Skip to content

Annual Security Reports

Awesome Annual Security Reports Awesome

A curated list of annual cyber security reports - Centralized annual cybersecurity analysis and industry surveys

Definition: The cybersecurity landscape is constantly evolving, making it hard for CIOs, CISOs, and security leaders to keep up. They're flooded with annual reports from research consultancies, industry working groups, non-profits, and government agencies, and sifting through marketing material to find actionable insights is a major challenge. This list aims to cut through the noise by providing a vendor-neutral resource for the latest security trends, tools, and partnerships. It curates information from trusted sources, making it easier for security leaders to make informed decisions.

Limitations: This is not a repository for project-specific documents such as white papers, intelligence reports, technical specifications, or standards. While all user-submitted uploads or report requests are welcome, we should draw a box around this awesome list.

Accessibility When possible, all reports will be sourced from their original authors and uploaded to Hybrid Analysis via GitHub action to provide an added level of confidence. The resulting analysis link will be included in the PDF commit notes. Additionally, all PDF reports will be converted to Markdown using AI, based on the AI Prompts defined in this repository.

Acknowledgement: I would like to give recognition for other works that inspired this collection. Richard Stiennon produces an annual, comprehensive industry analysis that surpasses the scope of this list and deserves attention. Additionally, Rick Howard's cyber cannon list of must-read books is an invaluable resource, catering to both leadership and practitioner levels within the field.

Annual Report Counts:

GitHub repo file or directory count (in path) GitHub repo file or directory count (in path) GitHub repo file or directory count (in path) GitHub repo file or directory count (in path) GitHub repo file or directory count (in path) GitHub repo file or directory count (in path)

- [AI and Emerging Technologies](#ai-and-emerging-technologies-1)

Overview

Reports are organized into two main categories based on their data sources: - Analysis: Generated through quantification and qualification of data from sensor networks or cybersecurity services. - Survey: Derived from surveys, interviews, or consulting engagements that capture industry sentiment and practices.

The most recent versions of reports are listed below. Older editions are preserved in their corresponding yearly directories. Reports from sources that have not been updated in the last three years will no longer appear in this README.md but will remain accessible in the respective year's directory.

Reports are organized by their primary focus. Although many reports span multiple topics, this classification provides a clearer structure. Within each topic, reports are listed alphabetically.

