Research
Leadership Insights: Unlocking the business value of security
Explore the historic business perceptions holding back security, and discover steps security leaders can take to accelerate positive change.
Read more
Threat Horizon 2025: Scenarios for an uncertain future
Examine multiple contextual scenarios to help set strategies, prepare for potential threats and explore opportunities that lie ahead.
Read more
ISF Resources to Establish Confidence In Your Cyber Resilience
Demonstrate that the appropriate measures are being implemented to embed cyber resilience best practice with key ISF resources.
Read more
Threat Intelligence:
React and Prepare
The digital revolution presents opportunities to identify and exploit the rising value of information. But this same value also attracts unwanted attention and risks.
Read more
ICS Insights:
Organic convergence
Has your organisation considered the complexity of environments within its ICS security controls?
Read more
Cyber Awareness: Think before you click!
Download tried and tested ISF resources to help you raise awareness and improve your security best practice.
Download now
Threat Horizon 2024: The disintegration of trust
Should organisations attempt to rebuild trust, or accept that it has disintegrated and adapt accordingly?
Read more
Cybersecurity Solutions for a Riskier World
A ThoughtLab study providing evidence-based insights into the most effective cybersecurity practices and investments.
Read more
Information Security in Mergers and Acquisitions
This excerpt from the full ISF briefing paper introduces a typical four-step process and helps promote the value of security in M&A activity.
Read more
Rehearsing Your Cyber Incident Response Capability
Six Proactive Steps Towards Stabilisation
Read more
Securing the Supply Chain During Periods of Instability
As global pressure on supply chains increase significantly, explore five proactive and actionable steps towards stabilisation.
Read more
Managing Cyber Threats During Periods of Instability
Seven Proactive Steps Towards Stabilisation
Read more
Threat Horizon 2022: Digital and physical worlds collide
Threat Horizon 2022 presents nine potential threats across three themes driven by global events and major developments.
Read more
Demystifying Zero Trust
Zero trust continues to cause confusion across industries. Many vendors sell it as an off-the-shelf solution, but in reality, its successful implementation requires organisations to embark on a larger change programme.
Read more
Cyber Insurance: Is it worth the risk?
The cyber insurance market has sustainably grown in its relatively short history, but also displayed a volatility.
Read more
Securing Containers: Keeping pace with change
Organisational use of Containers has been increasing rapidly, rising from 23% to 92% in a 4-year period.
Read more
Human-Centred Security: Positively influencing security behaviour
Understand the key factors that influence behaviour, and learn how to deliver impactful security education, training and awareness.
Read more
Remote Working and Cyber Risk
As businesses emerge into the new world, beyond their response to the pandemic, we’re likely…
Read more
How the ISF Supports You in Securing European Railway Infrastructure
The ISF is committed to continually support businesses to stay cyber resilient and the railway sector is no exception. From our human-centred security research series, to our supply chain suite, we have something to support your needs as an organisation.
Read more
Becoming a next-generation CISO
As organisations undergo digital transformation to make themselves more responsive, CISOs are coming under pressure to help these far-reaching changes succeed.
Read more
ISF CISO Briefing: Adapting to a New World
As countries implement exit strategies from lockdown, the fallout from COVID-19 has presented a complex set of interrelated factors, causing a ripple effect that impacts the global economy, every geographic region, and all industry sectors.
Read more
Human-Centred Security: Addressing psychological vulnerabilities
Human-centred security starts with understanding humans and their interaction with technologies, controls and data.
Read more
Securing Mobile Apps: Embracing mobile, balancing control
The availability of mobile apps and mobile devices presents organisation with a conundrum. On the…
Read more
Delivering an Effective Cyber Security Exercise
Performing cyber security exercises can help organisations improve their ability to detect, investigate and respond to cyber attacks in a timely and effective manner.
Read more
Engaged Reporting: Fact and fortitude
Now that cyber security has the attention of the board and information risk is on the agenda, CISOs are being asked increasingly tough questions about security investment and risk.
Read more
Engaging with The Board: Balancing cyber risk and reward
When boards and CISOs engage successfully, organisations are better able to take advantage of the…
Read more
Establishing A Business-Focused Security Assurance Programme: Confidence In Controls
How secure is your organisation’s information? At any given moment, can a security leader look an executive in the eye and tell them how well business processes, projects and supporting assets are protected?
Read more
Building Tomorrow’s Security Workforce
Business and security leaders today must actively work to build and sustain a robust security workforce, as shortfalls in skills and capability to manage risk can manifest as major security incidents that damage organisational performance, reputation and image.
Read more
Managing the Insider Threat: Improving Trustworthiness
The insider threat has intensified as people have become increasingly mobile and hyper-connected. Almost every worker has multiple devices that can compromise information instantly and at scale: impact is no longer limited by the amount of paper someone can carry.
Read more