Awesome Annual Security Reports

A curated list of annual cyber security reports - Centralized annual cybersecurity analysis and industry surveys

Definition: The cybersecurity landscape is constantly evolving, making it hard for CIOs, CISOs, and security leaders to keep up. They're flooded with annual reports from research consultancies, industry working groups, non-profits, and government agencies, and sifting through marketing material to find actionable insights is a major challenge. This list aims to cut through the noise by providing a vendor-neutral resource for the latest security trends, tools, and partnerships. It curates information from trusted sources, making it easier for security leaders to make informed decisions.

Disclaimer: The reports in this collection are limited to content which does not require a paid subscription, membership, or service contract. There are a variety of different business models and drivers that would cause information to be put behind a paywall, I would like to respect those companies and individuals. Consult the original authors for licensing of any report content.

Limitations: This is not a repository for project-specific documents such as white papers, intelligence reports, technical specifications, or standards. While all user-submitted uploads or report requests are welcome, we should draw a box around this awesome list.

Accessibility When possible, all reports will be sourced from their original authors and uploaded to Virus Total via GitHub action to provide an added level of confidence. The resulting analysis link will be included in the PDF commit notes. Additionally, all PDF reports will be converted to Markdown using AI, based on the AI Prompts defined in this repository.

Acknowledgement: I would like to give recognition for other works that inspired this collection. Richard Stiennon produces an annual, comprehensive industry analysis that surpasses the scope of this list and deserves attention. Additionally, Rick Howard's cyber cannon list of must-read books is an invaluable resource, catering to both leadership and practitioner levels within the field.

Annual Report Counts:

Contents

• Overview
• Analysis Reports
  • Threat Intelligence
  • Application Security
  • Cloud Security
  • Vulnerabilities
  • Ransomware
  • Data Breaches
  • Physical Security
  • AI and Emerging Technologies
• Survey Reports
  • Industry Trends
  • Application Security
  • Cloud Security
  • Identity Security
  • Penetration Testing
  • Ransomware
  • Privacy and Data Protection
  • AI and Emerging Technologies
• Resources
  • Research Consulting
  • Standards and Certifications
  • Threat Intelligence and Incident Response
  • Policy and Advocacy
  • Working Groups
  • Government and Non-profits
• Contributing

Overview

Reports are organized into two main categories based on their data sources:

• Analysis: Generated through quantification and qualification of data from sensor networks or cybersecurity services.
• Survey: Derived from surveys, interviews, or consulting engagements that capture industry sentiment and practices.

The most recent versions of reports are listed below. Older editions are preserved in their corresponding yearly directories. Reports from sources that have not been updated in the last three years will no longer appear in this README.md but will remain accessible in the respective year's directory.

Reports are organized by their primary focus. Although many reports span multiple topics, this classification provides a clearer structure. Within each topic, reports are listed alphabetically.