Analysis Reports

Threat Intelligence

  • ArticWolfLabs - Cybersecurity Predictions (2025) - Analyzes evolving threat landscapes and predicts key cybersecurity challenges for 2025. The report highlights the increasing sophistication of social engineering attacks, emphasizing the critical need for robust multi-factor authentication (MFA) implementations and vigilance against evolving tactics, techniques, and procedures (TTPs).
  • Australian Signals Directorate - Cyber Threat Report (2024) - Analyzes the Australian cyber threat landscape for 2023-2024, focusing on state actors, critical infrastructure attacks, cybercrime, hacktivism, and national resilience efforts. Key findings highlight a significant increase in ransomware attacks targeting critical infrastructure and a concerning rise in hacktivism motivated by geopolitical events.
  • BD - Product Security Annual Report (2023) - Analyzes the cybersecurity posture of BD's medical device ecosystem and its products. Key findings highlight the importance of collaborative vulnerability disclosure and the implementation of strong cybersecurity controls throughout the product lifecycle to mitigate risks within the healthcare sector.
  • Blackpoint - Annual Threat Report (2024) - Analyzes the 2023 cyberthreat landscape and emerging trends. Key findings highlight a concerning rise in exploitation of vulnerabilities like Citrix Bleed, alongside shifts in threat actor tactics and industry-specific vulnerabilities.
  • CheckPoint - Cybersecurity Report (2025) - Analyzes global cybersecurity events and trends in 2024, offering predictions and recommendations for CISOs in 2025. Key findings highlight the impact of AI and cloud advancements on cybercrime, emphasizing the need for proactive security measures and adaptive strategies.
  • Cisco - Cyber Threats Trends Report (2025) - Analyzes current cyber threat trends, focusing on information stealers, Trojans, ransomware, RATs, and APTs. Key findings reveal a significant increase in the sophistication and volume of attacks, particularly concerning the use of information stealers and the continued evolution of ransomware techniques.
  • CrowdStrike - Threat Hunting Report (2024) - Analyzes 2024 intrusion trends, focusing on adversary tactics and sectoral targeting. Key findings reveal a significant rise in cloud-based attacks leveraging cloud management agents, alongside a concerning increase in sophisticated insider threats targeting numerous U.S. companies.
  • CrowdStrike - Global Threat Report (2025) - Analyzes global threat trends and key adversary tactics for 2025. Significant findings include the increasing use of generative AI by adversaries, the persistent threat of social engineering, and the growing sophistication of cloud-based attacks targeting SaaS platforms.
  • DarkTrace - Annual Threat Report (2024) - Analyzes the 2024 threat landscape, focusing on ransomware, email threats, and state-sponsored espionage. Key findings reveal the persistence of ransomware attacks, the increasing sophistication of LOTL techniques, and a notable rise in threats targeting operational technology and critical infrastructure sectors.
  • DeepInstinct - Threat Landscape Report (2025) - Analyzes global malware trends and ransomware attacks in 2024, offering predictions for 2025. Key findings highlight a continued rise in ransomware attacks targeting specific sectors, coupled with the evolving tactics of ransomware groups and the impact of sanctions and disclosures on their operations.
  • DeepWatch - Annual Threat Report (2024) - Analyzes 2023 adversary tactics and intelligence, focusing on observed trends and key threat actors. Key findings highlight the continued dominance of account compromise and ransomware incidents, alongside the persistent exploitation of critical vulnerabilities in internet-facing systems.
  • Department of Homeland Security - Threat Assessment (2025) - Analyzes homeland security threats in 2025, focusing on terrorism, transnational crime, and threats to critical infrastructure. Key concerns include the evolving tactics of nation-state actors, the persistent threat of cyberattacks targeting critical infrastructure, and the increasing challenges posed by transnational criminal organizations.
  • DNSFilter - Annual Security Report (2025) - Analyzes 2024 cybersecurity trends, focusing on data breaches and their impact across various regions. Key findings reveal a significant increase in threats related to natural disasters and election-related attacks, coupled with an uneven adoption of security measures among Managed Service Providers (MSPs).
  • Dragos - OT Cybersecurity Report A Year in Review (2025) - Analyzes the 2025 OT/ICS cybersecurity landscape, focusing on adversary tactics and defender progress. Key findings reveal a rise in OT-centric cyber operations fueled by geopolitical tensions, particularly the Ukraine-Russia conflict, and the increasing activity of threat groups like KAMACITE and ELECTRUM.
  • ENISA - Threat Landscape Report (2024) - Analyzes the 2024 threat landscape, focusing on evolving trends in cyberattacks and vulnerabilities. Key findings highlight the persistent threat of ransomware, the increasing sophistication of social engineering tactics, and a concerning rise in data breaches targeting critical infrastructure.
  • Ensign - Cyber Threat Landscape Report (2024) - Analyzes cybersecurity threat trends across the Asia-Pacific region in 2023. Key findings highlight the evolution of ransomware extortion tactics and the increasing sophistication of hacktivist groups, alongside a notable rise in attacks targeting digital infrastructure.
  • Expel - Annual Threat Report (2025) - Analyzes cybersecurity trends from 2024, focusing on cloud security, phishing, and other threats. Key findings reveal diverse threat actor tactics across various industries, highlighting the need for proactive detection and preventative measures.
  • FBI - Internet Crime Report (2024) - Analyzes 2024 cybercrime trends and complaint data reported to the Internet Crime Complaint Center (IC3). Key findings reveal a significant increase in cyber-enabled fraud complaints across various age groups, with notable regional disparities in reported incidents.
  • Flashpoint - Global Threat Intelligence Report (2025) - Analyzes the 2025 global cyber threat landscape, focusing on data breaches and information-stealing malware. Key findings reveal significant trends in unauthorized access methods and the evolving tactics used by threat actors, impacting various sectors and requiring updated security strategies.
  • Fortinet - Global Threat Report (2025) - Analyzes the evolving global threat landscape and attacker tactics. Key findings reveal a surge in cyber reconnaissance activity driven by automated scanning and a significant shift in attacker focus towards cloud environments and post-exploitation techniques.
  • Huntress - Threat Report (2025) - Analyzes the 2024 cyber threat landscape, focusing on ransomware attacks and their impact across various sectors. Key findings reveal a concerning increase in ransomware attacks targeting healthcare and technology sectors, with a notable rise in the use of Remote Monitoring and Management (RMM) tools for lateral movement.
  • IBM - X Force Threat Intelligence Index (2025) - Analyzes emerging cybersecurity threats and trends for 2025. Key findings highlight the increasing use of AI in attacks, the persistence of info-stealers, and the significant role of phishing and cloud-based infrastructure in successful compromises.
  • Kela - AI Threat Report (2025) - Analyzes the weaponization of AI by cybercriminals, focusing on emerging threats and attack vectors. Key findings reveal a 200% increase in mentions of malicious AI in 2024, highlighting the rapid growth of dark AI tools and their use in automated phishing, vulnerability research, and malware development.
  • Mandiant - M Trends (2025) - Analyzes global cybersecurity threats and trends in 2025. Key findings include insights into ransomware attacks, cloud compromises, and the evolving tactics of various nation-state actors.
