Skip to content

Annual Security Reports

Awesome Annual Security Reports Awesome

A curated list of annual cyber security reports - Centralized annual cybersecurity analysis and industry surveys

Definition: The cybersecurity landscape is constantly evolving, making it hard for CIOs, CISOs, and security leaders to keep up. They're flooded with annual reports from research consultancies, industry working groups, non-profits, and government agencies, and sifting through marketing material to find actionable insights is a major challenge. This list aims to cut through the noise by providing a vendor-neutral resource for the latest security trends, tools, and partnerships. It curates information from trusted sources, making it easier for security leaders to make informed decisions.

Limitations: This is not a repository for project-specific documents such as white papers, intelligence reports, technical specifications, or standards. While all user-submitted uploads or report requests are welcome, we should draw a box around this awesome list.

Accessibility When possible, all reports will be sourced from their original authors and uploaded to Hybrid Analysis via GitHub action to provide an added level of confidence. The resulting analysis link will be included in the PDF commit notes. Additionally, all PDF reports will be converted to Markdown using AI, based on the AI Prompts defined in this repository.

Acknowledgement: I would like to give recognition for other works that inspired this collection. Richard Stiennon produces an annual, comprehensive industry analysis that surpasses the scope of this list and deserves attention. Additionally, Rick Howard's cyber cannon list of must-read books is an invaluable resource, catering to both leadership and practitioner levels within the field.

Annual Report Counts:

GitHub repo file or directory count (in path) GitHub repo file or directory count (in path) GitHub repo file or directory count (in path) GitHub repo file or directory count (in path) GitHub repo file or directory count (in path) GitHub repo file or directory count (in path)

Overview

Reports are organized into two main categories based on their data sources: - Analysis: Generated through quantification and qualification of data from sensor networks or cybersecurity services. - Survey: Derived from surveys, interviews, or consulting engagements that capture industry sentiment and practices.

The most recent versions of reports are listed below. Older editions are preserved in their corresponding yearly directories. Reports from sources that have not been updated in the last three years will no longer appear in this README.md but will remain accessible in the respective year's directory.

Reports are organized by their primary focus. Although many reports span multiple topics, this classification provides a clearer structure. Within each topic, reports are listed alphabetically.

