ETFOptimize | High-performance ETF-based Investment Strategies

Quantitative strategies, Wall Street-caliber research, and insightful market analysis since 1998.
ETFOptimize | HOME
Close Window
Recent Quotes
My Watchlist
Indicators
Markets
Stocks
ETFs
Tools
Markets:
Overview
News
Currencies
International
Treasuries

From Risk to Resilience: New Cyber Resilience Playbook Distills 26+ Reports into One Actionable Guide for Lean Security Teams

By: via Business Wire

LastPass and Dr. Chase Cunningham empower growing businesses to prioritize cybersecurity with a practical, research-backed roadmap

Today, LastPass announced the release of the Cyber Resilience Playbook: From Cyber Risk to Resilience in 2025, a strategic guide designed to help emerging and mid-sized businesses strengthen their cybersecurity posture. Authored by renowned cybersecurity expert Dr. Chase Cunningham (“Dr. Zero Trust”) and commissioned by LastPass, the playbook is based on insights from over two dozen leading industry reports and offers a clear, actionable framework tailored for organizations with limited resources and lean security teams. In an era defined by artificial intelligence (AI) and automation, cybercriminals are scaling attacks with unprecedented ease—making it critical for smaller companies to proactively harden their defenses and move beyond outdated notions of ‘security by obscurity.’

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251016364471/en/

LastPass and Dr. Chase Cunningham unveil the Cyber Resilience Playbook — a practical guide for growing businesses, distilled from 26+ expert reports.

LastPass and Dr. Chase Cunningham unveil the Cyber Resilience Playbook — a practical guide for growing businesses, distilled from 26+ expert reports.

“Smaller businesses are waking up to the reality that they’re caught in the crosshairs of the dangerous digital landscape, whether they want to be or not,” said Dr. Chase Cunningham. “As enterprises become harder to breach, hackers are using AI to scale their efforts and go after easier wins. The tactics haven’t changed; just the targets.”

What’s inside the cyber resilience playbook

To help small and mid-sized businesses take action, the playbook includes:

  • Key insights across major security studies in 2024–25 to identify trends and threat patterns
  • A practical maturity model to assess current security posture and next steps
  • A resilience scoring system to gauge preparedness
  • A tailored action plan designed specifically for companies with lean teams and limited resources

“As attacks become increasingly widespread, smaller businesses need to center on cyber resilience strategies all the more,” said Alex Cox, Director, Threat Intelligence, Mitigation, Escalation (TIME) team at LastPass. “Poor password practices remain the easiest entry point for attackers to sidestep traditional malware defenses and move through networks undetected. The findings from Dr. Zero Trust further underscore the importance of password management and its measurable ability to reduce breach likelihood and promote business continuity.”

Cyber threats every growing business should know about

By understanding the growing or small business threat landscape, these organizations can identify their highest-risk areas and prioritize their cybersecurity investments effectively. Research from the Cyber Resilience Playbook shows that emerging to mid-size businesses increasingly face threats such as:

  • Rampant ransomware attacks: When broken down by company size, ransomware was present in 88% of breaches affecting emerging and mid-sized companies, compared to just 39% of breaches in large enterprises, according to Verizon.
  • Credential theft and “malware-free” attacks: As technology becomes more advanced, threat actors have stood firm in stealing or abusing credentials, making traditional malware unnecessary as a primary attack vector. In fact, CrowdStrike found that 79% of the intrusions it detected in 2024 were “malware-free,” meaning attackers were accessing networks with readily available credentials.
  • Social engineering surges: Verizon’s 2025 Data Breach Investigations Report highlights that humans also remain a favored entry point for many attackers, with social engineering accounting for about 60% of breaches. Specific scams, such as business email compromises (BEC) and pretexting — where attackers impersonate trusted parties — appear to hit small companies with weaker defenses harder than large enterprises.

Other attack methods, including exploitation of vulnerabilities, shadow application issues, and third-party supply chain risks further emphasize that emerging and mid-sized companies need to defend against a range of high-impact threats.

This new research underscores the urgency for smaller businesses to prioritize cyber hygiene as a core business function. By equipping themselves with the right knowledge and tools, companies can shift from being easy targets to building a foundation of resilience and trust with their customers and stakeholders.

  • To download the full Cyber Resilience Playbook and access additional materials including a fireside chat with Dr. Chase Cunningham and Alex Cox, click here.
  • Register here for the pair’s second webinar on October 30.

About LastPass

LastPass is a leading identity and password manager, making it easier to log in to life and work. Trusted by 100,000 businesses and millions of users, LastPass combines advanced security with effortless access for individuals, families, small business owners, and enterprise professionals. With LastPass, important credentials are protected and private – and always within reach. Learn more via www.lastpass.com and follow us on LinkedIn, X, Instagram, and Facebook.

Who should use the Cyber Resilience Playbook?