Analysis Reports

Threat Intelligence

• ArticWolfLabs - Cybersecurity Predictions (2025) - Analyzes evolving threat landscapes and predicts key cybersecurity challenges for 2025. The report highlights the increasing sophistication of social engineering attacks, emphasizing the critical need for robust multi-factor authentication (MFA) implementations and vigilance against evolving tactics, techniques, and procedures (TTPs).
• Australian Signals Directorate - Cyber Threat Report (2024) - Analyzes the Australian cyber threat landscape for 2023-2024, focusing on state actors, critical infrastructure attacks, cybercrime, hacktivism, and national resilience efforts. Key findings highlight a significant increase in ransomware attacks targeting critical infrastructure and a concerning rise in hacktivism motivated by geopolitical events.
• BD - Product Security Annual Report (2023) - Analyzes the cybersecurity posture of BD's medical device ecosystem and its products. Key findings highlight the importance of collaborative vulnerability disclosure and the implementation of strong cybersecurity controls throughout the product lifecycle to mitigate risks within the healthcare sector.
• Blackpoint - Annual Threat Report (2024) - Analyzes the 2023 cyberthreat landscape and emerging trends. Key findings highlight a concerning rise in exploitation of vulnerabilities like Citrix Bleed, alongside shifts in threat actor tactics and industry-specific vulnerabilities.
• CheckPoint - Cybersecurity Report (2025) - Analyzes global cybersecurity events and trends in 2024, offering predictions and recommendations for CISOs in 2025. Key findings highlight the impact of AI and cloud advancements on cybercrime, emphasizing the need for proactive security measures and adaptive strategies.
• Cisco - Cyber Threats Trends Report (2025) - Analyzes current cyber threat trends, focusing on information stealers, Trojans, ransomware, RATs, and APTs. Key findings reveal a significant increase in the sophistication and volume of attacks, particularly concerning the use of information stealers and the continued evolution of ransomware techniques.
• CrowdStrike - Threat Hunting Report (2024) - Analyzes 2024 intrusion trends, focusing on adversary tactics and sectoral targeting. Key findings reveal a significant rise in cloud-based attacks leveraging cloud management agents, alongside a concerning increase in sophisticated insider threats targeting numerous U.S. companies.
• CrowdStrike - Global Threat Report (2025) - Analyzes global threat trends and key adversary tactics for 2025. Significant findings include the increasing use of generative AI by adversaries, the persistent threat of social engineering, and the growing sophistication of cloud-based attacks targeting SaaS platforms.
• DarkTrace - Annual Threat Report (2024) - Analyzes the 2024 threat landscape, focusing on ransomware, email threats, and state-sponsored espionage. Key findings reveal the persistence of ransomware attacks, the increasing sophistication of LOTL techniques, and a notable rise in threats targeting operational technology and critical infrastructure sectors.
• DeepInstinct - Threat Landscape Report (2025) - Analyzes global malware trends and ransomware attacks in 2024, offering predictions for 2025. Key findings highlight a continued rise in ransomware attacks targeting specific sectors, coupled with the evolving tactics of ransomware groups and the impact of sanctions and disclosures on their operations.
• DeepWatch - Annual Threat Report (2024) - Analyzes 2023 adversary tactics and intelligence, focusing on observed trends and key threat actors. Key findings highlight the continued dominance of account compromise and ransomware incidents, alongside the persistent exploitation of critical vulnerabilities in internet-facing systems.
• Department of Homeland Security - Threat Assessment (2025) - Analyzes homeland security threats in 2025, focusing on terrorism, transnational crime, and threats to critical infrastructure. Key concerns include the evolving tactics of nation-state actors, the persistent threat of cyberattacks targeting critical infrastructure, and the increasing challenges posed by transnational criminal organizations.
• DNSFilter - Annual Security Report (2025) - Analyzes 2024 cybersecurity trends, focusing on data breaches and their impact across various regions. Key findings reveal a significant increase in threats related to natural disasters and election-related attacks, coupled with an uneven adoption of security measures among Managed Service Providers (MSPs).
• Dragos - OT Cybersecurity Report A Year in Review (2025) - Analyzes the 2025 OT/ICS cybersecurity landscape, focusing on adversary tactics and defender progress. Key findings reveal a rise in OT-centric cyber operations fueled by geopolitical tensions, particularly the Ukraine-Russia conflict, and the increasing activity of threat groups like KAMACITE and ELECTRUM.
• ENISA - Threat Landscape Report (2024) - Analyzes the 2024 threat landscape, focusing on evolving trends in cyberattacks and vulnerabilities. Key findings highlight the persistent threat of ransomware, the increasing sophistication of social engineering tactics, and a concerning rise in data breaches targeting critical infrastructure.