Analysis Reports

Threat Intelligence

  • ArticWolfLabs - Cybersecurity Predictions (2025) - Analyzes evolving threat landscapes and predicts key cybersecurity challenges for 2025. The report highlights the increasing sophistication of social engineering attacks, emphasizing the critical need for robust multi-factor authentication (MFA) implementations and vigilance against evolving tactics, techniques, and procedures (TTPs).
  • Australian Signals Directorate - Cyber Threat Report (2024) - Analyzes the Australian cyber threat landscape for 2023-2024, focusing on state actors, critical infrastructure attacks, cybercrime, hacktivism, and national resilience efforts. Key findings highlight a significant increase in ransomware attacks targeting critical infrastructure and a concerning rise in hacktivism motivated by geopolitical events.
  • BD - Product Security Annual Report (2023) - Analyzes the cybersecurity posture of BD's medical device ecosystem and its products. Key findings highlight the importance of collaborative vulnerability disclosure and the implementation of strong cybersecurity controls throughout the product lifecycle to mitigate risks within the healthcare sector.
  • Blackpoint - Annual Threat Report (2024) - Analyzes the 2023 cyberthreat landscape and emerging trends. Key findings highlight a concerning rise in exploitation of vulnerabilities like Citrix Bleed, alongside shifts in threat actor tactics and industry-specific vulnerabilities.
  • CheckPoint - Cybersecurity Report (2025) - Analyzes global cybersecurity events and trends in 2024, offering predictions and recommendations for CISOs in 2025. Key findings highlight the impact of AI and cloud advancements on cybercrime, emphasizing the need for proactive security measures and adaptive strategies.
  • Cisco - Cyber Threats Trends Report (2025) - Analyzes current cyber threat trends, focusing on information stealers, Trojans, ransomware, RATs, and APTs. Key findings reveal a significant increase in the sophistication and volume of attacks, particularly concerning the use of information stealers and the continued evolution of ransomware techniques.
  • CrowdStrike - Threat Hunting Report (2024) - Analyzes 2024 intrusion trends, focusing on adversary tactics and sectoral targeting. Key findings reveal a significant rise in cloud-based attacks leveraging cloud management agents, alongside a concerning increase in sophisticated insider threats targeting numerous U.S. companies.
  • CrowdStrike - Global Threat Report (2025) - Analyzes global threat trends and key adversary tactics for 2025. Significant findings include the increasing use of generative AI by adversaries, the persistent threat of social engineering, and the growing sophistication of cloud-based attacks targeting SaaS platforms.
  • DarkTrace - Annual Threat Report (2024) - Analyzes the 2024 threat landscape, focusing on ransomware, email threats, and state-sponsored espionage. Key findings reveal the persistence of ransomware attacks, the increasing sophistication of LOTL techniques, and a notable rise in threats targeting operational technology and critical infrastructure sectors.
  • DeepInstinct - Threat Landscape Report (2025) - Analyzes global malware trends and ransomware attacks in 2024, offering predictions for 2025. Key findings highlight a continued rise in ransomware attacks targeting specific sectors, coupled with the evolving tactics of ransomware groups and the impact of sanctions and disclosures on their operations.
  • DeepWatch - Annual Threat Report (2024) - Analyzes 2023 adversary tactics and intelligence, focusing on observed trends and key threat actors. Key findings highlight the continued dominance of account compromise and ransomware incidents, alongside the persistent exploitation of critical vulnerabilities in internet-facing systems.
  • Department of Homeland Security - Threat Assessment (2025) - Analyzes homeland security threats in 2025, focusing on terrorism, transnational crime, and threats to critical infrastructure. Key concerns include the evolving tactics of nation-state actors, the persistent threat of cyberattacks targeting critical infrastructure, and the increasing challenges posed by transnational criminal organizations.
  • DNSFilter - Annual Security Report (2025) - Analyzes 2024 cybersecurity trends, focusing on data breaches and their impact across various regions. Key findings reveal a significant increase in threats related to natural disasters and election-related attacks, coupled with an uneven adoption of security measures among Managed Service Providers (MSPs).
  • Dragos - OT Cybersecurity Report A Year in Review (2025) - Analyzes the 2025 OT/ICS cybersecurity landscape, focusing on adversary tactics and defender progress. Key findings reveal a rise in OT-centric cyber operations fueled by geopolitical tensions, particularly the Ukraine-Russia conflict, and the increasing activity of threat groups like KAMACITE and ELECTRUM.
  • ENISA - Threat Landscape Report (2024) - Analyzes the 2024 threat landscape, focusing on evolving trends in cyberattacks and vulnerabilities. Key findings highlight the persistent threat of ransomware, the increasing sophistication of social engineering tactics, and a concerning rise in data breaches targeting critical infrastructure.
  • Ensign - Cyber Threat Landscape Report (2024) - Analyzes cybersecurity threat trends across the Asia-Pacific region in 2023. Key findings highlight the evolution of ransomware extortion tactics and the increasing sophistication of hacktivist groups, alongside a notable rise in attacks targeting digital infrastructure.
  • Expel - Annual Threat Report (2025) - Analyzes cybersecurity trends from 2024, focusing on cloud security, phishing, and other threats. Key findings reveal diverse threat actor tactics across various industries, highlighting the need for proactive detection and preventative measures.
  • FBI - Internet Crime Report (2024) - Analyzes 2024 cybercrime trends and complaint data reported to the Internet Crime Complaint Center (IC3). Key findings reveal a significant increase in cyber-enabled fraud complaints across various age groups, with notable regional disparities in reported incidents.
  • Flashpoint - Global Threat Intelligence Report (2025) - Analyzes the 2025 global cyber threat landscape, focusing on data breaches and information-stealing malware. Key findings reveal significant trends in unauthorized access methods and the evolving tactics used by threat actors, impacting various sectors and requiring updated security strategies.
  • Fortinet - Global Threat Report (2025) - Analyzes the evolving global threat landscape and attacker tactics. Key findings reveal a surge in cyber reconnaissance activity driven by automated scanning and a significant shift in attacker focus towards cloud environments and post-exploitation techniques.
  • Huntress - Threat Report (2025) - Analyzes the 2024 cyber threat landscape, focusing on ransomware attacks and their impact across various sectors. Key findings reveal a concerning increase in ransomware attacks targeting healthcare and technology sectors, with a notable rise in the use of Remote Monitoring and Management (RMM) tools for lateral movement.
  • IBM - X Force Threat Intelligence Index (2025) - Analyzes emerging cybersecurity threats and trends for 2025. Key findings highlight the increasing use of AI in attacks, the persistence of info-stealers, and the significant role of phishing and cloud-based infrastructure in successful compromises.
  • Kela - AI Threat Report (2025) - Analyzes the weaponization of AI by cybercriminals, focusing on emerging threats and attack vectors. Key findings reveal a 200% increase in mentions of malicious AI in 2024, highlighting the rapid growth of dark AI tools and their use in automated phishing, vulnerability research, and malware development.
  • Mandiant - M Trends (2025) - Analyzes global cybersecurity threats and trends in 2025. Key findings include insights into ransomware attacks, cloud compromises, and the evolving tactics of various nation-state actors.
  • Microsoft - Digital Defense Report (2024) - Analyzes the evolving cybersecurity threat landscape and key developments in threat actor motivations and tactics. Significant findings include the blurring lines between nation-state actors and cybercriminals, along with quantifiable data on nation-state threat activity.
  • Mimecast - Global Threat Intelligence Report H2 (2024) - Outlines a method for converting technical PDFs into Markdown. The key focus is on complete fidelity, preserving all content, structure, and formatting, including a functional Table of Contents and descriptions of images rather than embedding them.
  • National Cyber Security Centre - Cyber Threat Report (2024) - Analyzes New Zealand's cyber threat landscape for 2023-2024, focusing on state actors, critical infrastructure attacks, cybercrime, hacktivism, and national resilience efforts. Key findings highlight a notable increase in ransomware attacks targeting critical infrastructure and a growing sophistication of state-sponsored cyber operations.
  • NCC Group - Threat Monitor Report (2024) - Provides an analysis of current cyber threats, offering insights into attack trends, vulnerabilities, and strategies for improving organizational cybersecurity.
  • Office of the Director of National Intelligence - Annual Threat Assessment (2025) - This assessment analyzes the evolving threat landscape to U.S. national security posed by state and non-state actors. Key concerns include the increasing cooperation between adversarial states and the persistent threat from transnational criminal organizations, particularly in the illicit drug trade and extremist activities.
  • OrangeCyberDefense - Security Navigator (2025) - Analyzes the evolving cybersecurity threat landscape and proactive mitigation strategies. Key findings reveal a rise in cyber extortion, AI-driven attacks, and threats to operational and mobile networks, necessitating innovative defensive adaptations.
  • Picus - RedReport (2025) - Analyzes the ten most prevalent MITRE ATT&CK® techniques used by threat actors. Key findings reveal a high prevalence of techniques related to process injection, command execution, and credential harvesting, highlighting the persistent reliance on established attack vectors.
  • Rapid7 - Attack Intelligence Report (2024) - Analyzes vulnerability exploitation trends and ransomware attack vectors in 2023. Key findings reveal a rise in pre-patch exploitation and the continued prevalence of file transfer protocol vulnerabilities as initial access vectors for ransomware.
  • RecordedFuture - Cyber Threat Analysis Report (2024) - Analyzes the impact of SaaS application proliferation on cyberattacks in 2024. Key findings reveal the significant role of stolen credentials and MFA failures in data breaches, alongside the increased use of generative AI in influence operations and a rise in ransomware variants.
  • RedCanary - Threat Detection Report (2025) - Analyzes emerging threat detection trends in 2025, focusing on ransomware, initial access vectors, and identity-based attacks. Key findings reveal a significant increase in API abuse within cloud environments and the growing sophistication of AI-powered adversary emulation techniques.
  • ReliaQuest - Annual Threat Report (2025) - Analyzes 2024 cyber-threat trends, focusing on initial access tactics and their effectiveness. Key findings reveal inadequate logging as the root cause of most breaches, with session hijacking bypassing multi-factor authentication in all successful business email compromise incidents.
  • Secureworks - State of the Threat (2024) - Analyzes global cybercrime trends and threat actor activities throughout the year. Key findings reveal persistent cybercrime growth despite law enforcement efforts, coupled with significant increases in hacktivism and state-sponsored attacks.
  • SonicWall - Cyber Threat Report (2025) - Analyzes the evolving landscape of cyber threats in 2024, focusing on the rise of ransomware, BEC attacks, and the impact of AI-powered tools. Key findings highlight a significant increase in ransomware and BEC attacks, coupled with the concerning ease with which threat actors can leverage AI and readily available tools to launch sophisticated campaigns.
  • Sophos - Threat Report (2024) - Analyzes the evolving landscape of cybercrime, focusing on its impact on small and medium-sized businesses. Key findings reveal ransomware as a persistent major threat, exacerbated by the rise of cybercrime-as-a-service and the increasing sophistication of social engineering tactics.
  • Trellix - Advanced Threat Research Report (2024) - Analyzes global cyber threats and nation-state activity in June 2024. Key findings reveal a rise in APT group activity targeting specific regions, utilizing both malicious and non-malicious tools, with a notable focus on Volt Typhoon.
  • TrendMicro - Annual Cybersecurity Threat Report (2023) - Analyzes advanced persistent threat (APT) campaigns and ransomware threats observed throughout 2023. Key findings highlight APT28's persistent use of NTLMv2 hash relay attacks and a subsequent shift to credential phishing campaigns following the patching of CVE-2023-23397, demonstrating adaptability in their tactics.
  • Trustwave - Education Sector Threat Landscape (2024) - Analyzes the evolving threat landscape in the education sector in 2024. Key findings highlight the increasing reliance on online learning, a surge in ransomware attacks targeting educational institutions, and the significant risk posed by third-party vendors.
  • Trustwave - Professional Services Sector Threat Landscape (2024) - Analyzes the 2024 threat landscape for professional services firms. Key findings reveal a significant increase in ransomware attacks leveraging supply chain vulnerabilities and phishing campaigns, emphasizing the need for enhanced security awareness training and robust incident response planning.
  • Trustwave - Public Sector Threat Landscape (2024) - Analyzes the 2024 public sector threat landscape, focusing on emerging trends and attack vectors. Key findings highlight the increasing convergence of IT and OT systems in critical infrastructure, along with a persistent reliance on easily exploitable methods like phishing and vulnerable supply chains.
  • Trustwave - Technology Sector Threat Landscape (2024) - Analyzes the 2024 technology threat landscape, focusing on emerging trends and attack vectors. Key findings highlight the persistent threat of ransomware, the increasing exploitation of third-party supplier vulnerabilities, and a concerning prioritization of speed over security in software development.
  • United States Department of Defense - OSINT Strategy 2024–2028 (2024) - Outlines the Department of Defense's approach to open-source intelligence (OSINT) as a vital resource for decision-makers and warfighters, emphasizing OSINT's role in enhancing situational awareness and operational effectiveness.
  • Upstream - Global Automotive Cybersecurity Report (2025) - Analyzes the expanding cybersecurity gap in the automotive and smart mobility sectors. Key findings reveal a surge in ransomware attacks in 2024 and the increasing vulnerability of critical infrastructure due to the proliferation of smart mobility devices.
  • WatchGuard - Threat Report (2024) - Analyzes Q1 2024 internet security threats, focusing on malware and network attack trends. Key findings reveal a significant increase in encrypted malware detections and the widespread nature of specific network attacks across multiple geographic regions.
  • United States White House - Cybersecurity Posture of the United States (2024) - Analyzes the cybersecurity posture of the United States in 2024. Key findings highlight evolving risks to critical infrastructure, the persistent threat of ransomware, and the increasing exploitation of supply chains alongside the growing use of commercial spyware and the implications of artificial intelligence.

