Informes y Reportes de Seguridad
Informes y Reportes publicados el mes de abril
www.servicenow.com
TODAY’S STATE OF VULNERABILITY RESPONSE : PATCH WORK DEMANDS ATTENTION 1 In the last two years, 48% of companies have experienced a data breach, and the severity
|
www.malwarebytes.com
Executive summary It’s quiet in here, Bob. Yeah…a little too quiet. It’s been a slow quarter for malware. Maybe after a banner year in 2017, they took a much-needed
|
www.ptsecurity.com
INTRODUCTION When cybercriminals want to penetrate the infrastructure of a target company, they in-creasingly tend to use social engineering to do so.
|
www.verizonenterprise.com
4 What’s the biggest risk to your business? Each industry faces a different mix of threats. By understanding the biggest threats to your industry,
|
sucuri.net
Hacked Website Report 2017 The latest malware and hacking trends in compromised websites. This report is based on data collected and analyzed by the Sucuri Remediation Group
|
www.iboss.com
REPORT / 2018 Enterprise Cloud Trends / PAGE 2 EXECUTIVE SUMMARY Companies across industries and verticals are investing more in cloud, with nearly every organization ...
|
gallery.logrhythm.com
2018 Cybersecurity: Perceptions & Practices A Benchmark Survey of Security Professionals in the U.S., U.K., and Asia-Pacific Regions
|
www.breachlevelindex.com
INTRODUCTION A fair number of data breach trends emerged in 2017. One of the most significant developments of the year was an abundance of poor security
|
s3-us-west-2.amazonaws.com
2 Foreword Report to the Nations With the publication of the 2018 Report to the Nations, I am struck by how this study, like the Association of Certified Fraud Examiners itself, is in many ways a tribute to the vision and
|
www.cognizant.com
Securing the Digital Future | 5 But with the increased threat, the discipline of security is still struggling to find its place in organizations, as evidenced by the
|
newsroom.ibm.com
IBM Cybersecurity and Privacy Research. Download PDF (621 KB) IBM Systems
|
www.accenture.com
Organizations are gaining ground on the damaging impact of cyber attacks—and proving that recent security investments are paying off. Despite the number
|
www.cifas.org.uk
Fraudulent conduct decreases overall – but worrying rises in some areas THE FRAUDSCAPE IN THIS EDITION The number of identity frauds increased further
|
enterprise.comodo.com
Q1 2018 REPORT 2 Table of Contents Highlights 4
|
www.soa.org
This report presents the major findings from the eleventh annual Emerging Risks survey.
|
assets.publishing.service.gov.uk
Cyber Security Breaches Survey 2018 Over four in ten businesses (43%) and two in ten charities (19%) experienced a cyber security breach
|
imperva.lookbookhq.com
A Content Experience For You
|
sysnetgs.com
3 Acquirer PCI Sentiment Survey 5 key takeaways from the PCI Sentiment Survey All acquirers agree that small merchants are not effectively engaging with PCI programs: the majority believe that this is a
|
www.mcafee.com
Cybersecurity defenses are under unprecedented levels of attack. From old malware
foes and newer types, such as ransomware, to sophisticated advanced threats and statesponsored
cyberattacks, breaches are, sadly, now an everyday reality.
|
digitalshadows.com
In this research, Digital Shadows assessed the sensitive data exposed from some of the most ubiquitous file sharing
services across the Internet. We found over twelve petabytes of publicly available data across open Amazon S3 buckets,
rsync, SMB, FTP servers, misconfigured websites, and NAS drives. Here are some of the key findings
|
www.protiviti.com
|
www.akamai.com
To survive in today’s economy, companies must balance effortless digital experience with the imperative to maintain fail-safe security
|
www.aciworldwide.com
The payment market is changing, and with it
the operating environment for enterprises in all
industries. Across the value chain,
organizations are investing in new technology
as they adjust to shifting market conditions
and consumer expectations
|
lookout.com
Mobile devices have opened a profitable new window of opportunity for criminals executing phishing attacks. Attackers are
successfully circumventing existing phishing protection to target the mobile device. These attacks are highlighting security
shortcomings and exposing sensitive data and personal information at an alarming rate.