• Ensign - Cyber Threat Landscape Report (2024) - Analyzes cybersecurity threat trends across the Asia-Pacific region in 2023. Key findings highlight the evolution of ransomware extortion tactics and the increasing sophistication of hacktivist groups, alongside a notable rise in attacks targeting digital infrastructure.
• Expel - Annual Threat Report (2025) - Analyzes cybersecurity trends from 2024, focusing on cloud security, phishing, and other threats. Key findings reveal diverse threat actor tactics across various industries, highlighting the need for proactive detection and preventative measures.
• FBI - Internet Crime Report (2024) - Analyzes 2024 cybercrime trends and complaint data reported to the Internet Crime Complaint Center (IC3). Key findings reveal a significant increase in cyber-enabled fraud complaints across various age groups, with notable regional disparities in reported incidents.
• Flashpoint - Global Threat Intelligence Report (2025) - Analyzes the 2025 global cyber threat landscape, focusing on data breaches and information-stealing malware. Key findings reveal significant trends in unauthorized access methods and the evolving tactics used by threat actors, impacting various sectors and requiring updated security strategies.
• Fortinet - Global Threat Report (2025) - Analyzes the evolving global threat landscape and attacker tactics. Key findings reveal a surge in cyber reconnaissance activity driven by automated scanning and a significant shift in attacker focus towards cloud environments and post-exploitation techniques.
• Huntress - Threat Report (2025) - Analyzes the 2024 cyber threat landscape, focusing on ransomware attacks and their impact across various sectors. Key findings reveal a concerning increase in ransomware attacks targeting healthcare and technology sectors, with a notable rise in the use of Remote Monitoring and Management (RMM) tools for lateral movement.
• IBM - X Force Threat Intelligence Index (2025) - Analyzes emerging cybersecurity threats and trends for 2025. Key findings highlight the increasing use of AI in attacks, the persistence of info-stealers, and the significant role of phishing and cloud-based infrastructure in successful compromises.
• Kela - AI Threat Report (2025) - Analyzes the weaponization of AI by cybercriminals, focusing on emerging threats and attack vectors. Key findings reveal a 200% increase in mentions of malicious AI in 2024, highlighting the rapid growth of dark AI tools and their use in automated phishing, vulnerability research, and malware development.
• Mandiant - M Trends (2025) - Analyzes global cybersecurity threats and trends in 2025. Key findings include insights into ransomware attacks, cloud compromises, and the evolving tactics of various nation-state actors.
• Microsoft - Digital Defense Report (2024) - Analyzes the evolving cybersecurity threat landscape and key developments in threat actor motivations and tactics. Significant findings include the blurring lines between nation-state actors and cybercriminals, along with quantifiable data on nation-state threat activity.
• Mimecast - Global Threat Intelligence Report H2 (2024) - Outlines a method for converting technical PDFs into Markdown. The key focus is on complete fidelity, preserving all content, structure, and formatting, including a functional Table of Contents and descriptions of images rather than embedding them.
• National Cyber Security Centre - Cyber Threat Report (2024) - Analyzes New Zealand's cyber threat landscape for 2023-2024, focusing on state actors, critical infrastructure attacks, cybercrime, hacktivism, and national resilience efforts. Key findings highlight a notable increase in ransomware attacks targeting critical infrastructure and a growing sophistication of state-sponsored cyber operations.
• NCC Group - Threat Monitor Report (2024) - Provides an analysis of current cyber threats, offering insights into attack trends, vulnerabilities, and strategies for improving organizational cybersecurity.
• Office of the Director of National Intelligence - Annual Threat Assessment (2025) - This assessment analyzes the evolving threat landscape to U.S. national security posed by state and non-state actors. Key concerns include the increasing cooperation between adversarial states and the persistent threat from transnational criminal organizations, particularly in the illicit drug trade and extremist activities.
• OrangeCyberDefense - Security Navigator (2025) - Analyzes the evolving cybersecurity threat landscape and proactive mitigation strategies. Key findings reveal a rise in cyber extortion, AI-driven attacks, and threats to operational and mobile networks, necessitating innovative defensive adaptations.
• Picus - RedReport (2025) - Analyzes the ten most prevalent MITRE ATT&CK® techniques used by threat actors. Key findings reveal a high prevalence of techniques related to process injection, command execution, and credential harvesting, highlighting the persistent reliance on established attack vectors.
• Rapid7 - Attack Intelligence Report (2024) - Analyzes vulnerability exploitation trends and ransomware attack vectors in 2023. Key findings reveal a rise in pre-patch exploitation and the continued prevalence of file transfer protocol vulnerabilities as initial access vectors for ransomware.
