Research
Cyber Awareness: Kickstart your security culture
Trusted insights in an easy-to-share format designed to accelerate CISOs and their team's ability to build a resilient security culture.
Download now
ISF: Your first line of defence in safeguarding your organisation
A resource centre with digital and downloadable resources dedicated to supporting your organisation in its journey to become resilient by design.
Read more
ICS Insights:
Challenging Manufacturers
Has your organisation considered the viable actions to reduce the risks posed if manufacturers are not carefully assessed and managed?
Read more
Threat Horizon 2025: Scenarios for an uncertain future
Examine multiple contextual scenarios to help set strategies, prepare for potential threats and explore opportunities that lie ahead.
Read more
ISF Resources to Establish Confidence In Your Cyber Resilience
Demonstrate that the appropriate measures are being implemented to embed cyber resilience best practice with key ISF resources.
Resource Hub
Threat Intelligence:
React and prepare
Get to the core of what threat intelligence is and demonstrate the value it can provide if effectively managed.
Read more
ICS Insights:
Organic convergence
Has your organisation considered the complexity of environments within its ICS security controls?
Read more
Threat Horizon 2024: The disintegration of trust
Should organisations attempt to rebuild trust, or accept that it has disintegrated and adapt accordingly?
Read more
Cybersecurity Solutions for a Riskier World
A ThoughtLab study providing evidence-based insights into the most effective cybersecurity practices and investments.
Read more
Information Security in Mergers and Acquisitions
This excerpt from the full ISF briefing paper introduces a typical four-step process and helps promote the value of security in M&A activity.
Read more
Managing Cyber Threats During Periods of Instability
Seven Proactive Steps Towards Stabilisation
Read more
Threat Horizon 2022: Digital and physical worlds collide
Threat Horizon 2022 presents nine potential threats across three themes driven by global events and major developments.
Read more
Demystifying Zero Trust
Zero trust continues to cause confusion across industries. Many vendors sell it as an off-the-shelf solution, but in reality, its successful implementation requires organisations to embark on a larger change programme.
Read more
Understanding the ransomware menace
The average cost to recover from a ransomware attack is $1.85 million. No sector is…
Download Now
Securing Containers: Keeping pace with change
Organisational use of Containers has been increasing rapidly, rising from 23% to 92% in a 4-year period.
Read more
Security Architecture: Navigating complexity
Establish common architectural concepts, avoid common pitfalls, and integrate architecture into your information security function.
Read more
Becoming a next-generation CISO
As organisations undergo digital transformation to make themselves more responsive, CISOs are coming under pressure to help these far-reaching changes succeed.
Read more
Securing the IoT: Taming the Connected World
The Internet of Things (IoT) has exploded into the connected world and promises much: from…
Read more
Using Cloud Services Securely: Harnessing Core Controls
Cloud computing has evolved at an incredible speed and, in many organisations, has become entwined with the complex technological landscape that supports critical daily operations.
Read more
Demystifying Artificial Intelligence in Information Security
Whilst AI poses new information risks, it can also be used for good and should become a key part of every organisation’s defensive arsenal.
Read more
Securing Mobile Apps: Embracing mobile, balancing control
The availability of mobile apps and mobile devices presents organisation with a conundrum. On the…
Read more
Industrial Control Systems: Securing the systems that control physical environments
With so many global organisations heavily reliant on Industrial Control Systems (ICS) to support business operations, senior business managers and boards are now encountering growing pressure to improve and maintain the security of their organisations ICS Environments.
Read more
Delivering an Effective Cyber Security Exercise
Performing cyber security exercises can help organisations improve their ability to detect, investigate and respond to cyber attacks in a timely and effective manner.
Read more
Building A Successful SOC: Detect Earlier, Respond Faster
Building a successful Security Operations Centre (SOC) can greatly enhance the ability to detect and disrupt cyber attacks, protecting the business from harm.
Read more
Blockchain and Security: Safety in Numbers
Understanding the potential security risks related to blockchain and how they can be addressed, is vital for any organisation planning to use it as the basis for developing applications.
Read more
Building Tomorrow’s Security Workforce
Business and security leaders today must actively work to build and sustain a robust security workforce, as shortfalls in skills and capability to manage risk can manifest as major security incidents that damage organisational performance, reputation and image.
Read more
Data Privacy in the Cloud: Enabling business agility by managing risk
With cloud-based systems come inherent challenges. These are further complicated as data subject to privacy regulation inevitably moves into the cloud.
Read more