  • Microsoft - Digital Defense Report (2024) - Analyzes the evolving cybersecurity threat landscape and key developments in threat actor motivations and tactics. Significant findings include the blurring lines between nation-state actors and cybercriminals, along with quantifiable data on nation-state threat activity.
  • Mimecast - Global Threat Intelligence Report H2 (2024) - Outlines a method for converting technical PDFs into Markdown. The key focus is on complete fidelity, preserving all content, structure, and formatting, including a functional Table of Contents and descriptions of images rather than embedding them.
  • National Cyber Security Centre - Cyber Threat Report (2024) - Analyzes New Zealand's cyber threat landscape for 2023-2024, focusing on state actors, critical infrastructure attacks, cybercrime, hacktivism, and national resilience efforts. Key findings highlight a notable increase in ransomware attacks targeting critical infrastructure and a growing sophistication of state-sponsored cyber operations.
  • NCC Group - Threat Monitor Report (2024) - Provides an analysis of current cyber threats, offering insights into attack trends, vulnerabilities, and strategies for improving organizational cybersecurity.
  • Office of the Director of National Intelligence - Annual Threat Assessment (2025) - This assessment analyzes the evolving threat landscape to U.S. national security posed by state and non-state actors. Key concerns include the increasing cooperation between adversarial states and the persistent threat from transnational criminal organizations, particularly in the illicit drug trade and extremist activities.
  • OrangeCyberDefense - Security Navigator (2025) - Analyzes the evolving cybersecurity threat landscape and proactive mitigation strategies. Key findings reveal a rise in cyber extortion, AI-driven attacks, and threats to operational and mobile networks, necessitating innovative defensive adaptations.
  • Picus - RedReport (2025) - Analyzes the ten most prevalent MITRE ATT&CK® techniques used by threat actors. Key findings reveal a high prevalence of techniques related to process injection, command execution, and credential harvesting, highlighting the persistent reliance on established attack vectors.
  • Rapid7 - Attack Intelligence Report (2024) - Analyzes vulnerability exploitation trends and ransomware attack vectors in 2023. Key findings reveal a rise in pre-patch exploitation and the continued prevalence of file transfer protocol vulnerabilities as initial access vectors for ransomware.
  • RecordedFuture - Cyber Threat Analysis Report (2024) - Analyzes the impact of SaaS application proliferation on cyberattacks in 2024. Key findings reveal the significant role of stolen credentials and MFA failures in data breaches, alongside the increased use of generative AI in influence operations and a rise in ransomware variants.
  • RedCanary - Threat Detection Report (2024) - Analyzes emerging threat detection trends in 2024, focusing on ransomware, initial access vectors, and identity-based attacks. Key findings reveal a significant increase in API abuse within cloud environments and the growing sophistication of AI-powered adversary emulation techniques.
  • ReliaQuest - Annual Threat Report (2025) - Analyzes 2024 cyber-threat trends, focusing on initial access tactics and their effectiveness. Key findings reveal inadequate logging as the root cause of most breaches, with session hijacking bypassing multi-factor authentication in all successful business email compromise incidents.
  • Secureworks - State of the Threat (2024) - Analyzes global cybercrime trends and threat actor activities throughout the year. Key findings reveal persistent cybercrime growth despite law enforcement efforts, coupled with significant increases in hacktivism and state-sponsored attacks.
  • SonicWall - Cyber Threat Report (2025) - Analyzes the evolving landscape of cyber threats in 2024, focusing on the rise of ransomware, BEC attacks, and the impact of AI-powered tools. Key findings highlight a significant increase in ransomware and BEC attacks, coupled with the concerning ease with which threat actors can leverage AI and readily available tools to launch sophisticated campaigns.
  • Sophos - Threat Report (2024) - Analyzes the evolving landscape of cybercrime, focusing on its impact on small and medium-sized businesses. Key findings reveal ransomware as a persistent major threat, exacerbated by the rise of cybercrime-as-a-service and the increasing sophistication of social engineering tactics.
  • Trellix - Advanced Threat Research Report (2024) - Analyzes global cyber threats and nation-state activity in June 2024. Key findings reveal a rise in APT group activity targeting specific regions, utilizing both malicious and non-malicious tools, with a notable focus on Volt Typhoon.
  • TrendMicro - Annual Cybersecurity Threat Report (2023) - Analyzes advanced persistent threat (APT) campaigns and ransomware threats observed throughout 2023. Key findings highlight APT28's persistent use of NTLMv2 hash relay attacks and a subsequent shift to credential phishing campaigns following the patching of CVE-2023-23397, demonstrating adaptability in their tactics.
  • Trustwave - Education Sector Threat Landscape (2024) - Analyzes the evolving threat landscape in the education sector in 2024. Key findings highlight the increasing reliance on online learning, a surge in ransomware attacks targeting educational institutions, and the significant risk posed by third-party vendors.
  • Trustwave - Professional Services Sector Threat Landscape (2024) - Analyzes the 2024 threat landscape for professional services firms. Key findings reveal a significant increase in ransomware attacks leveraging supply chain vulnerabilities and phishing campaigns, emphasizing the need for enhanced security awareness training and robust incident response planning.
  • Trustwave - Public Sector Threat Landscape (2024) - Analyzes the 2024 public sector threat landscape, focusing on emerging trends and attack vectors. Key findings highlight the increasing convergence of IT and OT systems in critical infrastructure, along with a persistent reliance on easily exploitable methods like phishing and vulnerable supply chains.
  • Trustwave - Technology Sector Threat Landscape (2024) - Analyzes the 2024 technology threat landscape, focusing on emerging trends and attack vectors. Key findings highlight the persistent threat of ransomware, the increasing exploitation of third-party supplier vulnerabilities, and a concerning prioritization of speed over security in software development.
  • United States Department of Defense - OSINT Strategy 2024–2028 (2024) - Outlines the Department of Defense's approach to open-source intelligence (OSINT) as a vital resource for decision-makers and warfighters, emphasizing OSINT's role in enhancing situational awareness and operational effectiveness.
  • Upstream - Global Automotive Cybersecurity Report (2025) - Analyzes the expanding cybersecurity gap in the automotive and smart mobility sectors. Key findings reveal a surge in ransomware attacks in 2024 and the increasing vulnerability of critical infrastructure due to the proliferation of smart mobility devices.
  • WatchGuard - Threat Report (2024) - Analyzes Q1 2024 internet security threats, focusing on malware and network attack trends. Key findings reveal a significant increase in encrypted malware detections and the widespread nature of specific network attacks across multiple geographic regions.
  • United States White House - Cybersecurity Posture of the United States (2024) - Analyzes the cybersecurity posture of the United States in 2024. Key findings highlight evolving risks to critical infrastructure, the persistent threat of ransomware, and the increasing exploitation of supply chains alongside the growing use of commercial spyware and the implications of artificial intelligence.