Application Security

  • BlackDuck - Software Vulnerability Snapshot Report (2024) - Analyzes the 2024 software vulnerability landscape, focusing on the top ten vulnerability classes identified. A significant increase in critical-risk vulnerabilities was observed across multiple sectors, highlighting the urgent need for enhanced security testing methodologies.
  • Chainguard - State of Hardened Container Images Report (2024) - Focuses on the security posture of hardened container images, specifically comparing Red Hat UBI variants with Chainguard Images. The analysis reveals key differences in image composition and security practices, highlighting the importance of digital signatures and SBOM inclusion for mitigating software vulnerabilities in containerized environments.
  • DigitalAI - Application Security Threat Report (2025) - Quantifies evolving risks in modern application security. Key findings highlight industry trends, attack data categorized by industry and OS (Android vs. iOS), and regional variations in attack rates.
  • Escape - State of API Exposure (2024) - Analyzes API security across Fortune 1000 and CAC 40 companies, uncovering 30,000 exposed APIs and 100,000 API issues, emphasizing risks in large organizations. Key findings reveal the pervasive nature of API security issues and the need for improved security measures.
  • GitGuardian - State of Secrets Sprawl (2025) - Analyzes the prevalence of secrets sprawl in 2024, focusing on the types of secrets exposed and their locations within software development lifecycles. Key findings reveal that generic secrets comprise 58% of all detected leaks, private repositories are eight times more likely to contain secrets than public ones, and collaboration tools represent a significantly overlooked source of exposure.
  • Grip - SaaS Security Risks Report (2025) - Outlines key security risks associated with the growing adoption of SaaS applications, including trends in usage across industries and specific SaaS app statistics. Key findings reveal a significant increase in shadow SaaS deployments and the rapid growth of AI-powered tools, posing substantial and largely unmanaged security risks.
  • Kodem - State of AppSec Workflow (2025) - Analyzes application security workflows, identifying key bottlenecks and pain points in current practices. The primary bottleneck is remediation, exacerbated by alert fatigue and inefficient vulnerability triage, highlighting the need for increased automation and adaptation to modern development environments.
  • LegitSecurity - State of Application Risk Report (2025) - Examines the current state of application risk in 2025, focusing on common vulnerabilities and security testing inefficiencies. Key findings reveal significant issues with secrets exposure, AI-related risks, and software supply chain vulnerabilities, highlighting a need for improved security practices across the software development lifecycle.
  • RunZero - RunZero Research Report (2024) - Examines a broad range of organizational and network security issues through an innovative asset-centric approach, with a focus on "dark matter" in networks, segmentation issues, and unusual asset detection. Key findings highlight the risks associated with unusual assets and the resurgence of older threats alongside emerging vulnerabilities, emphasizing the need for specific AI-driven security solutions.
  • Sonatype - 2024 in Open Source Malware Threat Report (2024) - Examines the proliferation of open source malware, or malicious open source packages posing unprecedented risks in the form of software supply chain attacks. Key highlights include a 156% year-over-year increase in malicious open source packages, highlighting the growing threat of intentionally crafted malware in software supply chain attacks.
  • Synopsys - Open Source Risk Analysis Report (2024) - Examines open source security risks and vulnerabilities within software supply chains. Key findings reveal that eight of the top ten vulnerabilities stem from a single common weakness enumeration (CWE), highlighting the concentration of risks in specific coding practices.
  • United States Department of Defense - State of DevSecOps (2025) - Focuses on the adoption of DevSecOps practices within the United States Department of Defense. A key finding is the Air Force's launch of a new software directorate, highlighting a move towards integrating security earlier in the software development lifecycle.
  • Veracode - State of Software Security (2024) - Examines trends in application security, offering insights into common vulnerabilities, secure development practices, and strategies for improving software security throughout the development lifecycle. Key findings reveal a high incidence of security flaws, slow remediation times, and a correlation between the number of flaws and application size, highlighting the need for proactive security measures.
  • Wallarm - API Threat Stats Report (2025) - Examines API security threats in Q1 2025, focusing on the impact of agentic AI systems and evolving cloud-native infrastructure. Key findings highlight a rapid increase in API breaches driven by increasingly sophisticated attack vectors and a surge in software supply chain vulnerabilities.

