Collaborate Disseminate
Axio announced a new joint initiative with Cyentia Institute, a research and data science firm with a mission to advance knowledge in the cybersecurity industry. Together, Axio and Cyentia will deliver Cyentia’s cyber incident analysis to Axio customer… Continue reading Axio and Cyentia Institute join forces to boost data-driven cyber risk quantification for enterprises
High-risk users represent approximately 10% of the worker population and are found in every department and function of the organization, according to Elevate Security research. High-risk users represent a sizable threat to the organization Additionally… Continue reading High-risk users may be few, but the threat they pose is huge
98 percent of organizations have vendor relationships with at least one third-party that has experienced a breach in the last two years, according to SecurityScorecard and The Cyentia Institute. The study also found that 50 percent of organizations hav… Continue reading 50% of organizations have indirect relationships with 200+ breached fourth-party vendors
Veracode revealed data that could save organizations time and money by helping developers minimize the introduction and accumulation of security flaws in their software. Their report found that flaw build-up over time is such that 32% of applications a… Continue reading 70% of apps contain at least one security flaw after 5 years in production
A research from SecurityScorecard and The Cyentia Institute revealed only 60% of organizations have improved their security posture despite a 15-fold increase in cyber-attacks over the last three years. The joint research sought to measure the speed of… Continue reading Only 10% of vulnerabilities are remediated each month
Cyentia Institute and RiskRecon released a research that quantifies how a multi-party data breach impacts many organizations in today’s interconnected digital world. The study is based on an analysis of 897 multi-party breaches involving three or more … Continue reading A multi-party data breach creates 26x the financial damage of single-party breach
Cybersecurity researchers that publicize exploit code used in cyberattacks are giving a clear and unequivocal advantage to attackers, new research conducted by Kenna Security and Cyentia Institute has found. “This data-driven research, built over the c… Continue reading When exploit code precedes a patch, attackers gain a massive head start
Traditional employee risk mitigation efforts such as security awareness training and phishing simulations have a limited impact on improving employees’ real-world cybersecurity practices, according to Elevate Security and Cyentia Institute. The report … Continue reading Security awareness training doesn’t solve human risk
Several years ago, risk-based cybersecurity was a largely untested and hotly debated topic. But the tests have since been administered and the debate largely settled: risk-based cybersecurity produces proven results. The data shows that risk-based vuln… Continue reading Risk-based vulnerability management has produced demonstrable results
Third-party risk management (TPRM) professionals increasingly do not trust that security questionnaires provide sufficient information to properly understand and act on their third-party risk, according to RiskRecon and Cyentia Institute. As a result, … Continue reading The current state of third-party risk management