What are the critical issues and trends in your sector this year, and how does your enterprise compare to your peers? These 17 Security 500 Sector Reports provide benchmarking data about budget changes, security leadership responsibilities, reporting structure and more.

Welcome to the 2020 Security 500 report, which includes the 2020 Security 500 rankings and sector reports.

Cybercriminals are taking notice of the seemingly endless vulnerabilities schools face. Take the explosive ransomware attack on the University of Utah from earlier this summer, or the malware attack on the Rialto school district in California, for example. Even with a rapidly increasing attack surface, schools aren’t exactly able to drain their already-limited funding on transforming their IT infrastructure in the midst of a global pandemic. However, it is possible for schools to reduce risk by understanding where they are most vulnerable, taking the time to educate teachers, parents and students, and adopting certain tools and strategies to prevent targeted attacks on remote learning networks.

Last month, in this column, we advanced a discussion of the hermeneutics involved in the interpretations we make daily and of our growing propensity to commit Group Attribution Error.

A couple of months ago, I described in this column how security professionals could unify a divided country. I chose a mask as a symbol of that cohesiveness. But that thin piece of fabric worn around the mouth and nose can also be a gag — a barrier that distances leaders and stifles communication.

In past articles, I have written about behaviors and style characteristics that tend not to be valued by organizations and that have proven often to be the underpinnings of why some security leaders fail in their roles. The counterbalance to that are leadership attributes and behaviors that are essential for success.

It’s the season of ghouls, ghosts and outrageous costumes. But for CISOs and cybersecurity professionals, a bump in the night on Halloween is more likely to be a notification warning them of data breach than a spooky ghostly visitation. In the COVID-19 era, spookiness-as-a-service providers who rent out costumes or sell party products are likely to have a difficult time as lockdowns and home-working play havoc with businesses focused on in-person interaction. Yet for hackers, the dawn of a socially-distanced new normal has opened up vast numbers of attack vectors and given them new opportunities to target businesses or individuals. So what should you be worried about this Halloween? To help you work out the answer to that question, here are some of the scariest cybersecurity stories and trends of 2020: