Cyentia Institute Archives - Help Net Security

Cyentia Institute

Axio and Cyentia Institute join forces to boost data-driven cyber risk quantification for enterprises

August 31, 2023

Axio announced a new joint initiative with Cyentia Institute, a research and data science firm with a mission to advance knowledge in the cybersecurity industry. Together, …

High-risk users may be few, but the threat they pose is huge

February 16, 2023

High-risk users represent approximately 10% of the worker population and are found in every department and function of the organization, according to Elevate Security …

50% of organizations have indirect relationships with 200+ breached fourth-party vendors

February 2, 2023

98 percent of organizations have vendor relationships with at least one third-party that has experienced a breach in the last two years, according to SecurityScorecard and The …

70% of apps contain at least one security flaw after 5 years in production

January 13, 2023

Veracode revealed data that could save organizations time and money by helping developers minimize the introduction and accumulation of security flaws in their software. Their …

Only 10% of vulnerabilities are remediated each month

June 14, 2022

A research from SecurityScorecard and The Cyentia Institute revealed only 60% of organizations have improved their security posture despite a 15-fold increase in cyber-attacks …

A multi-party data breach creates 26x the financial damage of single-party breach

September 27, 2021

Cyentia Institute and RiskRecon released a research that quantifies how a multi-party data breach impacts many organizations in today’s interconnected digital world. The study …

When exploit code precedes a patch, attackers gain a massive head start

May 14, 2021

Cybersecurity researchers that publicize exploit code used in cyberattacks are giving a clear and unequivocal advantage to attackers, new research conducted by Kenna Security …

Security awareness training doesn’t solve human risk

May 12, 2021

Traditional employee risk mitigation efforts such as security awareness training and phishing simulations have a limited impact on improving employees’ real-world …

Risk-based vulnerability management has produced demonstrable results

May 3, 2021

Several years ago, risk-based cybersecurity was a largely untested and hotly debated topic. But the tests have since been administered and the debate largely settled: …

The current state of third-party risk management

November 27, 2020

Third-party risk management (TPRM) professionals increasingly do not trust that security questionnaires provide sufficient information to properly understand and act on their …

The effectiveness of vulnerability disclosure and exploit development

November 19, 2020

New research into what happens after a new software vulnerability is discovered provides an unprecedented window into the outcomes and effectiveness of responsible …

Companies continue to expose unsafe network services to the internet

September 2, 2020

33% of companies within the digital supply chain expose common network services such as data storage, remote access and network administration to the internet, according to …