• RecordedFuture - Cyber Threat Analysis Report (2024) - Analyzes the impact of SaaS application proliferation on cyberattacks in 2024. Key findings reveal the significant role of stolen credentials and MFA failures in data breaches, alongside the increased use of generative AI in influence operations and a rise in ransomware variants.
• RedCanary - Threat Detection Report (2025) - Analyzes emerging threat detection trends in 2025, focusing on ransomware, initial access vectors, and identity-based attacks. Key findings reveal a significant increase in API abuse within cloud environments and the growing sophistication of AI-powered adversary emulation techniques.
• ReliaQuest - Annual Threat Report (2025) - Analyzes 2024 cyber-threat trends, focusing on initial access tactics and their effectiveness. Key findings reveal inadequate logging as the root cause of most breaches, with session hijacking bypassing multi-factor authentication in all successful business email compromise incidents.
• Secureworks - State of the Threat (2024) - Analyzes global cybercrime trends and threat actor activities throughout the year. Key findings reveal persistent cybercrime growth despite law enforcement efforts, coupled with significant increases in hacktivism and state-sponsored attacks.
• SonicWall - Cyber Threat Report (2025) - Analyzes the evolving landscape of cyber threats in 2024, focusing on the rise of ransomware, BEC attacks, and the impact of AI-powered tools. Key findings highlight a significant increase in ransomware and BEC attacks, coupled with the concerning ease with which threat actors can leverage AI and readily available tools to launch sophisticated campaigns.
• Sophos - Threat Report (2024) - Analyzes the evolving landscape of cybercrime, focusing on its impact on small and medium-sized businesses. Key findings reveal ransomware as a persistent major threat, exacerbated by the rise of cybercrime-as-a-service and the increasing sophistication of social engineering tactics.
• Trellix - Advanced Threat Research Report (2024) - Analyzes global cyber threats and nation-state activity in June 2024. Key findings reveal a rise in APT group activity targeting specific regions, utilizing both malicious and non-malicious tools, with a notable focus on Volt Typhoon.
• TrendMicro - Annual Cybersecurity Threat Report (2025) - Analyzes enterprise cyber risk exposure across sectors and regions using telemetry from Trend Vision One's Cyber Risk Index framework. Key findings show the education sector maintained the highest risk throughout 2024, while larger organizations exhibited greater exposure due to complex infrastructures and expanded attack surfaces.
• Trustwave - Education Sector Threat Landscape (2024) - Analyzes the evolving threat landscape in the education sector in 2024. Key findings highlight the increasing reliance on online learning, a surge in ransomware attacks targeting educational institutions, and the significant risk posed by third-party vendors.
• Trustwave - Professional Services Sector Threat Landscape (2024) - Analyzes the 2024 threat landscape for professional services firms. Key findings reveal a significant increase in ransomware attacks leveraging supply chain vulnerabilities and phishing campaigns, emphasizing the need for enhanced security awareness training and robust incident response planning.
• Trustwave - Public Sector Threat Landscape (2024) - Analyzes the 2024 public sector threat landscape, focusing on emerging trends and attack vectors. Key findings highlight the increasing convergence of IT and OT systems in critical infrastructure, along with a persistent reliance on easily exploitable methods like phishing and vulnerable supply chains.
• Trustwave - Technology Sector Threat Landscape (2024) - Analyzes the 2024 technology threat landscape, focusing on emerging trends and attack vectors. Key findings highlight the persistent threat of ransomware, the increasing exploitation of third-party supplier vulnerabilities, and a concerning prioritization of speed over security in software development.
• United States Department of Defense - OSINT Strategy 2024–2028 (2024) - Outlines the Department of Defense's approach to open-source intelligence (OSINT) as a vital resource for decision-makers and warfighters, emphasizing OSINT's role in enhancing situational awareness and operational effectiveness.
• Upstream - Global Automotive Cybersecurity Report (2025) - Analyzes the expanding cybersecurity gap in the automotive and smart mobility sectors. Key findings reveal a surge in ransomware attacks in 2024 and the increasing vulnerability of critical infrastructure due to the proliferation of smart mobility devices.
• WatchGuard - Threat Report (2025) - Analyzes network and endpoint threat activity observed across WatchGuard security appliances in Q1 2025. Notable findings include a 171% spike in network-detected malware per device and a 712% increase in new, unique endpoint malware samples, signaling a surge in evasive and novel threats.
• United States White House - Cybersecurity Posture of the United States (2024) - Analyzes the cybersecurity posture of the United States in 2024. Key findings highlight evolving risks to critical infrastructure, the persistent threat of ransomware, and the increasing exploitation of supply chains alongside the growing use of commercial spyware and the implications of artificial intelligence.

