You are viewing 19 of 25 results
Array
research

Manage Emerging Threats in 2024

Discover the critical threats to expect this year and how to present them in terms that the business can understand and act on in.

Read more
Array
research

Leadership Insights: Unlocking the business value of security

Explore the historic business perceptions holding back security, and discover steps security leaders can take to accelerate positive change.

Read more
Array
research

ICS Insights:
Challenging Manufacturers

Has your organisation considered the viable actions to reduce the risks posed if manufacturers are not carefully assessed and managed?

Read more
Array
research

Embedding Security into Agile Development: Ten principles for rapid improvement

Agile software development methods are proving a better match for today's demanding business environments than…

Read more
Array
research

Threat Horizon 2025: Scenarios for an uncertain future

Examine multiple contextual scenarios to help set strategies, prepare for potential threats and explore opportunities that lie ahead.

Read more
Array
research

ISF Resources to Establish Confidence In Your Cyber Resilience

Demonstrate that the appropriate measures are being implemented to embed cyber resilience best practice with key ISF resources.

Read more
Array
research

Securing Your Supply Chain

Discover how the ISF equips you to respond to supplier risk challenges presented by today’s threat landscape.

Read more
Array
research

Threat Intelligence:
React and Prepare

The digital revolution presents opportunities to identify and exploit the rising value of information. But this same value also attracts unwanted attention and risks.

Read more
Array
research

ICS Insights:
Organic convergence

Has your organisation considered the complexity of environments within its ICS security controls?

Read more
Array
research

Cyber Awareness:
Think before you click!

Download tried and tested ISF resources to help you raise awareness and improve your security best practice.

Download now
Array
research

Threat Horizon 2024: The disintegration of trust

Should organisations attempt to rebuild trust, or accept that it has disintegrated and adapt accordingly?

Read more
Array
research

Cybersecurity Solutions for a Riskier World

A ThoughtLab study providing evidence-based insights into the most effective cybersecurity practices and investments.

Read more
Array
research

Information Security in Mergers and Acquisitions

This excerpt from the full ISF briefing paper introduces a typical four-step process and helps promote the value of security in M&A activity.

Read more
Array
research

The CISOs Role During Periods of Instability

Five Proactive Steps Towards Stabilisation

Read more
Array
research

Rehearsing Your Cyber Incident Response Capability

Six Proactive Steps Towards Stabilisation

Read more
Array
research

Securing the Supply Chain During Periods of Instability

As global pressure on supply chains increase significantly, explore five proactive and actionable steps towards stabilisation.

Read more
Array
research

Managing Cyber Threats During Periods of Instability

Seven Proactive Steps Towards Stabilisation

Read more
Array
research

Threat Horizon 2022: Digital and physical worlds collide

Threat Horizon 2022 presents nine potential threats across three themes driven by global events and major developments.

Read more
Array
research

Demystifying Zero Trust

Zero trust continues to cause confusion across industries. Many vendors sell it as an off-the-shelf solution, but in reality, its successful implementation requires organisations to embark on a larger change programme.

Read more
Array
research

Review and Gap Analysis of Cybersecurity Legislation and Cybercriminality Policies in Eight Countries

The ISF, in conjunction with CC-DRIVER, have released a report detailing new methods to prevent, investigate and mitigate cybercrime.

Read more
Array
research

Legal and Regulatory Implications for Information Security: People's Republic of China

Read the latest ISF research on how the Personal Information Protection Law (PIPL) will affect organisations how CII operators must follow and report on data protection and security procedures.

Read more
Array
research

Understanding the ransomware menace

The average cost to recover from a ransomware attack is $1.85 million. No sector is…

Download Now
Array
research

Cyber Insurance: Is it worth the risk?

The cyber insurance market has sustainably grown in its relatively short history, but also displayed a volatility.

Read more
Array
research

Securing Containers: Keeping pace with change

Organisational use of Containers has been increasing rapidly, rising from 23% to 92% in a 4-year period.

Read more
Array
research

Security Architecture: Navigating complexity

Establish common architectural concepts, avoid common pitfalls, and integrate architecture into your information security function.

Read more
Array
research

Preparing for the General Data Protection Regulation

The European Union’s General Data Protection Regulation (the GDPR) brings data protection legislation into line…

Read more
Array
research

Extinction Level Attacks: A survival guide

Extinction Level Attacks details an approach that can help an organisation to be better prepared, and ultimately survive an extinction level attack.

Read more
Array
research

Threat Horizon 2023: Security at a tipping point

Aimed at CISOs, senior leaders and risk executives, the Threat Horizon 2023 identifies nine future threats to information security grouped within three key theme

Download now
Array
research

Human-Centred Security: Positively influencing security behaviour

Understand the key factors that influence behaviour, and learn how to deliver impactful security education, training and awareness.