|
bitdefender.com
In a fast-changing landscape where large cyberattacks make the news virtually every month, companies have started shifting their
security defense paradigm toward gaining more visibility into the way attacks occur, and how they become targets. By 2021, the global
cost of cybersecurity breaches will reach $6 trillion, double the total for 2015.1
Building shields in an effort to safeguard IT infrastructures
is no longer enough, due to the porous nature of perimeters and the known failure rate of a fortress approach.
|
www.dbta.com
Critical data and information — including customer data, intellectual property, and strategic plans — are
key to organizations’ competitiveness, but a breach of this data can have disastrous consequences.
Though data security has long been the purview of IT and security teams, the market is shifting, and
business executives must take notice.
|
www.isaca.org
State of Cybersecurity 2018 reports the results of the annual ISACA global State of Cybersecurity Survey, conducted in
October 2017. Overall results confirm that cybersecurity remains dynamic and turbulent as the field continues to mature.
|
www.foundstone.com.au
We are moving to the cloud. That has been the recurring message not only in previous publications
but actually for a number of years in most industry studies. I remember in our first study on cloud
adoption we were told from respondents that they intend to move 80% of their infrastructure to the
cloud within 16 months.
|
Webroot
If there’s one thing that came through loud and clear
in our analysis of malware and other threats in 2017,
it’s that, when it comes to cybersecurity, change is the
only constant. While analysts, researchers, and security
companies worked quickly to identify and block emerging
threats, attackers were just as quick in finding new
ways to evade defenses.
|
www.bomgar.com
The WannaCry ransomware attack in May
2017 crippled the UK’s National Health Service
(NHS) and disrupted a range of organizations
across 150 countries.
|
www.sonatype.com
As the world witnessed record breaches in 2017, leading IT teams were integrating
and automating more security practices throughout the software development
lifecycle to better fortify applications and protect their data.
|
cloudsecurityalliance.org
The Cloud Security Alliance Global Enterprise Advisory Board, founded in 2016, is a collection
of leading experts from large multinational companies representing over 10 unique industries
|
sophos.com
In late 2017, Sophos sponsored an independent research study into the state of network
security in mid-sized organizations across the globe. This research program explored the
experiences, concerns, and future needs of IT managers, with particular focus on firewalls
and network defenses.
|
www.corero.com
Enterprise organizations are being attacked on
a daily basis and the effects are staggering.
91% of respondents said that DDoS attacks cost their
company up to $50,000 per attack
|
ObserveIT & Ponemon Institute
Companies throughout the globe share the risk of having a serious data breach or security exploit
caused by an insider or credential thief. The 2018 Cost of Insider Threats: Global study,
sponsored by ObserveIT, is the second benchmark study conducted to understand the direct and
indirect costs that result from insider threats
|
lastpass.com
The cyber security threats facing enterprises have never
been greater than today. In the time it takes for you to
read this sentence, there will be approximately 180
data records stolen, with more than five million records
breached daily
|
Informes y Reportes publicados el mes de marzo
www.pwc.com
Over 660 investment professionals gave us their views on global growth, threats to business, trust and the challenges of globalisation and disruption.
|
APPLICATION INTELLIGENCE REPORT - a10networks.com www.a10networks.com APPLICATION INTELLIGENCE REPORT www.a10networks.com 4 For nearly a decade, the term application has been synonymous with software — addicting, useful and |
Hiring and Retaining Top Cybersecurity Talent - (ISC)² www.isc2.org Hiring and Retaining Top Cybersecurity Talent 3 Only 15% of cybersecurity professionals have “no plans” to leave their current employment, the study revealed. |
Insider Threat Predictions for 2018 - Haystax haystax.com INSIDER THREAT REDICTIONS OR 2018 2 Industry Survey This is the season for predictions, the time when we start imagining how our companies, technologies |
www.trendmicro.com
We delved into 2017’s most notable threats to see what lies ahead in the mobile landscape, and what users and organizations can do to navigate it in 2018 and beyond.
