Research
Threat Intelligence:
React and Prepare
The digital revolution presents opportunities to identify and exploit the rising value of information. But this same value also attracts unwanted attention and risks.
Read more
Cyber Awareness: Think before you click!
Download tried and tested ISF resources to help you raise awareness and improve your security best practice.
Download now
Threat Horizon 2024: The disintegration of trust
Should organisations attempt to rebuild trust, or accept that it has disintegrated and adapt accordingly?
Read more
Rehearsing Your Cyber Incident Response Capability
Six Proactive Steps Towards Stabilisation
Read more
Managing Cyber Threats During Periods of Instability
Seven Proactive Steps Towards Stabilisation
Read more
Threat Horizon 2022: Digital and physical worlds collide
Threat Horizon 2022 presents nine potential threats across three themes driven by global events and major developments.
Read more
Demystifying Zero Trust
Zero trust continues to cause confusion across industries. Many vendors sell it as an off-the-shelf solution, but in reality, its successful implementation requires organisations to embark on a larger change programme.
Read more
Understanding the ransomware menace
The average cost to recover from a ransomware attack is $1.85 million. No sector is…
Download Now
Cyber Insurance: Is it worth the risk?
The cyber insurance market has sustainably grown in its relatively short history, but also displayed a volatility.
Read more
Extinction Level Attacks: A survival guide
Extinction Level Attacks details an approach that can help an organisation to be better prepared, and ultimately survive an extinction level attack.
Read more
Threat Horizon 2023: Security at a tipping point
Aimed at CISOs, senior leaders and risk executives, the Threat Horizon 2023 identifies nine future threats to information security grouped within three key theme
Download now
Remote Working and Cyber Risk
As businesses emerge into the new world, beyond their response to the pandemic, we’re likely…
Read more
Continuous Supply Chain Assurance: Monitoring supplier security
Suppliers help to keep operations moving for all organisations, but this also brings information risk that you must keep a watchful eye on.
Read more
Becoming a next-generation CISO
As organisations undergo digital transformation to make themselves more responsive, CISOs are coming under pressure to help these far-reaching changes succeed.
Read more
ISF CISO Briefing: Adapting to a New World
As countries implement exit strategies from lockdown, the fallout from COVID-19 has presented a complex set of interrelated factors, causing a ripple effect that impacts the global economy, every geographic region, and all industry sectors.
Read more
Using Cloud Services Securely: Harnessing Core Controls
Cloud computing has evolved at an incredible speed and, in many organisations, has become entwined with the complex technological landscape that supports critical daily operations.
Read more
Human-Centred Security: Addressing psychological vulnerabilities
Human-centred security starts with understanding humans and their interaction with technologies, controls and data.
Read more
Delivering an Effective Cyber Security Exercise
Performing cyber security exercises can help organisations improve their ability to detect, investigate and respond to cyber attacks in a timely and effective manner.
Read more
Threat Horizon 2021: The digital illusion shatters – Full report now available to download
The world is now heavily digitised. Technology enables innovative digital business models and society is…
Read more
Building A Successful SOC: Detect Earlier, Respond Faster
Building a successful Security Operations Centre (SOC) can greatly enhance the ability to detect and disrupt cyber attacks, protecting the business from harm.
Read more
Protecting the Crown Jewels: How to Secure Mission-Critical Assets
Mission-critical information assets – an organisation’s “crown jewels” – are information assets of greatest value and would cause major business impact if compromised.
Read more
Data Leakage Prevention (DLP)
The increasing adoption of collaboration platforms, cloud services and social media, which are often accessed using personal devices, has introduced a host of new ways for sensitive data to leak.
Read more
Managing the Insider Threat: Improving Trustworthiness
The insider threat has intensified as people have become increasingly mobile and hyper-connected. Almost every worker has multiple devices that can compromise information instantly and at scale: impact is no longer limited by the amount of paper someone can carry.
Read more