Application Security

• BlackDuck - Software Vulnerability Snapshot Report (2024) - Analyzes the 2024 software vulnerability landscape, focusing on the top ten vulnerability classes identified. A significant increase in critical-risk vulnerabilities was observed across multiple sectors, highlighting the urgent need for enhanced security testing methodologies.
• Blackduck - Open Source Risk Analysis Report (2025) - Analyzes open source software risk, detailing findings related to security vulnerabilities, licensing issues, and component maintenance based on audit data. Significant findings reveal open source in nearly all codebases (97%), with a striking 90% containing components over four years out-of-date and 64% being untrackable transitive dependencies.
• Chainguard - State of Hardened Container Images Report (2024) - Focuses on the security posture of hardened container images, specifically comparing Red Hat UBI variants with Chainguard Images. The analysis reveals key differences in image composition and security practices, highlighting the importance of digital signatures and SBOM inclusion for mitigating software vulnerabilities in containerized environments.
• DigitalAI - Application Security Threat Report (2025) - Quantifies evolving risks in modern application security. Key findings highlight industry trends, attack data categorized by industry and OS (Android vs. iOS), and regional variations in attack rates.
• Escape - State of API Exposure (2024) - Analyzes API security across Fortune 1000 and CAC 40 companies, uncovering 30,000 exposed APIs and 100,000 API issues, emphasizing risks in large organizations. Key findings reveal the pervasive nature of API security issues and the need for improved security measures.
• GitGuardian - State of Secrets Sprawl (2025) - Analyzes the prevalence of secrets sprawl in 2024, focusing on the types of secrets exposed and their locations within software development lifecycles. Key findings reveal that generic secrets comprise 58% of all detected leaks, private repositories are eight times more likely to contain secrets than public ones, and collaboration tools represent a significantly overlooked source of exposure.
• Grip - SaaS Security Risks Report (2025) - Outlines key security risks associated with the growing adoption of SaaS applications, including trends in usage across industries and specific SaaS app statistics. Key findings reveal a significant increase in shadow SaaS deployments and the rapid growth of AI-powered tools, posing substantial and largely unmanaged security risks.
• Kodem - State of AppSec Workflow (2025) - Analyzes application security workflows, identifying key bottlenecks and pain points in current practices. The primary bottleneck is remediation, exacerbated by alert fatigue and inefficient vulnerability triage, highlighting the need for increased automation and adaptation to modern development environments.
• LegitSecurity - State of Application Risk Report (2025) - Examines the current state of application risk in 2025, focusing on common vulnerabilities and security testing inefficiencies. Key findings reveal significant issues with secrets exposure, AI-related risks, and software supply chain vulnerabilities, highlighting a need for improved security practices across the software development lifecycle.
• RunZero - Research Report (2024) - Examines a broad range of organizational and network security issues through an innovative asset-centric approach, with a focus on "dark matter" in networks, segmentation issues, and unusual asset detection. Key findings highlight the risks associated with unusual assets and the resurgence of older threats alongside emerging vulnerabilities, emphasizing the need for specific AI-driven security solutions.
• Salt - State Of API Security (2025) - Highlights the persistent challenges and evolving landscape of API security, driven by rapid digital transformation and cloud migration. Despite widespread API adoption and a nearly universal encounter with security issues, many organizations struggle with accurate inventory, real-time monitoring, and robust posture governance, alongside emerging GenAI-driven risks.
• Sonatype - Open Source Malware Threat Report (2024) - Examines the proliferation of open source malware, or malicious open source packages posing unprecedented risks in the form of software supply chain attacks. Key highlights include a 156% year-over-year increase in malicious open source packages, highlighting the growing threat of intentionally crafted malware in software supply chain attacks.
• United States Department of Defense - State of DevSecOps (2025) - Focuses on the adoption of DevSecOps practices within the United States Department of Defense. A key finding is the Air Force's launch of a new software directorate, highlighting a move towards integrating security earlier in the software development lifecycle.
• Veracode - State of Software Security (2024) - Examines trends in application security, offering insights into common vulnerabilities, secure development practices, and strategies for improving software security throughout the development lifecycle. Key findings reveal a high incidence of security flaws, slow remediation times, and a correlation between the number of flaws and application size, highlighting the need for proactive security measures.
• Wallarm - API Threat Stats Report (2025) - Examines API security threats in Q1 2025, focusing on the impact of agentic AI systems and evolving cloud-native infrastructure. Key findings highlight a rapid increase in API breaches driven by increasingly sophisticated attack vectors and a surge in software supply chain vulnerabilities.
• Wiz - State of Code Security (2025) - Examines the security posture of code repositories and CI/CD pipelines, highlighting the deep connection between code and cloud environments. It reveals that 61% of organizations have secrets exposed in public repositories , with GitHub dominating the VCS landscape but also exhibiting a significantly higher ratio of public repositories with insecure workflow permissions and weak branch protection.