|
PwC's 21st Annual Global CEO Survey: The Anxious Optimist ... www.pwc.com 6 | PwC’s 21st CEO Survey We have only to look past frantic geopolitical headlines to current economic indicators to understand the reason why. |
www.thalesesecurity.com Driven by escalating cyberattacks, traditional insider threats, privacy requirements and data residency regulations, enterprises around the world are facing increasing pressures to protect their data and reduce the exposure of their organizations to data related risks. |
safenet.gemalto.com
The explosion of cloud identities has IT decision makers reconciling security, compliance and scalability for the enterprise. Cloud access management solutions have emerged to address the challenges of the new perimeter. Develop your cloud security with the latest insights on global access management trends.
|
cyberintelligencenetwork.tradepub.com
Discover the latest trends, priorities and best practices for cyber threat hunting in SOCs.
|
2018 Cyberthreat Defense Report cyber-edge.com 2018 Cyberthreat Defense Report 2 Front Cover Table of Contents Introduction Research Highlights Current Security Posture Perceptions and Concerns |
McAfee Labs Threats Report March 2018 www.mcafee.com REPORT 2 McAfee Labs Threats Report, March 2018 Follow Share The McAfee Labs count of new malware in Q4 reached an all-time high of 63.4 million new |
about.gitlab.com
Discover key trends, attitudes, and perceptions on the state of culture, workflow, and tooling within IT organizations.
|
“The State of Cybersecurity in Healthcare Organizations in ... www.merlin-intl.com The State of Cybersecurity in Healthcare Organizations in 2018 – Ponemon Study . Key Report Findings: Trends in risks facing healthcare organizations: Why more cyber attacks are occurring |
Microsoft Security Intelligence Report info.microsoft.com Foreword Welcome to the 23rd edition of the Microsoft Security Intelligence Report, a bi-annual publication that Microsoft creates for customers, partners, and the industry. |
Android Security 2017 Year In Review source.android.com Android Security 2017 ear in eview 4 Android platform features, metrics that informed our view of Android security, and security trends for Android devices in 2017. |
Cyber safety and resilience - raeng.org.uk www.raeng.org.uk Cyber safety and resilience strengthening the digital systems that support the modern economy |
Internet of Things - raeng.org.uk www.raeng.org.uk Internet of Things | realising the potential of a trusted smart world 1 Contents Foreword 2 Executive summary 3 1. Introduction 10 2. Policy context 13 |
Evaluation of DHS’ Information Security Program for FY 2017 www.oig.dhs.gov Evaluation of DHS’ Information Security Program for FY 2017 . March 1, 2018 OIG-18-56 |
THE BLACK MARKET REPORT - armor.com www.armor.com the black market report a look inside the dark web mar. 2018 the hacker underground exposed by armor s threat resistance unit (tru) research team |
Siemens report: Mideast’s oil and gas sector needs ... www.middleeast.siemens.com Cyber security breaches in the Middle East are widespread and frequently undetected, with 30 percent of the region’s attacks targeting operational technology (OT), finds a new study by Siemens and Ponemon Institute. |
go.ss8.com This report reveals top techniques used by attackers to disrupt critical infrastructure and enterprises in the networks we assessed over the past year. |
Cyber Security Export Strategy - gov.uk www.gov.uk The cyber security challenge – an opportunity for UK business A thriving UK cyber security sector is a key national security and |
Threat Landscape for Industrial Automation Systems in H1 2017 ics-cert.kaspersky.com Threat Landscape for Industrial Automation Systems Kaspersky Lab ICS CERT in H2 2017 1 © Kaspersky Lab, 1997 –2018 Contents |
Signalling Security in Telecom SS7/Diameter/5G — ENISA www.enisa.europa.eu The present study has deep dived into a critical area within electronic communications, the security of interconnections in electronic communications (signalling security). |
SANS Institute InfoSec Reading Room www.sans.org 1 www.sans.org/course/cyber-threat-intelligence 2 Cyber Threat Intelligence Uses, Successes and Failures: The SANS 2017 CTI Survey, March 2017, |
IBM X-Force Threat Intelligence Index 2018 www-01.ibm.com The IBM X-Force Threat Intelligence Index 2018 highlights high-profile security events of 2017 and forecasts trends that will occur in 2018. |
TRUSTWAVE GLOBAL SECURITY REPORT www2.trustwave.com Ten years ago, we published the first volume of the Trustwave Global Security Report. It was 11 pages long and focused exclusively on thefts of payment card data from pointof-sale and e-commerce environments. Trustwave has grown a lot since then and so has this report. Unfortunately, the threat landscape has grown, too. |
www.fireeye.com In this M-Trends 2018 report, we look at some of the latest trends identified during the October 1, 2016 to September 30, 2017 reporting period, as revealed through incident response investigations by Mandiant, a FireEye company. |
2018 GLOBAL DATA RISK REPORT FROM THE VARONIS DATA LAB varonis.com The 2018 Global Data Risk Report captures findings of Data Risk Assessments performed on 130 organizations – a representative sample from many industry segments and sizes. |
PHISHING RESPONSE TRENDS Europe Companies in Europe and around the world are ramping up to fight phishing. No wonder. Last year, there were over 1.2 million phishing attacks globally, a 65% annual increase. So, is Europe winning the war against email-related threats? |
Organizations typically have a fixed cost to work with when designing a pen test strategy, and want to use it to optimize quality (talent, results) and coverage (across an application portfolio and within an application). |
Applying software patches and updates seems to be a crucial task if we want to keep our computers secure. Timely software patching may be a requirement of many authoritative standards and regulations. The „common sense“ dictates that one should not delay applying security patches. And as usually, the reality turns out to be much more complex. |
Vulnerability Review 2018 – Global Trends www.flexera.com The annual Vulnerability Review analyzes the evolution of software security from a vulnerability perspective. The review presents global data on the prevalence of vulnerabilities and the availability of patches, and maps the security threats to IT infrastructures. |
www.akamai.com Security breaches that go beyond stealing premium content are a real and present danger for media organizations. Attacks are widespread and of different types. The four most frequent breaches in the survey were SQL injections (23%), DNS attacks (21%), content pirating (20%), and DDoS (17%). These findings show that organizations must be prepared for a large variety of attacks. |
www.ipass.com Mobile working is increasingly becoming the norm for many enterprises, with industry analyst Strategy Analytics predicting that there will be 1.75 billion mobile workers by 2020. At the same time, mobile security threats are on the rise: according to the McAfee Mobile Threat Report Q1 2018, 16 million users were hit with mobile malware in the third quarter of 2017. |
bakerlaw.com This is our fourth Report addressing the issues entities care about most when it comes to incident response. The Report’s focus remains consistent with that of prior years, although this year we emphasize the importance of using Compromise Response Intelligence in addition to the measures necessary to be Compromise Ready. |
2017 Cyberthreat Defense Report www.imperva.com The first three installments of the Cyberthreat Defense Report CDR) began the process of looking beyond major breaches) and the never-ending evolution of cyberthreats to better understand what IT security teams are doing to defend against them. |
Internet Security Threat Report Symantec.com From the sudden spread of WannaCry and Petya/NotPetya, to the swift growth in coinminers, 2017 provided us with another reminder that digital security threats can come from new and unexpected sources. With each passing year, not only has the sheer volume of threats increased, but the threat landscape has become more diverse, with attackers working harder to discover new avenues of attack and cover their tracks while doing so. |
‘Soft Target: The Top 10 Vulnerabilities Used by Cybercriminals www.recordedfuture.com Recorded Future’s research this year once again highlights the challenges defenders face to make remediation decisions around vulnerabilities without access to all the facts. Official vulnerability databases and even scanning tools cannot arm organizations with one key metric: the overlap between the vulnerabilities in the systems you use and the ones that are being actively exploited by threat actors. |
UNDERSTANDING EMAIL FRAUD | A Global Survey www.proofpoint.com Email fraud, also known as business email compromise (BEC), is one of today’s greatest cyber threats. These socially engineered attacks seek to exploit people rather than technology. They are highly targeted, don’t include attachments or URLs, arrive in low volumes, and impersonate people in authority. These and other factors make email fraud difficult to detect and stop with traditional security tools. |
The Future of the :Enterprise WAN Too Complex to ? www.catonetworks.com In this year’s networking survey, we wanted to delve into what factors drive, support, or inhibit WAN transformation projects. Essential to that goal was understanding the role simplification plays in .enterprise networks |
www.barracuda.com Next Generation Firewalls (NGF) are a mainstay of IT security organizations, maintaining a perimeter to protect vital systems and data. But as cloud deployments have completely changed network and system topologies, the perimeter is an increasingly complicated concept. It’s no longer easy to define, let alone defend. So what is the role of the firewall in a cloud and hybrid world? Do existing NGF approaches continue to deliver needed protection or are new capabilities needed? |