This playbook is designed for:

  • Small and mid-sized businesses (SMBs)
  • Lean IT and security teams
  • Business leaders seeking to prioritize cybersecurity
  • Organizations with limited budgets and minimal incident response capabilities

How does the playbook help improve cyber resilience?

The playbook helps businesses:

  • Assess their current security maturity
  • Score their resilience using a structured index
  • Identify gaps in credential management and threat response
  • Implement best practices for password hygiene, MFA, and zero trust

What is the Cyber Resilience Index?

The Cyber Resilience Index is a scoring system included in the playbook that allows businesses to:

  • Benchmark their cybersecurity readiness
  • Track progress over time
  • Prioritize investments based on risk exposure

How can small businesses improve cybersecurity in 2025?

  • Build a cybersecurity checklist that includes Identity and Access Management (IAM), vulnerability management, and strong backup and recovery strategies to guide resilience efforts.
  • Implement enhanced security training to reduce human error and raise awareness across the organization.
  • Develop incident response planning to ensure quick, coordinated action during a breach.
  • Adopt a password manager, such as LastPass, to seamlessly secure company credentials.
  • All of these measures support security posture improvement without a big budget, making them ideal for small and mid-sized businesses.

What does zero trust mean for mid-sized companies?

  • Zero trust architecture is built on the principle of “never trust, always verify.”
  • Requires continuous identity verification and strict access controls for every request.
  • Applies to all users and devices—even those inside the network perimeter.
  • Becomes essential in cloud-based and hybrid environments where traditional boundaries no longer apply.
  • Supports security posture improvement without a big budget by reducing reliance on perimeter-based defenses.

Why should businesses use a password manager?

  • A password manager with multi-factor authentication (MFA) helps prevent credential theft.
  • Detects exposed credentials on the dark web and reduces breach risk by up to 60% (IBM).
  • Enables secure creation, storage, and management of passwords in a trusted platform.
  • Platforms such as LastPass leverage zero-knowledge encryption strategies to ensure credentials are only decrypted on the user’s device.
  • Supports zero trust architecture by enforcing strong identity controls.
  • Plays a key role in any cybersecurity checklist aimed at reducing credential-related incidents.

How can I assess my company’s cybersecurity maturity?

Use the maturity model and resilience scoring index included in the playbook to:

  • Evaluate your current security posture
  • Identify areas for improvement
  • Build a roadmap toward stronger cyber resilience

In an era defined by AI and automation, cybercriminals are scaling attacks with unprecedented ease—making it critical for smaller companies to proactively harden their defenses and move beyond outdated notions of ‘security by obscurity.’

Contacts

Recent Quotes

View More
Symbol Price Change (%)
AMZN  250.20
+0.88 (0.35%)
AAPL  270.14
+0.10 (0.04%)
AMD  256.33
+6.28 (2.51%)
BAC  52.45
-1.09 (-2.04%)
GOOG  284.75
+6.69 (2.41%)
META  635.95
+8.63 (1.38%)
MSFT  507.16
-7.17 (-1.39%)
NVDA  195.21
-3.48 (-1.75%)
ORCL  250.31
+2.14 (0.86%)
TSLA  462.07
+17.81 (4.01%)
Stock Quote API & Stock News API supplied by www.cloudquote.io
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the Privacy Policy and Terms Of Service.
© 2025 FinancialContent. All rights reserved.


 
IntelligentValue Home
Close Window

DISCLAIMER

All content herein is issued solely for informational purposes and is not to be construed as an offer to sell or the solicitation of an offer to buy, nor should it be interpreted as a recommendation to buy, hold or sell (short or otherwise) any security.  All opinions, analyses, and information included herein are based on sources believed to be reliable, but no representation or warranty of any kind, expressed or implied, is made including but not limited to any representation or warranty concerning accuracy, completeness, correctness, timeliness or appropriateness. We undertake no obligation to update such opinions, analysis or information. You should independently verify all information contained on this website. Some information is based on analysis of past performance or hypothetical performance results, which have inherent limitations. We make no representation that any particular equity or strategy will or is likely to achieve profits or losses similar to those shown. Shareholders, employees, writers, contractors, and affiliates associated with ETFOptimize.com may have ownership positions in the securities that are mentioned. If you are not sure if ETFs, algorithmic investing, or a particular investment is right for you, you are urged to consult with a Registered Investment Advisor (RIA). Neither this website nor anyone associated with producing its content are Registered Investment Advisors, and no attempt is made herein to substitute for personalized, professional investment advice. Neither ETFOptimize.com, Global Alpha Investments, Inc., nor its employees, service providers, associates, or affiliates are responsible for any investment losses you may incur as a result of using the information provided herein. Remember that past investment returns may not be indicative of future returns.

Copyright © 1998-2017 ETFOptimize.com, a publication of Optimized Investments, Inc. All rights reserved.