2023 Highlights! A Year in Review

Analysis | December 22, 2023

As we approach the new year, let’s take a look back at the past twelve months here at the Cyentia Institute. In 2023, we explored, discovered, and maybe even encountered a few challenges in the cybersecurity space. We remained dedicated to shedding light on the complex field of information security. Join us for our Year in Review, highlighting our efforts to unravel the complexities of cyber threats. From informative publications to interactive webinars and engaging blogs, let’s celebrate the achievements that have shaped our mission to bring clarity to the cybersecurity landscape.

Most Viewed Presentations

A look back at our top content; get in on the discussions below!

We Spilled the Tea on Threat Events

In a world where data is the new gold, safeguarding against cybersecurity threats has become paramount for organizations of all sizes. Yet, despite the growing awareness of cyber risks, a significant challenge remains – the lack of concrete, data-driven insights into threat events. Traditional threat event analysis often relies on anecdotes and conjecture, leaving cybersecurity professionals grappling with uncertainties. However, there’s a beacon of clarity on the horizon. The Cyentia Institute, known for its exceptional work in cybersecurity research, is proud to introduce a huge leap forward in cyber risk assessment – IRIS Risk Retina® Threat Event Analysis.

A Decade of Data-Driven Insights
Imagine having access to a comprehensive dataset spanning a decade, providing invaluable insights into the frequency and impact of common threat scenarios, actors, and techniques. That’s precisely what IRIS Risk Retina® Threat Event Analysis brings to the table. In collaboration with Advisen, a trusted leader in cyber loss data, Cyentia Institute delves into historical threat events to offer a meticulous and data-driven view of cybersecurity incidents.

Demystifying Cybersecurity
“Our goal is to offer a clearer, more data-driven perspective to support cyber risk assessments,” says the Cyentia Institute. “We recognize that threat event analysis is frequently obscured by hyperbole. With IRIS Risk Retina® Threat Event Analysis, we aim to demystify this critical aspect of cybersecurity.”

A Powerful Partnership
To ensure utmost accuracy and comprehensiveness, Cyentia Institute leverages Advisen’s Cyber Loss Data. This dataset comprises a staggering 150,000 historical cyber events collected from publicly verifiable sources, making it the most comprehensive incident dataset available. Cyentia Institute complements this data with supplemental research, cutting-edge data science techniques, and cybersecurity expertise, resulting in extensive analysis presented in Risk Retina.

Illuminating Insights
IRIS Risk Retina® Threat Event Analysis offers a detailed exploration of incident patterns, threat actors, financial impacts, actor trends across sectors and sizes, threat actor varieties, threat actions (including ATT&CK TTPs), VERIS Action Categories, ATT&CK Tactics & Techniques, top initial access techniques, post-compromise techniques, data exfiltration and impact techniques, compromised assets and attributes, and much more.

Structured for Comprehensive Understanding
Structured around the “4 A’s” of the VERIS threat model—actors, actions, assets, and attributes—this analysis translates the narrative of “who did what to what (or whom) with what result?” into a format suitable for comprehensive sharing and analysis. ATT&CK is used to provide an in-depth view of common adversary techniques, going beyond VERIS threat action categories.

Empowering Organizations
With IRIS Risk Retina® Threat Event Analysis, the Cyentia Institute is not just raising the bar; it’s transforming the landscape of cyber risk assessment. Organizations now have the power to make informed decisions, fortify their defenses effectively, and navigate the complex world of cybersecurity risks with confidence.

In a world where cybersecurity is a top priority, data-driven insights are invaluable. The launch of IRIS Risk Retina® Threat Event Analysis marks a significant milestone, emphasizing the importance of data-driven analysis in managing today’s cybersecurity landscape. Cyentia Institute’s dedication to clarity and accuracy is shaping the future of cyber risk assessment, making the digital world safer for us all.

For further information, a sneak peak inside the report, and to access IRIS Risk Retina® Threat Event Analysis, visit here.