Cloud Security

• Censys - State of the Internet (2024) - Analyzes the internet exposure of Industrial Control Systems (ICS), focusing on the vulnerabilities beyond simple protocol exposure. Key findings reveal a complex security landscape where human-machine interface vulnerabilities and outdated protocols pose significant risks, demanding a more nuanced approach to ICS security.
• Google Cloud - Threat Horizons Report (2024) - Analyzes the evolving threat landscape for cloud enterprise users. Key findings highlight the continued dominance of cryptomining attacks stemming from misconfigured cloud environments and the increasing sophistication of ransomware and data theft targeting cloud-based assets.
• Hornet - Cybersecurity Report (2025) - Analyzes the current Microsoft 365 threat landscape, focusing on email security trends and attack techniques. Key findings reveal a significant increase in sophisticated attacks utilizing brand impersonation and malicious attachments, with notable variations in threat levels across different business sectors.
• IBM - X-Force Cloud Threat Landscape Report (2024) - Analyzes the evolving cloud threat landscape and its impact across various industries. Key findings reveal a significant increase in cloud-based attacks targeting SaaS platforms and a concerning rise in security rule failures within cloud environments.
• Sysdig - Cloud Native Security and Usage Report (2025) - Analyzes cloud-native security trends and usage patterns in 2025. Key findings reveal a significant increase in the adoption of runtime security tools and a growing focus on securing AI/ML workloads, alongside persistent challenges in managing identities across human and machine interactions.
• Wiz - Cloud Data Security Snapshot (2025) - Analyzes current cloud data security exposure trends. A significant finding reveals that 54% of cloud environments have exposed assets containing sensitive data, highlighting the critical need for improved access controls and vulnerability management.
• Wiz - State of AI in the Cloud (2025) - Analyzes the current state of AI in cloud environments, focusing on adoption rates, security challenges, and governance issues. Key findings reveal DeepSeek's rapid growth and the continued dominance of OpenAI, alongside a rising trend of self-hosted AI deployments and stabilized adoption of AI managed services.