Cloud Security

  • Censys - State of the Internet (2024) - Analyzes the internet exposure of Industrial Control Systems (ICS), focusing on the vulnerabilities beyond simple protocol exposure. Key findings reveal a complex security landscape where human-machine interface vulnerabilities and outdated protocols pose significant risks, demanding a more nuanced approach to ICS security.
  • Google Cloud - Threat Horizons Report (2024) - Analyzes the evolving threat landscape for cloud enterprise users. Key findings highlight the continued dominance of cryptomining attacks stemming from misconfigured cloud environments and the increasing sophistication of ransomware and data theft targeting cloud-based assets.
  • Hornet - Cybersecurity Report (2025) - Analyzes the current Microsoft 365 threat landscape, focusing on email security trends and attack techniques. Key findings reveal a significant increase in sophisticated attacks utilizing brand impersonation and malicious attachments, with notable variations in threat levels across different business sectors.
  • IBM - X-Force Cloud Threat Landscape Report (2024) - Analyzes the evolving cloud threat landscape and its impact across various industries. Key findings reveal a significant increase in cloud-based attacks targeting SaaS platforms and a concerning rise in security rule failures within cloud environments.
  • Sysdig - Cloud Native Security and Usage Report (2025) - Analyzes cloud-native security trends and usage patterns in 2025. Key findings reveal a significant increase in the adoption of runtime security tools and a growing focus on securing AI/ML workloads, alongside persistent challenges in managing identities across human and machine interactions.
  • Wiz - Cloud Data Security Snapshot (2025) - Analyzes current cloud data security exposure trends. A significant finding reveals that 54% of cloud environments have exposed assets containing sensitive data, highlighting the critical need for improved access controls and vulnerability management.
  • Wiz - State of AI in the Cloud (2025) - Analyzes the current state of AI in cloud environments, focusing on adoption rates, security challenges, and governance issues. Key findings reveal DeepSeek's rapid growth and the continued dominance of OpenAI, alongside a rising trend of self-hosted AI deployments and stabilized adoption of AI managed services.

Vulnerabilities

  • BeyondTrust - Microsoft Vulnerability Report (2024) - Analyzes the vulnerability landscape within the Microsoft software ecosystem in 2024. Key findings reveal a concerning rise in identity-based attacks targeting Microsoft products, alongside persistent vulnerabilities in legacy applications like Internet Explorer.
  • Chainguard - The Cost of CVEs (2025) - Aanalyzes the financial impact of CVE management on organizations using containerized environments. Key findings indicate that mid-market organizations can unlock significant value through decreased risk (2.8M), increased revenue (2.2M), and faster innovation ($3.3M) by improving their CVE management practices and compliance.
  • Edgescan - Vulnerability Statistics Report (2024) - Analyzes 2024 vulnerability statistics, focusing on severity levels, risk density, and common vulnerabilities across web applications and other systems. Key findings reveal a disproportionate number of high and critical severity vulnerabilities in web applications, particularly those related to common weaknesses (CWEs), and a notable distribution across public and non-public facing systems.
  • Flexera - Annual Vulnerability Review (2024) - Provides software vulnerability trends and threat intelligence from 2024. Key findings highlight the criticality of advisories and their impact, along with an examination of advisory rejection rates and the prevalence of vulnerabilities across various assets.
  • Synack - State of Vulnerabilities Report (2024) - Analyzes trends in software vulnerabilities affecting large enterprises and government agencies. Key findings reveal a 180% surge in real-world vulnerability exploitation across five industries (healthcare, financial services, U.S. federal government, technology and manufacturing).
  • Trustwave - Financial Services Risk Radar Report (2024) - Highlights the evolving threat landscape for the financial services sector in 2024. Key trends include the increasing prevalence of insider threats, the mainstream adoption of phishing-as-a-service, and the continued targeting of financial institutions by ransomware groups, alongside the emergence of new threats from cryptocurrency and deepfakes.

Ransomware

  • Guidepoint - GRIT Ransomware Annual Report (2025) - Analyzes ransomware and cyber threat trends in 2025, focusing on ransomware taxonomy, threat actors, and impacted industries. Key findings include an in-depth look at the RansomHub threat actor and a spotlight on critical infrastructure vulnerabilities, along with an analysis of post-compromise detection methods.
  • PaloAlto - Ransomware Review (2024) - Analyzes ransomware trends during the first half of 2024. Key findings include the impact of law enforcement takedowns on various threat groups, the emergence of fraudulent activities by some groups post-takedown, and the observed retirement or transition of several significant players.
  • Veeam - Ransomware Trends Report (2024) - Analyzes global ransomware trends in 2024, focusing on recovery challenges and the impact of attacks beyond ransom payments. Key findings reveal that 67% of organizations lack a recovery plan, highlighting a significant vulnerability and the substantial, underestimated costs associated with ransomware incidents.
  • Zscaler - ThreatLabz State of Ransomware Report (2024) - A comprehensive analysis of global ransomware trends, examining attack techniques, ransom demands, and strategies for preventing and mitigating ransomware attacks.