Read more
Array
research

Remote Working and Cyber Risk

As businesses emerge into the new world, beyond their response to the pandemic, we’re likely…

Read more
Array
research

How the ISF Supports You in Securing European Railway Infrastructure

The ISF is committed to continually support businesses to stay cyber resilient and the railway sector is no exception. From our human-centred security research series, to our supply chain suite, we have something to support your needs as an organisation.

Read more
Array
research

Continuous Supply Chain Assurance: Monitoring supplier security

Suppliers help to keep operations moving for all organisations, but this also brings information risk that you must keep a watchful eye on.

Read more
Array
research

Becoming a next-generation CISO

As organisations undergo digital transformation to make themselves more responsive, CISOs are coming under pressure to help these far-reaching changes succeed.

Read more
Array
research

ISF CISO Briefing: Adapting to a New World

As countries implement exit strategies from lockdown, the fallout from COVID-19 has presented a complex set of interrelated factors, causing a ripple effect that impacts the global economy, every geographic region, and all industry sectors.

Read more
Array
research

Securing the Supply Chain: Preventing your suppliers’ vulnerabilities from becoming your own

Sharing information with suppliers is essential for the supply chain to function. However information compromised…

Read more
Array
research

Securing the IoT: Taming the Connected World

The Internet of Things (IoT) has exploded into the connected world and promises much: from…

Read more
Array
research

Using Cloud Services Securely: Harnessing Core Controls

Cloud computing has evolved at an incredible speed and, in many organisations, has become entwined with the complex technological landscape that supports critical daily operations.

Read more
Array
research

Demystifying Artificial Intelligence in Information Security

Whilst AI poses new information risks, it can also be used for good and should become a key part of every organisation’s defensive arsenal.

Read more
Array
research

Human-Centred Security: Addressing psychological vulnerabilities

Human-centred security starts with understanding humans and their interaction with technologies, controls and data.

Read more
Array
research

Securing Mobile Apps: Embracing mobile, balancing control

The availability of mobile apps and mobile devices presents organisation with a conundrum. On the…

Read more
Array
research

Industrial Control Systems: Securing the systems that control physical environments

With so many global organisations heavily reliant on Industrial Control Systems (ICS) to support business operations, senior business managers and boards are now encountering growing pressure to improve and maintain the security of their organisations ICS Environments.

Read more
Array
research

Delivering an Effective Cyber Security Exercise

Performing cyber security exercises can help organisations improve their ability to detect, investigate and respond to cyber attacks in a timely and effective manner.

Read more
Array
research

Threat Horizon 2021: The digital illusion shatters – Full report now available to download

The world is now heavily digitised. Technology enables innovative digital business models and society is…

Read more
Array
research

Building A Successful SOC: Detect Earlier, Respond Faster

Building a successful Security Operations Centre (SOC) can greatly enhance the ability to detect and disrupt cyber attacks, protecting the business from harm.

Read more
Array
research

Protecting the Crown Jewels: How to Secure Mission-Critical Assets

Mission-critical information assets – an organisation’s “crown jewels” – are information assets of greatest value and would cause major business impact if compromised.

Read more
Array
research

Blockchain and Security: Safety in Numbers

Understanding the potential security risks related to blockchain and how they can be addressed, is vital for any organisation planning to use it as the basis for developing applications.

Read more
Array
research

Engaged Reporting: Fact and fortitude

Now that cyber security has the attention of the board and information risk is on the agenda, CISOs are being asked increasingly tough questions about security investment and risk.

Read more
Array
research

Engaging with The Board: Balancing cyber risk and reward

When boards and CISOs engage successfully, organisations are better able to take advantage of the…

Read more
Array
research

Establishing A Business-Focused Security Assurance Programme: Confidence In Controls

How secure is your organisation’s information? At any given moment, can a security leader look an executive in the eye and tell them how well business processes, projects and supporting assets are protected?

Read more
Array
research

Building Tomorrow’s Security Workforce

Business and security leaders today must actively work to build and sustain a robust security workforce, as shortfalls in skills and capability to manage risk can manifest as major security incidents that damage organisational performance, reputation and image.

Read more
Array
research

Data Leakage Prevention (DLP)

The increasing adoption of collaboration platforms, cloud services and social media, which are often accessed using personal devices, has introduced a host of new ways for sensitive data to leak.

Read more
Array
research

Managing the Insider Threat: Improving Trustworthiness

The insider threat has intensified as people have become increasingly mobile and hyper-connected. Almost every worker has multiple devices that can compromise information instantly and at scale: impact is no longer limited by the amount of paper someone can carry.

Read more
Array
research

Data Privacy in the Cloud: Enabling business agility by managing risk

With cloud-based systems come inherent challenges. These are further complicated as data subject to privacy regulation inevitably moves into the cloud.

Read more