Application Security

  • BlackDuck - Software Vulnerability Snapshot Report (2024) - Analyzes the 2024 software vulnerability landscape, focusing on the top ten vulnerability classes identified. A significant increase in critical-risk vulnerabilities was observed across multiple sectors, highlighting the urgent need for enhanced security testing methodologies.
  • DigitalAI - Application Security Threat Report (2025) - Quantifies evolving risks in modern application security. Key findings highlight industry trends, attack data categorized by industry and OS (Android vs. iOS), and regional variations in attack rates.
  • Escape - State of API Exposure (2024) - Analyzes API security across Fortune 1000 and CAC 40 companies, uncovering 30,000 exposed APIs and 100,000 API issues, emphasizing risks in large organizations. Key findings reveal the pervasive nature of API security issues and the need for improved security measures.
  • GitGuardian - State of Secrets Sprawl (2025) - Analyzes the prevalence of secrets sprawl in 2024, focusing on the types of secrets exposed and their locations within software development lifecycles. Key findings reveal that generic secrets comprise 58% of all detected leaks, private repositories are eight times more likely to contain secrets than public ones, and collaboration tools represent a significantly overlooked source of exposure.
  • Grip - SaaS Security Risks Report (2025) - Outlines key security risks associated with the growing adoption of SaaS applications, including trends in usage across industries and specific SaaS app statistics. Key findings reveal a significant increase in shadow SaaS deployments and the rapid growth of AI-powered tools, posing substantial and largely unmanaged security risks.
  • Kodem - State of AppSec Workflow (2025) - Analyzes application security workflows, identifying key bottlenecks and pain points in current practices. The primary bottleneck is remediation, exacerbated by alert fatigue and inefficient vulnerability triage, highlighting the need for increased automation and adaptation to modern development environments.
  • LegitSecurity - State of Application Risk Report (2025) - Examines the current state of application risk in 2025, focusing on common vulnerabilities and security testing inefficiencies. Key findings reveal significant issues with secrets exposure, AI-related risks, and software supply chain vulnerabilities, highlighting a need for improved security practices across the software development lifecycle.
  • RunZero - RunZero Research Report (2024) - Examines a broad range of organizational and network security issues through an innovative asset-centric approach, with a focus on "dark matter" in networks, segmentation issues, and unusual asset detection. Key findings highlight the risks associated with unusual assets and the resurgence of older threats alongside emerging vulnerabilities, emphasizing the need for specific AI-driven security solutions.
  • Sonatype - 2024 in Open Source Malware Threat Report (2024) - Examines the proliferation of open source malware, or malicious open source packages posing unprecedented risks in the form of software supply chain attacks. Key highlights include a 156% year-over-year increase in malicious open source packages, highlighting the growing threat of intentionally crafted malware in software supply chain attacks.
  • Synopsys - Open Source Risk Analysis Report (2024) - Examines open source security risks and vulnerabilities within software supply chains. Key findings reveal that eight of the top ten vulnerabilities stem from a single common weakness enumeration (CWE), highlighting the concentration of risks in specific coding practices.
  • United States Department of Defense - State of DevSecOps (2025) - Focuses on the adoption of DevSecOps practices within the United States Department of Defense. A key finding is the Air Force's launch of a new software directorate, highlighting a move towards integrating security earlier in the software development lifecycle.
  • Veracode - State of Software Security (2024) - Examines trends in application security, offering insights into common vulnerabilities, secure development practices, and strategies for improving software security throughout the development lifecycle. Key findings reveal a high incidence of security flaws, slow remediation times, and a correlation between the number of flaws and application size, highlighting the need for proactive security measures.
  • Wallarm - API Threat Stats Report (2025) - Examines API security threats in Q1 2025, focusing on the impact of agentic AI systems and evolving cloud-native infrastructure. Key findings highlight a rapid increase in API breaches driven by increasingly sophisticated attack vectors and a surge in software supply chain vulnerabilities.