Data Breaches

  • Cyentia - Information Risk Insights Study (2025) - Analyzes incident probability and the increasing risks associated with third-party relationships. A key finding is that incident probability has almost quadrupled in the last 15 years, driven in part by threat actors exploiting trusted relationships with external service providers to compromise target organizations.
  • IBM - Cost of a Data Breach Report (2024) - Analyzes the financial impact of data breaches in 2024, detailing costs associated with various attack vectors and recovery efforts. Key findings reveal a significant increase in the average cost of a breach, driven primarily by extortion attacks and prolonged recovery times.
  • Verizon - Data Breach Investigations Report (2025) - Analyzes data breach trends and patterns from 2025. Key findings reveal a significant increase in social engineering attacks and a persistent reliance on easily exploitable web application vulnerabilities, highlighting the need for improved employee security awareness training and robust application security measures.
  • Identity Theft Resource Center - Annual Data Breach Report (2024) - Analyzes 2024 data breaches, focusing on trends in identity theft and compromise notifications. Key findings reveal a continued high volume of breaches across various sectors, with little impact observed from current data disclosure requirements.

Physical Security

  • Genetec - State of Physical Security (2025) - Analyzes the current state of physical security, focusing on global trends and challenges in 2025. Key findings reveal persistent recruiting difficulties, fluctuating budgets impacting project timelines, and the growing influence of IT in physical security decisions alongside increasing cloud adoption.
  • Security Industry Association - Security Megatrends (2025) - This report outlines eight key security megatrends for 2025. Significant trends highlighted include the increasing importance of AI-driven security automation, the convergence of IT and OT security, and the democratization of identity and mobile credentials.
  • Nozomi - Networks OT IoT Security Report (2025) - Analyzes operational technology (OT) and internet of things (IoT) cybersecurity trends in the second half of 2024. Key findings reveal a significant increase in sophisticated attacks targeting industrial control systems, highlighting the growing need for robust security measures in critical infrastructure.
  • Trustwave - Manufacturing Risk Radar Report (2025) - Analyzes the evolving threat landscape for the manufacturing sector in 2025. Key findings highlight the increasing convergence of IT and OT systems, a persistent rise in ransomware attacks, and the need for enhanced security measures across all attack stages.

AI and Emerging Technologies

  • Australian Institute of Company Directors - Directors Introduction to AI (2024) - Provides an overview of artificial intelligence tailored for directors, highlighting its strategic implications, governance considerations, and best practices for AI implementation in organizations.
  • Okta - Secure Sign in Trends Report (2024) - Analyzes multi-factor authentication (MFA) adoption trends and authenticator usage. Key findings reveal variations in adoption rates across regions, industries, and organization sizes, with specific insights into the security and usability of different authenticator types.
  • Zimperium - Global Mobile Threat Report (2024) - Analyzes the global mobile threat landscape and the increasing prevalence of mobile-first attack strategies. Key findings reveal a surge in mobile phishing (mishing) attacks targeting specific industries, alongside the growing danger of malicious sideloaded applications and sophisticated mobile malware.
  • Zscaler - ThreatLabz AI Security Report (2024) - Analyzes enterprise AI adoption trends and associated security risks. Key findings reveal a dramatic increase in AI transactions, alongside a corresponding rise in blocked transactions, highlighting the growing need for robust AI security measures across various industries.

Survey Reports

  • Accenture - State of Cybersecurity Resilience (2023) - Provides insights on how cybersecurity strengthens enterprise transformation and business resilience. Key findings highlight the challenges organizations face in adapting cybersecurity to rapid market changes and the crucial role of proactive cybersecurity strategies in mitigating evolving risks.
  • Aon - Intangible vs. Tangible Risk Report (2024) - Analyzes the evolving risks associated with intangible assets like AI and intellectual property (IP) in the context of cybersecurity. Key findings reveal that generative AI and cybersecurity are top CEO concerns, and new AI regulations may inadvertently increase litigation related to intellectual property rights.
  • CompTIA - State of Cybersecurity (2025) - Analyzes the current state of cybersecurity, focusing on organizational priorities, incident impact, and workforce development needs. Key findings reveal that cybersecurity is a high priority for 59% of organizations, yet 56% experienced significant incident impact, highlighting a critical skills gap and the growing influence of generative AI on cybersecurity strategies.
  • Deloitte - Future of Cyber Survey (2024) - Explores the evolving role of cybersecurity in driving strategic business value. Key findings reveal a growing influence of CISOs within the C-suite and a deepening integration of cybersecurity into technology-driven business programs.
  • FERMA - Global Risk Manager Survey Report (2024) - Analysis of global risk management practices across 77 countries and six regional associations. Key findings reveal a significantly increased focus on corporate strategy integration and the growing maturity of enterprise risk management models, particularly concerning sustainability risks.
  • ISC2 - Cyberthreat Defense Report (2024) - Examines the current state of cyberthreat defense, including emerging threats and defense strategies across various industries. Key findings reveal a persistent skills shortage alongside growing concerns about AI's dual impact on cybersecurity, both enhancing defenses and creating new attack vectors.
  • KnowBe4 - Cybersecurity Culture Report (2024) - Explores the state of cybersecurity culture in organizations, highlighting trends and best practices across different sectors. Key findings indicates Security culture greatly varies across the world, indicating a siloed approach is not sustainable. problem in our fully connected world
  • Kong - API Security Perspectives (2025) - Outlines the growing threat of AI-enhanced attacks on APIs and emphasizes the need for robust API security measures and the rising risks associated with these new types of threats.
  • Norton - Cyber Safety Insights Report (2024) - Provides insights into consumer cyber safety trends and challenges across various industries. Key findings reveal that one in four users have been targeted by dating scams, and nearly one-third have experienced catfishing, highlighting the significant prevalence of online dating fraud.
  • Proofpoint - Voice of the CISO Report (2024) - Insights into the perspectives and challenges faced by Chief Information Security Officers across different sectors. Key findings reveal persistent concerns around human error and insider threats, coupled with growing confidence in navigating evolving cybersecurity landscapes.
  • PwC - Global Digital Trust Insights (2024) - Examines global trends in digital trust and cybersecurity across various industries. Key findings reveal cloud security as a top concern despite significant investment, highlighting a persistent gap in effective management and the increasing importance of generative AI in cyber defense.
  • Salt - CISO and CIO Investment Priorities (2025) - Surveys key cybersecurity investment priorities for CISOs and CIOs in 2025, as detailed in a white paper by Osterman Research and sponsored by Salt Security. Key findings highlight shifts in priorities based on evolving threat landscapes and increased focus on incident response and proactive security measures.
  • SANS - SANS Cyber Threat Hunting Survey (2024) - Provides insights into the current state of cyber threat hunting across different sectors. Key findings reveal shifts in attacker tactics, techniques, and procedures (TTPs), along with variations in methodologies and organizational approaches to threat hunting.
  • Splunk - State of Security (2024) - Provides an overview of the impact of generative AI on cybersecurity, highlighting the evolving challenges and opportunities for CISOs. Key findings reveal widespread adoption of AI-related security practices despite uncertainty surrounding new regulations and their implications for CISO accountability.
  • USTelecom - Cybersecurity Culture (2023) - Examines the state of cybersecurity culture within small and medium-sized critical infrastructure enterprises. Key findings reveal significant variations in cybersecurity practices across sectors and organizational sizes, highlighting a need for tailored solutions and targeted improvements.
  • Vanta - State of Trust Report (2024) - Explores the growing challenges in building and maintaining trust for organizations, focusing on security risks, compliance burdens, and the increasing third-party vendor risks. Key findings reveal the increasing difficulty of managing compliance burdens, third-party risks, and the impact of AI adoption on security posture.
  • Verizon - Mobile Security Index (2024) - Provides insights into mobile and IoT security risks, focusing on their amplified impact within critical infrastructure sectors. Key findings reveal a widespread perception of increased risk across all sectors, with significantly higher breach risks and impacts observed in critical infrastructure due to high IoT usage.
  • World Economic Forum - Global Cybersecurity Outlook (2025) - Provides a global perspective on cybersecurity trends and challenges exploring the impact of emerging technologies, geopolitical tensions, and cybercrime. Key findings reveal a growing complexity in cyberspace, driven by increased digitalization and interconnectedness, necessitating proactive and adaptive security strategies.

