Whitepapers
2023 Annual Identity Exposure Report
With nearly half of our data coming from botnets last year, our annual report of recaptured darknet data features key trends about malware and identity exposure.
Disrupting the Ransomware Market
Malware infections siphon valuable data like fresh credentials and web session cookies, giving bad actors the virtual keys to your enterprise. SpyCloud breaks down malware infections and offers context around the steps criminals take with malware-stolen data, and what can be done to stop this insidious threat.
Post-Infection Remediation Guide
Post-Infection Remediation is SpyCloud’s new, critical addition to malware infection response. This guide goes in-depth on how to stop malware exposures from becoming full-blown ransomware incidents.
2022 Ransomware Defense Report
Our annual report shows a surprising increase in organizations that experienced multiple ransomware attacks, the costly impacts of ineffective countermeasures, and future plans to improve defenses.
Infected User Response Guide
Handy guide to decipher what it means when employee or consumer information appears on a botnet log, and how to contact infected users with an action plan.
Best Practices for Notifying Consumers of a Third-Party Data Breach
When your consumers’ passwords appear in a third-party breach, the language you use to notify them that their passwords must be reset requires careful consideration.
The CISOs Report: Perspectives, Challenges and Plans for 2022 and Beyond
Read key insights from CISOs on the challenges facing organizations, including compromised identities, ransomware attempts, and implementation of Zero Trust Models.
2022 Fortune 1000 Identity Exposure Report
Our annual analysis of data tied to Fortune 1000 companies includes insights on credential exposure, password reuse rates, and the impact of malware-infected employees and consumers.
2022 Report: Identity Exposure of London’s FTSE 100
Our annual analysis of exposed credentials and PII tied to London’s FTSE 100 employees uncovered insights about password reuse and malware-infected devices that put these organisations and the companies that rely on them at risk.
2022 Annual Identity Exposure Report
Our annual reports analyzes the 15.5 billion assets we recaptured from the criminal underground last year, and how enterprises can use this information to protect themselves from ATO, malware, and ransomware, and protect their consumers from online fraud.
Reducing Identity Fraud in Ecommerce
How can merchants best balance the customer experience and fraud prevention? Our report offers a new approach for merchants to differentiate between low- and high-risk customers.
Reducing Identity Fraud While Improving the Digital Customer Experience in Financial Services
FIs must strike a balance between prevention controls and fraud mitigation while ensuring a quality customer experience. Our report delves into a new framework for understanding the risk that each individual consumer presents at key points in their journey.
2021 Ransomware Defense Report
Our report breaks down the frequency of ransomware attacks on organizations of all sizes, insights on ransomware preparedness measures, and details on the criminal economy that’s fueling ransomware right now.
Identity Theft 101
SpyCloud and the Communications Fraud Control Association (CFCA) created this consumer education document to help you understand what identity theft is & how to prevent it.
U.S. Government Credential Exposure Report
The prevalence of password reuse and loose credential security protocols are gifts to cybercriminals that expose the U.S. to significant risks.
Business Email Compromise 101
As stolen credentials have become more accessible on the dark web, so has the ability to compromise legitimate business email accounts to commit fraud.
Passwords are Dead; Long Live Passwords: The Fate of Passwords in the Digital Age
Examining the state of password security today and the challenges facing passwordless solutions, this SpyCloud report offers clear guidance on protecting your user accounts without having to reinvent the wheel.
Telecommunications Industry Credential Exposure: 2021 Special Report
Every industry is vulnerable to cybercrime, but perhaps none more so than Telecommunications. Find out why, see the extent of exposed data, and discover specific ways to shore up your defenses.
MFA Bypass 101
Understand how hackers combine attack methods and stolen credentials to sidestep multi-factor authentication.
Credential Stuffing 101
We tap our expertise in helping organizations recover exposed credentials to help you understand the anatomy of credential stuffing attacks, why they persist, and what you can do to prevent them.
Understanding the SolarWinds Supply Chain Attack
The SolarWinds supply chain compromise will have repercussions for years to come. Using witness testimony from the February 23, 2021 Senate Select Committee on Intelligence hearing, we broke down the timeline of the attack and examined how SpyCloud could have helped at each stage.
2021 Annual Credential Exposure Report
Over the last 12 months, SpyCloud has recovered 1.5 billion credentials from 854 breach sources. Find out the trends our researchers have observed, including exposed .gov credentials and pandemic-themed keywords in users’ passwords.
2021 Report: Breach Exposure of London’s FTSE 100
SpyCloud found over 39 million breach assets tied to FTSE 100 & subsidiary companies on the criminal underground. What else did we discover and how does your industry stack up?
2021 Report: Breach Exposure of the Fortune 1000
Find out what SpyCloud learned by analyzing millions of data breach records and botnet logs tied to employees of Fortune 1000 enterprises.
2021 Remote Workforce Security Report
Learn how your peers are tackling the top threat vectors facing remote workers, including phishing, malware, and account takeover.
Account Takeover 101
You can’t stop ATO until you understand it. Get this plain-English primer on the latest attack methods, bad habits that increase ATO risk, and strategies for prevention.
Credential-Stealing Malware: Remediation Guide for Government Security Teams
Download our guide to learn what swift actions government agencies can take to prevent employees’ and consumers’ data from being siphoned by keylogger malware.
CISO’s Guide to Surviving a Data Breach
Get advice from CISOs who have been through worst-case scenarios: breaches that exposed customer data. Their experience will help you better prepare your own breach prevention and response plans.
SpyCloud Named 2020 Gartner Cool Vendor in Identity Access Management and Fraud Detection
See Gartner’s analysis of the IAM & Fraud Detection market and why SpyCloud received the Cool Vendor recognition.
2020 Report: Breach Exposure of the Fortune 1000
Our extensive 2020 report examines the breach exposure of Fortune 1000 enterprises.
Targeted vs. Automated Account Takeover Attacks
Account takeover can be highly-targeted, sophisticated, and manual, or it can be high-volume and automated. Learn how to protect your enterprise from both types of ATO.
2020 Annual Credential Exposure Report
Our 2020 report shows that password reuse continues to be a serious problem, leaving enterprises and their customers vulnerable to account takeover.
Best Practices for Implementing NIST Password Guidelines
Aligning your enterprise’s password policy with the latest guidelines from NIST can help encourage better password habits and reduce the risk of account takeover.
GDPR & ATO Prevention Solutions
Everything you ever wanted to know about GDPR in (Relatively) plain english, along with information for companies evaluating SpyCloud.
Understanding the Latest NIST Password Guidelines
Over the years, security professionals have learned surprising lessons about how password policies affect user behavior.
Considerations for Choosing an Account Takeover Security Solution
This CSO whitepaper provides a guide to the best practices for evaluating how well each approach works, including a checklist of topics to discuss with each vendor being evaluated.
The 6 Myths About Account Takeover
Download the ebook, 6 Myths about ATO Prevention Strategies to learn which of the most common techniques and technologies help and which provide false hope.
Download Our Report on Account Takeover
Because of widespread password reuse, Account Takeover (ATO) attacks have become an extremely lucrative business for cybercriminals.