Cloud Security

  • Censys - State of the Internet (2024) - Analyzes the internet exposure of Industrial Control Systems (ICS), focusing on the vulnerabilities beyond simple protocol exposure. Key findings reveal a complex security landscape where human-machine interface vulnerabilities and outdated protocols pose significant risks, demanding a more nuanced approach to ICS security.
  • Google Cloud - Threat Horizons Report (2024) - Analyzes the evolving threat landscape for cloud enterprise users. Key findings highlight the continued dominance of cryptomining attacks stemming from misconfigured cloud environments and the increasing sophistication of ransomware and data theft targeting cloud-based assets.
  • Hornet - Cybersecurity Report (2025) - Analyzes the current Microsoft 365 threat landscape, focusing on email security trends and attack techniques. Key findings reveal a significant increase in sophisticated attacks utilizing brand impersonation and malicious attachments, with notable variations in threat levels across different business sectors.
  • IBM - X-Force Cloud Threat Landscape Report (2024) - Analyzes the evolving cloud threat landscape and its impact across various industries. Key findings reveal a significant increase in cloud-based attacks targeting SaaS platforms and a concerning rise in security rule failures within cloud environments.
  • Sysdig - Cloud Native Security and Usage Report (2025) - Analyzes cloud-native security trends and usage patterns in 2025. Key findings reveal a significant increase in the adoption of runtime security tools and a growing focus on securing AI/ML workloads, alongside persistent challenges in managing identities across human and machine interactions.
  • Wiz - Cloud Data Security Snapshot (2025) - Analyzes current cloud data security exposure trends. A significant finding reveals that 54% of cloud environments have exposed assets containing sensitive data, highlighting the critical need for improved access controls and vulnerability management.
  • Wiz - State of AI in the Cloud (2025) - Analyzes the current state of AI in cloud environments, focusing on adoption rates, security challenges, and governance issues. Key findings reveal DeepSeek's rapid growth and the continued dominance of OpenAI, alongside a rising trend of self-hosted AI deployments and stabilized adoption of AI managed services.

Vulnerabilities

  • BeyondTrust - Microsoft Vulnerability Report (2024) - Analyzes the vulnerability landscape within the Microsoft software ecosystem in 2024. Key findings reveal a concerning rise in identity-based attacks targeting Microsoft products, alongside persistent vulnerabilities in legacy applications like Internet Explorer.
  • Edgescan - Vulnerability Statistics Report (2024) - Analyzes 2024 vulnerability statistics, focusing on severity levels, risk density, and common vulnerabilities across web applications and other systems. Key findings reveal a disproportionate number of high and critical severity vulnerabilities in web applications, particularly those related to common weaknesses (CWEs), and a notable distribution across public and non-public facing systems.
  • Flexera - Annual Vulnerability Review (2024) - Provides software vulnerability trends and threat intelligence from 2024. Key findings highlight the criticality of advisories and their impact, along with an examination of advisory rejection rates and the prevalence of vulnerabilities across various assets.
  • Synack - State of Vulnerabilities Report (2024) - Analyzes trends in software vulnerabilities affecting large enterprises and government agencies. Key findings reveal a 180% surge in real-world vulnerability exploitation across five industries (healthcare, financial services, U.S. federal government, technology and manufacturing).
  • Trustwave - Financial Services Risk Radar Report (2024) - Highlights the evolving threat landscape for the financial services sector in 2024. Key trends include the increasing prevalence of insider threats, the mainstream adoption of phishing-as-a-service, and the continued targeting of financial institutions by ransomware groups, alongside the emergence of new threats from cryptocurrency and deepfakes.