Application Security

  • ArmorCode - State of Application Security (2023) - Examines the current state of application security, focusing on challenges faced by software security teams. Key findings reveal that managing excessive vulnerabilities and prioritizing remediation efforts are major obstacles, with 86% of respondents agreeing on this critical issue.
  • BlackDuck - Global State of DevSecOps (2024) - Provides insights into the current state of DevSecOps, focusing on the impact of AI-assisted coding and evolving security testing practices. Key findings reveal a significant shift towards AI-driven security testing, alongside challenges in effectively interpreting and acting upon resulting security test data.
  • Checkmarx - Future of Application Security (2024) - Analyizes the current state of application security and the challenges organizations face. Key findings reveal a growing disconnect between the increasing complexity of applications and the resources dedicated to securing them, highlighting the urgent need for a comprehensive "code-to-cloud" security approach.
  • Checkmarx - State of Software Supply Chain Security (2024) - Provides insights into current trends in supply chain threats across industries such as banking and finance, insurance, software, technology, engineering, manufacturing, industrial, and public sector. Key findings reveal a significant reliance on Software Composition Analysis (SCA) as a foundational element, while the adoption of Software Bill of Materials (SBOMs) and broader interdisciplinary SSCS programs lags behind.
  • Cycode - State of Application Security Posture Management (2025) - Examines application security challenges and strategies from the perspectives of CISOs, AppSec Directors, and DevSecOps managers across the UK, US, and Germany. Key findings reveal inefficiencies strain the relationship between security and development teams, eroding trust and hindering productivity.
  • Snyk - State of Open Source Security (2024) - Examines the current state of open source security, including trends and challenges across various industries. Key findings indicate a plateau in OSS security improvements, with concerning declines in several key areas such as dependency tracking and a lack of significant year-over-year progress in supply chain security maturity.
  • Traceable - Global State of API Security (2025) - Annual survey gathering insights from 1,548 respondents across 100+ countries on the state of API security. Key findings reveal a persistent increase in API-related breaches, the inadequacy of traditional security solutions, and the growing risk posed by bot attacks and the integration of generative AI.

Cloud Security

  • Crowdstrike - SaaS Security Posture Management (2025) - Analyizes the 2024 SaaS Security Posture Management market, benchmarking companies' innovation and growth potential. Key findings highlight a competitive landscape with significant growth opportunities and best practices for companies seeking to improve their security posture.
  • Fortinet - Cloud Security Report (2025) - Examines the state of cloud security, focusing on deployment strategies, multi-cloud adoption, and prevalent security concerns. Key findings reveal low confidence in real-time threat detection and a persistent cybersecurity skills gap, highlighting the need for increased investment and improved security practices.
  • Google - Cybersecurity Forecast 2025 (2025) - Insights from Google Cloud leaders on emerging cybersecurity trends. Key predictions include the continued rise of ransomware and multifaceted extortion, the increasing use of AI by attackers, and the persistent threat from state-sponsored actors like China, Russia, Iran, and North Korea.
  • ISC2 - Cloud Security Report (2024) - Provides insights into 2024 cloud security trends and challenges, focusing on multi-cloud environments and the adoption of DevSecOps. Key findings reveal significant barriers to advancing cloud maturity, particularly regarding skills gaps and the complexities of streamlining cloud compliance across multiple platforms.
  • Mend - State of Supply Chain Threats (2023) - Examines the current state of supply chain threats and vulnerabilities across different sectors. Key findings reveal widespread concerns about supply chain risks and the significant impact on organizational practices, highlighting the need for improved security measures.
  • PaloAlto - State of Cloud Native Security Report (2024) - Examines the current state of cloud-native security, including trends, challenges, and best practices across different sectors. Key findings include significant law enforcement actions against several prominent ransomware groups, resulting in arrests, takedowns, and the apparent retirement of some actors, alongside the emergence of new groups and fraudulent activities.
  • Sonatype - State of Cloud Security Report (2024) - Provides insights into the state of cloud security and software supply chain management across different sectors. Key findings highlight the increasing sophistication of attacks leveraging shadow downloads to bypass repository managers and the significant number of compromised packages discovered.
  • Sophos - State of Cloud Security Report (2023) - Examines the current state of cybersecurity, including trends and challenges faced by organizations across various industries. Key findings reveal the prevalence of active adversary attacks and highlight the significant overhead associated with detection, investigation, and response efforts