2023 Blogs

As we publish reports throughout the year, our blog continuously expands!

March 22, 2024

Championing Cybersecurity Progress: How You Can Contribute

Exploitation activity observed for a single CVE, Red represents more daily activity.

0 Comments

March 15, 2024

Call for Sponsors: Inaugural Exploit Prediction Annual Report

Call for Sponsors: Inaugural Exploit Prediction Annual Report Cyentia Institute and the Forum of Incident Response and Security Teams (FIRST) are seeking multiple sponsors to support anlaysis into the…

0 Comments

March 7, 2024

Addressing Cybersecurity's Top Challenges & Providing Unique Advantages

At the Cyentia Institute we get to see firsthand the challenges of how complex and risky our digital world has become, especially when it comes to cybersecurity. Each day presents companies with a slew…

Key Findings

A selection of some of the top key findings from this year’s publications

1 2 3 4 5 6 7 8 9 10 11 12 13 14

New Reports

Below is a selection of our 2023 published content

High Risk Users & Where to Find Them

Partner: Elevate

High-risk users are the top quartile of users in an organization who have had at least one instance of risky behavior, or event.

So where do high-risk users hide? The answer to this question seems to be “everywhere.” However, it’s a little more nuanced than that.

Elevate Higk Risk Users and Where to Find Them

This latest Cyentia Institute Report, in partnership with Elevate Security, analyzed nearly eight years’ worth of data—from June 2014 to July 2022, and answers the questions: What makes workers high risk? What are their riskiest behaviors? And More!

Security Outcomes Report, Vol 3

Partner: Cisco

What is security resilience and why is it so important? We answer these questions & more in our latest report with Cisco Secure. We took a deep dive into seven critical success factors that boost security resilience according to more than 4,700 IT and security pros across the globe so you can learn how to be more resilient.

Close Encounters of the 3rd & 4th Party Kind

Partner: SecurityScorecard

SecurityScorecard and the Cyentia Institute teamed up to analyze data from SecurityScorecard’s Automatic Vendor Detection on over 230,000 organizations for clues about the underlying conditions that exacerbate third and fourth-party risk. By measuring the extent of digital supply chains and investigating the prevalence of security incidents among third and fourth-party vendors, this report takes a look at how the effects of exposure yield insights on how to better manage risk.

SSC AVD Close Encounters of the Thrird and Fourth Party Kind_Page_01

Navigating the Paths of Risk:

The State of Exposure Management in 2023

Partner: XM Cyber

Looking to improve your organization’s security posture and protect your critical assets from cyber threats? Then XM Cyber’s annual research report, Navigating The Paths of Risk: The State of Exposure Management in 2023, is a must-read! In collaboration with research firm Cyentia Institute, we have uncovered key insights and statistics collected from tens of thousands of attack path assessments.

Prioritization to Prediction, Vol. 9:

Role of the known exploited vulnerability catalog in risk-based vulnerability management

Partner: Cisco

The latest installment in the P2P research series delves into the intricacies of the “Cybersecurity and Infrastructure Security Agency’s Binding Operational Directive 22-01,” the KEV (Known Exploited Vulnerabilities).

The KEV has emerged as a pivotal source of information on vulnerabilities and attacker activities. Serving as a cornerstone for cybersecurity strategies, the KEV compels attention due to its direct influence on risk reduction. The Cyentia Institute and Cisco’s collaborative effort delivers a comprehensive exploration of the KEV, unraveling its significance and contextualizing it within the broader landscape of cybersecurity data.

The Evolving CVE Landscape

Partner: F5

In this new report with F5 we take a step back from the release cycle of the latest vulnerabilities and examine the wider universe of vulnerabilities and how it’s changed in the last 20 years.

Balancing Third-Party Risk: How good is the company you keep?

Partner: Risk Recon

In the world of cybersecurity, organizations often rely on assumptions when it comes to evaluating the security practices of their vendors. But what does the actual cybersecurity standing look like between businesses and their vendors? In a groundbreaking study conducted by RiskRecon and Cyentia Institute, security assessments across more than 50,000 B2B relationships were examined, shedding light on the truth.