Ransomware

  • Guidepoint - GRIT Ransomware Annual Report (2025) - Analyzes ransomware and cyber threat trends in 2025, focusing on ransomware taxonomy, threat actors, and impacted industries. Key findings include an in-depth look at the RansomHub threat actor and a spotlight on critical infrastructure vulnerabilities, along with an analysis of post-compromise detection methods.
  • PaloAlto - Ransomware Review (2024) - Analyzes ransomware trends during the first half of 2024. Key findings include the impact of law enforcement takedowns on various threat groups, the emergence of fraudulent activities by some groups post-takedown, and the observed retirement or transition of several significant players.
  • Veeam - Ransomware Trends Report (2024) - Analyzes global ransomware trends in 2024, focusing on recovery challenges and the impact of attacks beyond ransom payments. Key findings reveal that 67% of organizations lack a recovery plan, highlighting a significant vulnerability and the substantial, underestimated costs associated with ransomware incidents.
  • Zscaler - ThreatLabz State of Ransomware Report (2024) - A comprehensive analysis of global ransomware trends, examining attack techniques, ransom demands, and strategies for preventing and mitigating ransomware attacks.

Data Breaches

  • IBM - Cost of a Data Breach Report (2024) - Analyzes the financial impact of data breaches in 2024, detailing costs associated with various attack vectors and recovery efforts. Key findings reveal a significant increase in the average cost of a breach, driven primarily by extortion attacks and prolonged recovery times.
  • Verizon - Data Breach Investigations Report (2025) - Analyzes data breach trends and patterns from 2025. Key findings reveal a significant increase in social engineering attacks and a persistent reliance on easily exploitable web application vulnerabilities, highlighting the need for improved employee security awareness training and robust application security measures.
  • Identity Theft Resource Center - Annual Data Breach Report (2024) - Analyzes 2024 data breaches, focusing on trends in identity theft and compromise notifications. Key findings reveal a continued high volume of breaches across various sectors, with little impact observed from current data disclosure requirements.

Physical Security

  • Genetec - State of Physical Security (2025) - Analyzes the current state of physical security, focusing on global trends and challenges in 2025. Key findings reveal persistent recruiting difficulties, fluctuating budgets impacting project timelines, and the growing influence of IT in physical security decisions alongside increasing cloud adoption.
  • Security Industry Association - Security Megatrends (2025) - This report outlines eight key security megatrends for 2025. Significant trends highlighted include the increasing importance of AI-driven security automation, the convergence of IT and OT security, and the democratization of identity and mobile credentials.
  • Nozomi - Networks OT IoT Security Report (2025) - Analyzes operational technology (OT) and internet of things (IoT) cybersecurity trends in the second half of 2024. Key findings reveal a significant increase in sophisticated attacks targeting industrial control systems, highlighting the growing need for robust security measures in critical infrastructure.
  • Trustwave - Manufacturing Risk Radar Report (2025) - Analyzes the evolving threat landscape for the manufacturing sector in 2025. Key findings highlight the increasing convergence of IT and OT systems, a persistent rise in ransomware attacks, and the need for enhanced security measures across all attack stages.

AI and Emerging Technologies

  • Australian Institute of Company Directors - Directors Introduction to AI (2024) - Provides an overview of artificial intelligence tailored for directors, highlighting its strategic implications, governance considerations, and best practices for AI implementation in organizations.
  • Okta - Secure Sign in Trends Report (2024) - Analyzes multi-factor authentication (MFA) adoption trends and authenticator usage. Key findings reveal variations in adoption rates across regions, industries, and organization sizes, with specific insights into the security and usability of different authenticator types.
  • Zimperium - Global Mobile Threat Report (2024) - Analyzes the global mobile threat landscape and the increasing prevalence of mobile-first attack strategies. Key findings reveal a surge in mobile phishing (mishing) attacks targeting specific industries, alongside the growing danger of malicious sideloaded applications and sophisticated mobile malware.
  • Zscaler - ThreatLabz AI Security Report (2024) - Analyzes enterprise AI adoption trends and associated security risks. Key findings reveal a dramatic increase in AI transactions, alongside a corresponding rise in blocked transactions, highlighting the growing need for robust AI security measures across various industries.

Survey Reports

  • Accenture - State of Cybersecurity Resilience (2023) - Provides insights into the state of cybersecurity resilience across various industries, highlighting key trends and challenges faced by organizations.
  • Aon - Intangible vs. Tangible Risk Report (2024) - Analyzes cyber and enterprise risk management trends from a survey of over 2,300 respondents across global regions, providing insights into the evolving landscape of tangible and intangible risks.
  • CompTIA - State of Cybersecurity (2025) - Considerations for cybersecurity in 2025, covering business, application, data, and technology aspects providing a framework for building robust and resilient cybersecurity strategies.
  • Deloitte - Future of Cyber Survey (2024) -Explores the future of cybersecurity, providing insights into emerging trends, technologies, and strategies across different sectors.
  • FERMA - Global Risk Manager Survey Report (2024) - Analysis of global risk management practices across 77 countries and six regional associations.
  • ISC2 - Cyberthreat Defense Report (2024) - Examines the current state of cyberthreat defense, including emerging threats and defense strategies across various industries.
  • KnowBe4 - Cybersecurity Culture Report (2024) - Explores the state of cybersecurity culture in organizations, highlighting trends and best practices across different sectors.
  • Kong - API Security Perspectives (2025) Outlines the growing threat of AI-enhanced attacks on APIs and emphasizes the need for robust API security measures and the rising risks associated with these new types of threats.
  • Norton - Cyber Safety Insights Report (2024) - Provides insights into consumer cyber safety trends and challenges across various industries.
  • Proofpoint - Voice of the CISO Report (2024) - Insights into the perspectives and challenges faced by Chief Information Security Officers across different sectors.
  • PwC - Global Digital Trust Insights (2024) - Examines global trends in digital trust and cybersecurity across various industries.
  • Salt - CISO and CIO Investment Priorities (2025) - Surveys key cybersecurity investment priorities for CISOs and CIOs in 2025, as detailed in a white paper by Osterman Research and sponsored by Salt Security.
  • SANS - SANS Cyber Threat Hunting Survey (2024) - Provides insights into the current state of cyber threat hunting across different sectors.
  • Splunk - State of Security (2024) - Provides an overview of the current state of security, including trends and challenges across different sectors.
  • USTelecom - Cybersecurity Culture (2023) - Examines the state of cybersecurity culture in the telecommunications industry and related sectors.
  • Vanta - State of Trust Report (2024) - Explores the growing challenges in building and maintaining trust for organizations, focusing on security risks, compliance burdens, and the increasing third-party vendor risks.
  • Verizon - Mobile Security Index (2024) - Provides insights into mobile security trends and challenges across various industries.
  • World Economic Forum - Global Cybersecurity Outlook (2025) - A global perspective on cybersecurity trends and challenges exploring the impact of emerging technologies, geopolitical tensions, and cybercrime.

Application Security

Cloud Security

Identity Security

  • Astrix - State of Non Human Identity (2024) - Highlights growing concerns over non-human identities as attack vectors, limited automation and visibility into API and third-party connections, and an increasing investment in NHI security.
  • ConductorOne - Identity Security Outlook Report (2024)
    Highlights how increasing technological and organizational complexity are driving new identity risks.
  • CyberArk - State of Machine Identity Security Report (2025) - Focuses on the critical and often-overlooked area of machine identity security. Key findings reveal that a significant percentage of organizations are concerned about risks stemming from compromised machine identities (37%) and expired certificates (36%), highlighting a lack of visibility and control over secrets management.
  • CyberArk - Identity Security Threat Landscape Report (2024)
    Examines the impact of cyberattacks on identity, including cyber debt, GenAI, machine identities, and third- and fourth-party risks.
  • IDS Alliance - 2024 Trends in Securing Digital Identities (2024) - Provides insights into current plans, historical trends, and approaches to cybersecurity and identity management.
  • Hypr - State of Passwordless Identity Assurance (2025) - Focuses on the adoption and impact of passwordless identity assurance. Key findings indicate a growing momentum for passwordless authentication in the enterprise, with usage increasing by 10% compared to the previous year.
  • ManageEngine - Identity Security Survey (2024) - Explores global identity security readiness across industries and roles, examining the rising tide of AI-driven phishing, social engineering, and credential theft.
  • Omada - State of Identity Governance (2024) Highlights the modernization of identity governance driven by digital transformation and hybrid workforces, emphasizing SaaS-based solutions, analytics, and automation for scalable and secure identity management.
  • PushSecurity - Identity Attacks (2024) - Highlights that 2024 is seeing a rise in identity-based attacks, as attackers increasingly target vulnerable identities now that identity has become the new security perimeter.
  • SailPoint - Horizons of Identity Security (2024) - Explores the evolving landscape of identity security, emphasizing its role in mitigating cyber risks while enhancing business value and productivity.
  • Semperis - Ransomware Holiday Risk Report (2024) - Focuses on the increased risk of ransomware attacks during holidays and times of corporate upheaval. A key finding indicates that 63% of organizations experiencing corporate upheaval also experienced a ransomware attack, highlighting the opportunistic nature of threat actors.
  • Semperis - Ransomware Risk Report (2024) - Analyzes the future challenges and next steps organizations are planning to take in response to the current cybersecurity landscape. A key finding is that despite the significant damage caused by ransomware, only 29% of surveyed organizations plan to increase their security budgets in the next year, with notable variations across countries (US: 28%, UK: 45%).
  • Varonis - The Identity Crisis (2024) - A review of 35 SEC Form 8-K filings and cross-reference to news and threat reports to understand how cyberattacks occur.