www.barkly.com Malware is rapidly evolving. The ways payloads are being delivered and deployed are changing, too. New attack tools and exploit techniques are appearing more regularly. It’s taking less time for them to gain widespread adoption. |
www.erwin.com There’s a high level of interest in formal data governance practices at many organizations but a troubling lack of follow-through at many levels. Here’s what enterprises must do to make sure their data governance agendas succeed. |
Innovation Through Inclusion: The Multicultural Cybersecurity Workforce www.isc2.org Key findings from the report indicate that minority representation within the cybersecurity profession (26%) is slightly higher than the overall U.S. minority workforce (21%)1 . Employment among cybersecurity professionals who identify as a racial or ethnic minority tends to be concentrated in non-management positions, with fewer occupying leadership roles, despite being highly educated. |
The Third Annual Study on the Cyber Resilient Organization www.ibm.com Companies represented in this research revealed that there are a number of areas that hinder effective and efficient incident response. Chief among them is that 77 percent of organizations admit they do not have a formal cybersecurity incident response plan (CSIRP) that is applied consistently across the organization. The report also found that just 31 percent of respondents feel that they have an adequate cyber resilience budget in place. |
2018 GLOBAL STATE OF PRIVILEGED ACCESS MANAGEMENT (PAM) RISK & COMPLIANCE www.thycotic.com. Nearly three out of four organizations would fail an Access Controls audit, putting their privileged credentials (the keys to the kingdom) at high risk. |
Infografphic The State of Cybersecurity in Healthcare Organizations 2018 The State of Cybersecurity in Healthcare Organizations 2018. Complete report http://www.merlin-intl.com/ Trends in risks facing healthcare organizations: Why more cyber attacks are occurring Steps taken to improve the security posture of healthcare organizations Lessons from high-performing healthcare organizations |
2018 State of Security Operations www.microfocus.com Organizations around the globe continue investing heavily in cyber defense capabilities to protect their critical assets. Whether protecting brand, intellectual capital, and customer information or providing controls for critical infrastructure, the means for incident detection and response to protect organizational interests have common elements: people, processes, and technology. |
Revitalizing privacy and trust in a data-driven world www.pwc.com Massive data breaches and the constant collection of personal information routinely spur debate on whether privacy, rooted in ancient times, is dead in the digital age. Are we in a post-privacy world? In many ways, it is the wrong question. Privacy, security and trust—all increasingly at risk—are also more vital and intertwined in our data-driven society. |
2018 HIMSS Cybersecurity Survey 2018 HIMSS Cybersecurity Survey. Infographics www.himss.org Healthcare organizations with cybersecurity programs are making positive efforts towards improvement. More resources are dedicated to cybersecurity programs. Proactive measures are taken as a result of regular risk assessments. Penetration testing and security awareness training are regularly conducted. |
www.Zingbox.com RHealthcare organizations are undergoing multiple transformations, from the increasing connectivity of medical devices to the convergence of Information Technology (IT) and Operational Technology (OT). These transformations are drastically changing the way organizations conduct their day-to-day operations. Cyber threats targeting healthcare organizations are also undergoing their own transformations. While the theft of Personal Health Information (PHI) is widely accepted as the most common threat, more and more attacks are aiming to disrupt an organization’s ability to provide care. In many cases, such disruption can be more financially damaging than the actual theft of PHI. |
Navigating the new cybersecurity threat landscape www.microsoft.com Cybersecurity is difficult and it’s not going to get any easier. Running a large environment means managing huge volumes of attempted breaches every day. This is big business. Cybersecurity Ventures estimates cybercrime will cost more than $US6 trillion a year by 2021. |
Informes hasta el 26/02/2018
www.infoblox.com
Ponemon Institute: Private & Confidential Report 1 Third Annual Study on Exchanging Cyber Threat Intelligence: There Has to Be a Better Way January 2018
|
www.threatmetrix.com
View this cybercrime report to discover which tactics fraudsters and cybercriminals are using to stage attacks around the world.