Identity Security

  • Astrix - State of Non Human Identity (2024) - Highlights growing concerns over non-human identities as attack vectors, limited automation and visibility into API and third-party connections. Key findings reveal low confidence in preventing NHI-based attacks, coupled with significant challenges in managing basic security controls like permissions and API keys, highlighting a critical need for improved NHI security practices.
  • ConductorOne - Identity Security Outlook Report (2024) - Highlights how increasing technological and organizational complexity are driving new identity risks. Key findings reveal increasing budgets for identity and access management, coupled with a growing adoption of zero standing privileges to mitigate escalating identity-based threats.
  • CyberArk - State of Machine Identity Security Report (2025) - Focuses on the critical and often-overlooked area of machine identity security. Key findings reveal that a significant percentage of organizations are concerned about risks stemming from compromised machine identities (37%) and expired certificates (36%), highlighting a lack of visibility and control over secrets management.
  • CyberArk - Identity Security Threat Landscape Report (2024) - Examines the impact of cyberattacks on identity, including cyber debt, GenAI, machine identities, and third- and fourth-party risks. Key findings reveal a growing "cyber debt" fueled by these factors, highlighting the need for proactive security strategies.
  • IDS Alliance - 2024 Trends in Securing Digital Identities (2024) - Provides insights into current plans, historical trends, and approaches to cybersecurity and identity management. Key research found that 22% of businesses see managing and securing digital identities as the number one priority of their security program, up from 17% in 2023.
  • Hypr - State of Passwordless Identity Assurance (2025) - Focuses on the adoption and impact of passwordless identity assurance. Key findings indicate a growing momentum for passwordless authentication in the enterprise, with usage increasing by 10% compared to the previous year.
  • ManageEngine - Identity Security Survey (2024) - Explores global identity security readiness across industries and roles, examining the rising tide of AI-driven phishing, social engineering, and credential theft. Key findings reveal a significant gap between perceived and actual IT ecosystem visibility and control, highlighting the urgent need for improved identity security posture across organizations.
  • Omada - State of Identity Governance (2024) - Highlights the modernization of identity governance driven by digital transformation and hybrid workforces, emphasizing SaaS-based solutions, analytics, and automation for scalable and secure identity management.
  • PushSecurity - Identity Attacks (2024) - Highlights that 2024 is seeing a rise in identity-based attacks, as attackers increasingly target vulnerable identities now that identity has become the new security perimeter. Key findings reveal a significant increase in account takeovers via exploited identities, highlighting the evolving attack landscape and the substantial financial gains for perpetrators.
  • SailPoint - Horizons of Identity Security (2024) - Explores the evolving landscape of identity security, emphasizing its role in mitigating cyber risks while enhancing business value and productivity. Key findings highlight the potential for strategic investments to improve security posture and deliver higher returns, particularly among organizations demonstrating advanced maturity levels.
  • Semperis - Ransomware Holiday Risk Report (2024) - Focuses on the increased risk of ransomware attacks during holidays and times of corporate upheaval. A key finding indicates that 63% of organizations experiencing corporate upheaval also experienced a ransomware attack, highlighting the opportunistic nature of threat actors.
  • Semperis - Ransomware Risk Report (2024) - Analyzes the future challenges and next steps organizations are planning to take in response to the current cybersecurity landscape. A key finding is that despite the significant damage caused by ransomware, only 29% of surveyed organizations plan to increase their security budgets in the next year, with notable variations across countries (US: 28%, UK: 45%).
  • Varonis - The Identity Crisis (2024) - Analyzes the prevalence of cyberattacks in 2024, focusing on the crucial role of stolen identities. The report reveals that credential stuffing and similar methods are the most common attack vectors, enabling attackers to maintain undetected access for extended periods to exploit vulnerabilities and exfiltrate sensitive data.

Penetration Testing

  • Bugcrowd - The Total Economic Impact Of Bugcrowd Managed Bug Bounty (2024) - Analyzes the economic benefits and impacts of Bugcrowd's managed bug bounty programs, supported by data-driven insights from Forrester. Key findings reveal significant cost savings through early vulnerability detection and remediation, exceeding the program's cost by a substantial margin.
  • Cobalt - State of Pentesting (2024) - Offers an overview of the current state of penetration testing, including trends, challenges, and best practices across various industries. A key finding reveals a significant increase in manual penetration testing alongside the emergence of AI-driven attacks and vulnerabilities, necessitating a refined pentesting maturity model.
  • Fortra - Penetration Testing Report (2024) - Provides insights into the current landscape of penetration testing, including common vulnerabilities and industry-specific challenges. Key findings reveal a growing reliance on third-party services, coupled with increasing concerns about phishing attacks and the need for more frequent testing across diverse environments.
  • HackerOne - Hacker Powered Security Report (2024) - Explores the state of hacker-powered security, including trends in bug bounty programs and vulnerability disclosure across industries. Key findings highlight the expanding expertise of security researchers into AI, APIs, and an emphasis on layered security defenses.
  • NCC Group - Annual Research Report (2024) - Highlights NCC Group's 25 years of research, covering topics from cryptography to hardware and embedded systems. Key highlights include pioneering research, innovative tools, and active community engagement, showcasing a year of significant advancements in the field.