Penetration Testing

Privacy and Data Protection

  • Cisco - Data Privacy Benchmark Study (2024) - Provides insights into data privacy trends, challenges, and breaches across various industries.
  • Code42 - Annual Data Exposure Report (2024)
    Highlights insider threat risks and trends based on insights from over 700 security professionals.
  • Drata - State of GRC (2025) - Focuses on the evolving role of Governance, Risk Management, and Compliance (GRC), transitioning from a cost center to a strategic business driver. A key finding highlights the challenges GRC teams face in balancing compliance complexity and business growth, including concerns about AI hallucinations providing improper GRC guidance.
  • Hyperproof - IT Risk and Compliance Benchmark Report (2025) - Examines the state of IT risk and compliance, focusing on the maturation of GRC programs and trends in framework adoption.
  • Immuta - State of Data Security Report (2025) - A survey of 700+ data professionals examines the current state of data security, including challenges, trends, and best practices across various industries.
  • ISACA - State of Privacy (2025) - Outlines key trends in global privacy practices, including staffing needs, budget constraints, and the increasing integration of AI in privacy operations.
  • Kiteworks - Forecast for Managing Private Content Exposure Risk (2025) - Outlines 12 predictions for managing private content exposure risk, based on cybercrime, cybersecurity, and compliance trends focusing on sensitive content communications.
  • Proofpoint - Data Loss Landscape (2024) - Provides an overview of the data loss landscape, including trends and challenges faced by organizations across various industries.
  • Proofpoint - Global Email Security Market Report (2024) - Benchmarks 21 top email security vendors, highlighting growth opportunities and market trends.

Ransomware

AI and Emerging Technologies

  • Cisco - State of AI Security (2025) - Analyzes the emerging AI security risks and attack vectors within the AI threat landscape.
  • HiddenLayer - AI Threat Report (2024) - Provides insights into the AI threat landscape across various industries.
  • Okta - AI at Work (2025) - Focuses on the perspectives of C-suite executives regarding the transformative impact of artificial intelligence (AI) on security, innovation, and efficiency within organizations.
  • Salt - State of API Security (2024) - Analyzes the state of API security covering adoption drivers, development trends, security challenges, and customer data analysis.
  • Snyk - AI Generated Code Security Report (2023) - Examines the security implications of AI-generated code across different sectors.

Resources

Annual reports are the result of a collaborative effort, combining research from both paid and non-profit sources, drawn from within the organization and the broader cybersecurity community. These reports rely on the contributions of various organizations that help shape the field by setting standards, offering certifications, conducting research, and influencing policy.

The categories below highlight the diverse roles these organizations play in building cybersecurity programs and advancing best practices. By exploring these groups, readers can gain insight into the ecosystem that underpins the development of annual reports and drives progress in the industry.

Research Consulting: These are organizations that offer paid research services, market analysis, and consulting in the field of information technology and cybersecurity.

Standards and Certifications: Organizations involved in setting cybersecurity standards, providing certifications, and creating frameworks for best practices.

Threat Intelligence and Incident Response: Organizations focused on sharing threat intelligence, coordinating cyber incident responses, and combating cyber threats.

Policy and Advocacy: Institutions shaping cybersecurity policies, regulations, and public awareness on a national or international scale.

Working Groups: These are collaborative organizations or professional associations that conduct research, share information, and develop best practices in cybersecurity.

Government and Non-profits: This category includes government agencies and non-profit organizations dedicated to cybersecurity research, policy development, and public awareness.

Research Consulting

  • 451 Research - A technology research and advisory firm specializing in emerging technology segments including cybersecurity market analysis and trends.
  • ABI Research - A technology market intelligence company providing strategic guidance on transformative technologies, including cybersecurity and digital security.
  • Forrester Research - An advisory company that offers paid research, consulting, and event services specialized in market research for information technology.
  • Frost & Sullivan - A consulting firm offering market research and analysis in cybersecurity, with particular focus on emerging technologies and market opportunities.
  • Gartner - A technology research and consulting firm which offers private paid consulting as well as executive programs and conferences.
  • GigaOm - A research firm offering practical, hands-on, practitioner-driven research for businesses.
  • International Data Corporation (IDC) - A global provider of market intelligence and advisory services.
  • KuppingerCole - A global analyst company specializing in information security, identity & access management, and risk management.
  • Omdia - A global technology research powerhouse focusing on cybersecurity market analysis and digital transformation.

Standards and Certifications

Threat Intelligence and Incident Response

Policy and Advocacy

Working Groups

Government and Non-profits

Contributing

Please refer to the guidelines at https://github.com/jacobdjwilson/awesome-annual-security-reports/blob/master/CONTRIBUTING.md for details.