risk intelligence offering enables threat intelligence teams to better understand, monitor, and measure their real-time exposure to these third-party risks. Armed with this information, organizations can better assess and prioritize risk mitigation actions.

As account opening continues to transition from physical to digital channels, financial institutions, issuers, lenders, and other organizations must optimize the digital experience of applicants in order to compete. At the same time, fraud is on the rise as criminals have become more successful than ever, thanks to some of the same digital channel benefits enjoyed by consumers: convenience, speed, and ease of use. To achieve the necessary balance between preventing fraud and providing a delightful experience for consumers, an approach to identity proofing that accounts for the channel, product, customer, and threat environment is absolutely critical. But regardless of the approach, inconspicuous solutions — like those based on applicant behavior — have a distinct role to play in how institutions manage the risk of application fraud.

This report offers insights and guides into the new Help America Vote Act.

This report examines trends in vulnerabilities, exploits and threats in order to better align your security strategy with the current threat landscape. Incorporating such intelligence to vulnerability management programs begins to put vulnerabilities in risk–based context and helps to focus remediation on vulnerabilities most likely to be used in an attack. This is an update to a report published in January 2018 to reflect mid–year trends. All statistics for 2018 reflect data from the first half of the year — January 1, 2018 through June 30, 2018.

The 2019 Vulnerability and Threat Trends Report examines new vulnerabilities published in 2018, newly developed exploits, new exploit–based malware and attacks, current threat tactics and more. Such analysis helps to provide much needed context to the more than 16,000 vulnerabilities published in the previous year. The insights and recommendations provided are there to help align security strategies to effectively counter the current threat landscape. Incorporating such intelligence in vulnerability management programs will help put vulnerabilities in a risk based context and focus remediation on the small subset of vulnerabilities most likely to be used in an attack.