Privacy and Data Protection

  • Cisco - Data Privacy Benchmark Study (2024) - Provides insights into data privacy trends, challenges, and breaches across various industries. Key findings reveal strong global support for privacy laws, yet slow progress on transparency and AI readiness alongside growing concerns regarding data usage in Generative AI.
  • Code42 - Annual Data Exposure Report (2024) - Highlights insider threat risks and trends based on insights from over 700 security professionals. Key findings reveal a significant increase in insider-driven data loss and the growing influence of emerging technologies on data exposure trends.
  • Drata - State of GRC (2025) - Focuses on the evolving role of Governance, Risk Management, and Compliance (GRC), transitioning from a cost center to a strategic business driver. A key finding highlights the challenges GRC teams face in balancing compliance complexity and business growth, including concerns about AI hallucinations providing improper GRC guidance.
  • Hyperproof - IT Risk and Compliance Benchmark Report (2025) - Examines the state of IT risk and compliance, focusing on the maturation of GRC programs and trends in framework adoption. Key findings reveal the maturing of GRC programs, evolving framework adoption, and the increasing significance of third-party risk management as a major concern.
  • Immuta - State of Data Security Report (2025) - A survey of 700+ data professionals examines the current state of data security, including challenges, trends, and best practices across various industries. Key findings reveal that security and access remain top concerns amidst growing data demands, with people, processes, and technology all contributing to the complexities.
  • ISACA - State of Privacy (2025) - Outlines key trends in global privacy practices, including staffing needs, budget constraints, and the increasing integration of AI in privacy operations. Key findings reveal significant skill gaps and difficulties in staff retention, coupled with increasing reliance on AI for privacy initiatives and a growing concern over privacy breaches.
  • Kiteworks - Forecast for Managing Private Content Exposure Risk (2025) - Outlines 12 predictions for managing private content exposure risk, based on cybercrime, cybersecurity, and compliance trends focusing on sensitive content communications. Key predictions highlight the evolving global data privacy landscape, the increasing importance of secure content collaboration, and the need for robust API security to manage these risks effectively.
  • Proofpoint - Data Loss Landscape (2024) - Provides an overview of the data loss landscape, including trends and challenges faced by organizations across various industries. Key findings reveal significant financial costs associated with data breaches stemming from malicious and negligent insiders, highlighting a critical need for improved data loss prevention strategies.
  • Proofpoint - Global Email Security Market Report (2024) - Benchmarks 21 top email security vendors, highlighting growth opportunities and market trends. Key findings highlight the significant pressure on vendors to adapt to the rapidly evolving threat landscape and maintain solution efficacy.

Ransomware

  • Cyberreason - Ransomware The True Cost to Business (2024) - Examines the true cost of ransomware attacks on businesses across different sectors. Key findings reveal the evolution of ransomware beyond simple data encryption, highlighting its increasingly sophisticated methods and the significant financial and operational consequences for victims.
  • Fortinet - Global Ransomware Report (2023) - Provides a global overview of ransomware trends and impacts across various industries. Key findings reveal a concerning rise in ransomware sophistication and attack frequency, coupled with a persistent gap in essential security practices across many organizations despite increased proactive efforts.
  • Sophos - State of Ransomware (2024) - Examines ransomware attack methods, likelihood, and business impacts based on insights from 5,000 IT and cybersecurity leaders across 14 countries. Key findings reveal a significant percentage of impacted computers and a concerning rate of data encryption, coupled with high recovery costs and extended recovery times.
  • Spycloud - Ransomware Defense Report (2024) - Examines malware and ransomware defense strategies and trends across different sectors. Key findings reveal a resurgence in ransomware attacks and highlight the increasing sophistication of malware, including stealthy stealers and the significant risk posed by third-party exposures.

AI and Emerging Technologies

  • Cisco - State of AI Security (2025) - Analyzes the emerging AI security risks and attack vectors within the AI threat landscape. Key findings reveal a growing need for proactive AI security research and the development of robust policies to mitigate these risks.
  • HiddenLayer - AI Threat Report (2024) - Provides insights into the AI threat landscape across various industries. Key findings highlight the increasing threats of adversarial AI attacks, including deepfakes and data privacy breaches, and the vulnerabilities of AI-based systems to supply chain attacks.
  • Okta - AI at Work (2025) - Focuses on the perspectives of C-suite executives regarding the transformative impact of artificial intelligence (AI) on security, innovation, and efficiency within organizations. Key findings reveal executive sentiment, concerns, and priorities regarding AI implementation, highlighting varying levels of understanding and integration across different organizations.
  • Salt - State of API Security (2024) - Analyzes the state of API security covering adoption drivers, development trends, security challenges, and customer data analysis. Key findings reveal a rapid increase in API adoption driven by digital transformation, alongside persistent security concerns demanding robust monitoring and mitigation strategies.
  • Snyk - AI Generated Code Security Report (2023) - Examines the security implications of AI-generated code across different sectors. Key findings reveal a significant majority (56.4%) report encountering insecure AI-generated code, yet few organizations have adjusted their processes to mitigate this risk.

Resources

Annual reports are the result of a collaborative effort, combining research from both paid and non-profit sources, drawn from within the organization and the broader cybersecurity community. These reports rely on the contributions of various organizations that help shape the field by setting standards, offering certifications, conducting research, and influencing policy.

The categories below highlight the diverse roles these organizations play in building cybersecurity programs and advancing best practices. By exploring these groups, readers can gain insight into the ecosystem that underpins the development of annual reports and drives progress in the industry.

Research Consulting: These are organizations that offer paid research services, market analysis, and consulting in the field of information technology and cybersecurity.

Standards and Certifications: Organizations involved in setting cybersecurity standards, providing certifications, and creating frameworks for best practices.

Threat Intelligence and Incident Response: Organizations focused on sharing threat intelligence, coordinating cyber incident responses, and combating cyber threats.

Policy and Advocacy: Institutions shaping cybersecurity policies, regulations, and public awareness on a national or international scale.

Working Groups: These are collaborative organizations or professional associations that conduct research, share information, and develop best practices in cybersecurity.

Government and Non-profits: This category includes government agencies and non-profit organizations dedicated to cybersecurity research, policy development, and public awareness.

Research Consulting

  • 451 Research - A technology research and advisory firm specializing in emerging technology segments including cybersecurity market analysis and trends.
  • ABI Research - A technology market intelligence company providing strategic guidance on transformative technologies, including cybersecurity and digital security.
  • Forrester Research - An advisory company that offers paid research, consulting, and event services specialized in market research for information technology.
  • Frost & Sullivan - A consulting firm offering market research and analysis in cybersecurity, with particular focus on emerging technologies and market opportunities.
  • Gartner - A technology research and consulting firm which offers private paid consulting as well as executive programs and conferences.
  • GigaOm - A research firm offering practical, hands-on, practitioner-driven research for businesses.
  • International Data Corporation (IDC) - A global provider of market intelligence and advisory services.
  • KuppingerCole - A global analyst company specializing in information security, identity & access management, and risk management.
  • Omdia - A global technology research powerhouse focusing on cybersecurity market analysis and digital transformation.

Standards and Certifications

Threat Intelligence and Incident Response

Policy and Advocacy

Working Groups

Government and Non-profits

Contributing

Please refer to the guidelines at https://github.com/jacobdjwilson/awesome-annual-security-reports/blob/master/CONTRIBUTING.md for details.