MultiSource Analysis of the Top MITRE ATT&CK Techniques

Partner: Tidal Cyber

How do adversaries attack, and which defenses should we prioritize?

This report acknowledges the growing availability of data on MITRE ATT&CK techniques in the cybersecurity industry. However, it highlights the challenge of achieving consensus among these sources due to variations in visibility, metrics, and reporting methods.

To address this issue, the study comprehensively analyzes data from 22 public sources to identify common trends. The ultimate aim is to empower organizations in building more threat-informed and effective cybersecurity defenses. MultiSource Analysis of the Top MITRE ATT&CK Techniques is an essential resource for anyone in the cybersecurity field looking to enhance their understanding of prevalent attack techniques and improve their security strategies.

Ripples Across the ATT&CK Surface

Partner: RiskRecon

Sometimes small events can have far-reaching consequences, such as when one organization’s security incident affects third parties and the broader supply chain. We call these effects “ripple events” and have been studying them for years.

Our latest collaborative study with RiskRecon analyzes nearly 900 historical ripple events to identify the top MITRE ATT&CK techniques used. We seek to understand how these ripples occur and propagate, so your organization doesn’t get swept up in their wake.

Risk to the Nth Party Degree

Parsing the Tangled Web

The business of business is relationships” – Robin Sharma

In the intricate dance of modern business, the web of relationships extends far beyond the immediate connections we commonly consider in vendor risk management.As we explored in our previous RiskRecon Relationships Report, the complexity of your business relies not just on your third-party partners but extends to the elusive nth parties, creating a tangled web of dependencies and risks.

In this collaborative report between Cyentia and RiskRecon, we embark on a journey to unravel the implications of this complexity and understand how risks can propagate through the intricate network of interconnectedness.

Want Even More?

Check out the Cyentia Library!

By Carolyn Gimarelli

We often stress the importance of maintaining a clear focus in cybersecurity. Amidst the plethora of research reports, discerning the valuable from the inconspicuous can prove to be quite a challenge. Enter the Cyentia Research Library, a focused beacon illuminating the path for security professionals and researchers.

What Awaits in the Library?
At Cyentia, we’ve meticulously curated a repository of publicly available, data-driven research reports from the security industry. This collection stands as a critical resource, offering links to the original reports while refraining from overwhelming reproductions. Leveraging our data science tools, we extract essential information, providing a clear view of these reports.

Why Choose Cyentia Library?
Finding practitioner-focused research can be like to searching for a needle in a haystack. While academic sources offer tools for comprehensive literature reviews, a dedicated source for reports from security vendors and research firms has been a missing piece. The Cyentia Library steps in to fill this void, enhancing accessibility and utility for the community.

Our Growth and Impact
Since our inception, we’ve broadened our collection from an initial 275 reports to over 900 sources with multiple reports. Each report undergoes meticulous summarization and categorization, aiding visitors in discovering documents that align with their specific interests. Positive feedback, fuels our dedication to the cybersecurity community.

What Lies Ahead?
The Cyentia Library is not merely a static repository. Our future endeavors include the introduction of notification services for new reports, coupled with a combination of automated and manual summaries. While comprehensive summaries may evolve into subscription products, our index of research reports will perpetually remain accessible to all.

Stay Connected: Subscribe and Explore
Eager to delve deeper? Stay abreast of the latest by subscribing to our newsletter, offering periodic digests of new research. Alternatively, remain in the loop through our Library RSS feed. Your contributions and suggestions for missing reports are invaluable, ensuring the continual enrichment of the Cyentia Library.

Embark on a journey of clarity in the cyber landscape with the Cyentia Research Library. Your trusted resource for staying informed, empowered, and ahead in the dynamic realm of cybersecurity. Begin your exploration now and unlock the doors to a wealth of knowledge!