|
www.rand.org
This report shares a transparent and adaptable methodology for estimating present and future global costs of cyber risk. The report has a companion Excel ...
|
lp.skyboxsecurity.com
Vulnerability and Threat Trends Report 3 The old boundaries of cybersecurity and
|
www.cyentia.com
An Inside Perspective on Security Operations We are thrilled to announce the culmination of a project we’ve been working on for some time. The Voice of the Analyst Study released today and we’d like to share a few findings with the hope of stoking your interest enough to read the full report. First off, our thanks …
|
www.fsisac.com
CISOs around the world prioritize employee training, reporting to boards quarterly to help improve cybersecurity practices. 2018 Cybersecurity Trends Infographic
|
www.datto.com
• Spike in ransomware attacks lead to millions in downtime-related costs for SMBs. In Europe, an estimated 4.5 percent of small to medium-sized businesses
|
www.enisa.europa.eu
The European Union Agency for Network and Information Security (ENISA) is a centre of expertise for cyber security in Europe. ENISA is contributing to a high level of ...
|
www.enisa.europa.eu
The European Union Agency for Network and Information Security (ENISA) is a centre of expertise for cyber security in Europe. ENISA is contributing to a high level of ...
|
www.domaintools.com
SANS 2018 Cyber Threat Intelligence Survey. As the threat landscape continues to change, and with more advanced attackers than ever, security teams need all the help ...
|
www.icemd.com
ICEMD, El Instituto de la Economía Digital de ESIC Business & Marketing School presenta el 3er estudio sobre las competencias digitales en la empresa española para ...
|
co.pinterest.com
This Pin was discovered by Dan Williams. Discover (and save!) your own Pins on Pinterest.
|
www.comodo.com
GLOBAL MALWARE REPORT 2017 4 THREAT RESEARCH LABS Malware Analysis Overview Malicious software, or malware, refers to computer code that can be harmful to both
|
hub.fortinet.com
Top security threats, trends and insights. Download the latest Q4 Threat Landscape Report.
|
www.cisco.com
Keep up to date with the latest threats and read our recommendations for moving to more integrated threat
|
fsecurepressglobal.files.wordpress.com
Incident
|
dlupdate.quickheal.com
Introduction In 2017, Quick Heal Security Labs detected over 705 million Windows malware with Q1 (Jan – March) clocking the highest ˜gure of over 295 million.
|
riskiq.com
|
recordedfuture.com
|
proofpoint.com
|
checkpoint.com
|
Avecto
|
domaintools.com
|
cyberadapt.com
|
Wombat
|
The Council of Economic Advisers
|
marsh.com
|
bigbrotherwatch.org.uk
|
capgemini.com
|
centrify.com
|
McAfee.com
|
verizonenterprise.com
|
raytheon.com
|
enett.com
|
pwc.co.uk
|
Oxford University
|
pwc.com
|
Informes hasta el 16/02/2018
Informes hasta el 7/02/2018
Informes hasta el 31/01/2018
Reporte de la firma 250ok. El cual resalta "Al menos 90% de los e-retailers mas importantes de EU y US fallan en proteger a sus usuarios de ataques de Phishing"
Informe de la firma Appriver. En sus estadísticas registran datos interesantes y conceptos interesantes:
"Conversation Hijacking Attack" relacionado al phishing y sus observaciones. |
La estadística del informe al revisarlo muestra un crecimiento del 46% con el año inmediatamente anterior. Mostrando un clara tendencia de lo que pasará en el año 2018.
|
En este informe Interesantes datos muestran en su reporte y resalta que el 93% de las brechas se hubiesen podido prevenir. Lo que significa un descuido organizacional
|
De igual manera este reporte muestra como el número de brechas de seguridad aumenta y muestra de la misma manera una tendencia creciente en lo que viene en la realidad digital.
|