Research

Threat Horizon 2025: Scenarios for an uncertain future
Examine multiple contextual scenarios to help set strategies, prepare for potential threats and explore opportunities that lie ahead.
Read more
ISF Resources to Establish Confidence In Your Cyber Resilience
Demonstrate that the appropriate measures are being implemented to embed cyber resilience best practice with key ISF resources.
Read more
Threat Intelligence:
React and Prepare
The digital revolution presents opportunities to identify and exploit the rising value of information. But this same value also attracts unwanted attention and risks.
Read more
Cyber Awareness: Think before you click!
Download tried and tested ISF resources to help you raise awareness and improve your security best practice.
Download now
Threat Horizon 2024: The disintegration of trust
Should organisations attempt to rebuild trust, or accept that it has disintegrated and adapt accordingly?
Read more
Cybersecurity Solutions for a Riskier World
A ThoughtLab study providing evidence-based insights into the most effective cybersecurity practices and investments.
Read more
Managing Cyber Threats During Periods of Instability
Seven Proactive Steps Towards Stabilisation
Read more
Threat Horizon 2022: Digital and physical worlds collide
Threat Horizon 2022 presents nine potential threats across three themes driven by global events and major developments.
Read more
Demystifying Zero Trust
Zero trust continues to cause confusion across industries. Many vendors sell it as an off-the-shelf solution, but in reality, its successful implementation requires organisations to embark on a larger change programme.
Read more
Review and Gap Analysis of Cybersecurity Legislation and Cybercriminality Policies in Eight Countries
The ISF, in conjunction with CC-DRIVER, have released a report detailing new methods to prevent, investigate and mitigate cybercrime.
Read more
Legal and Regulatory Implications for Information Security: People's Republic of China
Read the latest ISF research on how the Personal Information Protection Law (PIPL) will affect organisations how CII operators must follow and report on data protection and security procedures.
Read more
Understanding the ransomware menace
The average cost to recover from a ransomware attack is $1.85 million. No sector is…
Download Now
Extinction Level Attacks: A survival guide
Extinction Level Attacks details an approach that can help an organisation to be better prepared, and ultimately survive an extinction level attack.
Read more
Threat Horizon 2023: Security at a tipping point
Aimed at CISOs, senior leaders and risk executives, the Threat Horizon 2023 identifies nine future threats to information security grouped within three key theme
Download now
Human-Centred Security: Positively influencing security behaviour
Understand the key factors that influence behaviour, and learn how to deliver impactful security education, training and awareness.
Read more
ISF CISO Briefing: Adapting to a New World
As countries implement exit strategies from lockdown, the fallout from COVID-19 has presented a complex set of interrelated factors, causing a ripple effect that impacts the global economy, every geographic region, and all industry sectors.
Read more
Securing the IoT: Taming the Connected World
The Internet of Things (IoT) has exploded into the connected world and promises much: from…
Read more
Demystifying Artificial Intelligence in Information Security
Whilst AI poses new information risks, it can also be used for good and should become a key part of every organisation’s defensive arsenal.
Read more
Human-Centred Security: Addressing psychological vulnerabilities
Human-centred security starts with understanding humans and their interaction with technologies, controls and data.
Read more
Threat Horizon 2021: The digital illusion shatters – Full report now available to download
The world is now heavily digitised. Technology enables innovative digital business models and society is…
Read more
Building A Successful SOC: Detect Earlier, Respond Faster
Building a successful Security Operations Centre (SOC) can greatly enhance the ability to detect and disrupt cyber attacks, protecting the business from harm.
Read more
Protecting the Crown Jewels: How to Secure Mission-Critical Assets
Mission-critical information assets – an organisation’s “crown jewels” – are information assets of greatest value and would cause major business impact if compromised.
Read more