This is the result of SANS 2018 Cyber Threat Intelligence Survey. The survey focuses on how organizations could collect security intelligence data from a variety of sources, and then recogniza and act up on indicators of attach and compromise scenarious in a timely manner.

The emerging field of cybersecurity economics could benefit from better data, better under- standing, and better methods for using resources wisely, not only to protect critical products and services but also to provide assurances that software will work as expected. This research brief presents findings that address these key cybersecurity concerns, perceptions of the importance of cybersecurity, and considerations for cybersecurity invest- ment decisions. In particular, it suggests that companies, the government, and other organizations can help improve our under- standing of cybersecurity economics by moni- toring cybersecurity incidents and responses, soliciting and using standard terminology and measures, and sharing data whenever possible.

The report focuses on how insurance can help make UK companies more resilient to the cyber threat, and is the result of co-operation between representatives of the UK Government and the insurance industry, led by the Cabinet Office and Marsh.

In this report, the authors outline an approach for edge-to-edge security for companies to consider as they build their digital transformation roadmaps. Strengthening a company’s security posture in a world of SDI requires rethinking both the human and the infrastructure elements, leaving behind the idea of network-centric security and moving toward data-centric security.

This guide provides comprehensive help for enterprises seeking to evaluate two factor authentication services.

This paper takes a look at one of the largest cyber-security attacks in history, that took place using Wannacry in May of 2017.

Recent ransomware attacks like Wanna and Petya have spread largely unchecked through corporate networks in recent months, extorting money to restore your data and regain control of your computers. Modern firewalls are purpose-built to defend against these kinds of attacks, but they need to be given an opportunity to do their job. In this whitepaper we’ll discuss how these attacks work, how they can be stopped, and best practices for configuring your firewall and network to give you the best protection possible.

Forbes created a new survey. And, from that survey, a common theme emerged from the survey and the one-on-one interviews: today’s enterprises need a modern game plan that uses technology, people and processes to close the SecOps gap.

This white paper takes a look at the Equifax breach of 2017 and offers a unique analysis at what could have prevented it.

This paper provides a complete roundup of cyber incidents in 2014.

In this issue, Mandiant presents their popular annual breach statistics, discuss three new trends that they have noticed, explore more in depth “Trends Turned Constants”, and include two additional articles to help support their interpretation of the numbers they present. The articles address the [re]Rise of Red Teaming operations, and how their FireEye as a Service (FaaS) service line is keeping companies safer and reducing the standard number of days compromised.

These predictions will provide an historical overview of the evolving threat landscape, reveal the new trends and strategies that Fortinet researchers anticipate cyber criminals will employ in the year to come, and demonstrate how Fortinet is proactively positioned to change the way businesses look at their security strategy going into the new year.

This report asserts that, “Many organizations still follow an outdated approach to cyber security, relying solely on a defensive perimeter to protect their infrastructure.” The report recommends a more robust, iterative approach, which can be broken down into four phases, Predict, Prevent, Detect, and Respond.

This blog post takes a look at a vulnerability unique to the Logitech Harmony Hub.

This report from July 2016 takes a look at a variety of threat events, and provides insight and solutions for those issues.

This roundup reviews the pertinent security stories of 2016 and aims to help enterprises determine what to expect in the months ahead and what security strategies they can adopt to stay protected.

An Annual Showcase of Data Breaches.

As security measures get better at detecting and blocking both malware and cyberattacks, adversaries and cybercriminals are forced to constantly develop new techniques to evade detection. One of these advanced techniques involves “fileless" exploits, where no executable file is written to disk. These attacks are particularly effective at evading traditional antivirus (AV) solutions, which look for files saved to disk so they can scan them and determine if they are malicious. This report discusses these issues.

The Cisco 2015 Annual Security Report, which presents the research, insights, and perspectives provided by Cisco® Security Research and other security experts within Cisco, explores the ongoing race between attackers and defenders, and how users are becoming ever-weaker links in the security chain.

This report finds that victims of cybercrime within the past year often continued their unsafe behavior. This report details and discusses this issue.

From the report, “Application security (AppSec) is maturing for most organizations, according to the 475 respondents who took the SANS 2016 State of Application Security survey. In it, respondents recognize the need for AppSec programs and are working to improve them, despite a lack of the necessary skills, lack of funding and management buy-in, and silos between departments hampering their AppSec programs.”