Vulnerabilities

• BeyondTrust - Microsoft Vulnerability Report (2024) - Analyzes the vulnerability landscape within the Microsoft software ecosystem in 2024. Key findings reveal a concerning rise in identity-based attacks targeting Microsoft products, alongside persistent vulnerabilities in legacy applications like Internet Explorer.
• Chainguard - The Cost of CVEs (2025) - Aanalyzes the financial impact of CVE management on organizations using containerized environments. Key findings indicate that mid-market organizations can unlock significant value through decreased risk ($2.8M), increased revenue ($2.2M), and faster innovation ($3.3M) by improving their CVE management practices and compliance.
• Edgescan - Vulnerability Statistics Report (2025) - Provides a statistical analysis of full-stack security and vulnerability trends across diverse organizations based on 2024 data. Key insights reveal a record 40,009 CVEs published and a 20% increase in publicly exploited vulnerabilities in 2024, highlighting persistent challenges in patching and the critical exposure of internal systems.
• Flexera - Annual Vulnerability Review (2024) - Provides software vulnerability trends and threat intelligence from 2024. Key findings highlight the criticality of advisories and their impact, along with an examination of advisory rejection rates and the prevalence of vulnerabilities across various assets.
• Synack - State of Vulnerabilities Report (2024) - Analyzes trends in software vulnerabilities affecting large enterprises and government agencies. Key findings reveal a 180% surge in real-world vulnerability exploitation across five industries (healthcare, financial services, U.S. federal government, technology and manufacturing).
• Trustwave - Financial Services Risk Radar Report (2024) - Highlights the evolving threat landscape for the financial services sector in 2024. Key trends include the increasing prevalence of insider threats, the mainstream adoption of phishing-as-a-service, and the continued targeting of financial institutions by ransomware groups, alongside the emergence of new threats from cryptocurrency and deepfakes.

Ransomware

• Guidepoint - GRIT Ransomware Annual Report (2025) - Analyzes ransomware and cyber threat trends in 2025, focusing on ransomware taxonomy, threat actors, and impacted industries. Key findings include an in-depth look at the RansomHub threat actor and a spotlight on critical infrastructure vulnerabilities, along with an analysis of post-compromise detection methods.
• PaloAlto - Ransomware Review (2024) - Analyzes ransomware trends during the first half of 2024. Key findings include the impact of law enforcement takedowns on various threat groups, the emergence of fraudulent activities by some groups post-takedown, and the observed retirement or transition of several significant players.
• Veeam - Ransomware Trends Report (2024) - Analyzes global ransomware trends in 2024, focusing on recovery challenges and the impact of attacks beyond ransom payments. Key findings reveal that 67% of organizations lack a recovery plan, highlighting a significant vulnerability and the substantial, underestimated costs associated with ransomware incidents.
• Zscaler - ThreatLabz State of Ransomware Report (2024) - A comprehensive analysis of global ransomware trends, examining attack techniques, ransom demands, and strategies for preventing and mitigating ransomware attacks.

Data Breaches

• Cyentia - Information Risk Insights Study (2025) - Analyzes incident probability and the increasing risks associated with third-party relationships. A key finding is that incident probability has almost quadrupled in the last 15 years, driven in part by threat actors exploiting trusted relationships with external service providers to compromise target organizations.
• IBM - Cost of a Data Breach Report (2024) - Analyzes the financial impact of data breaches in 2024, detailing costs associated with various attack vectors and recovery efforts. Key findings reveal a significant increase in the average cost of a breach, driven primarily by extortion attacks and prolonged recovery times.
• Verizon - Data Breach Investigations Report (2025) - Analyzes data breach trends and patterns from 2025. Key findings reveal a significant increase in social engineering attacks and a persistent reliance on easily exploitable web application vulnerabilities, highlighting the need for improved employee security awareness training and robust application security measures.
• Identity Theft Resource Center - Annual Data Breach Report (2024) - Analyzes 2024 data breaches, focusing on trends in identity theft and compromise notifications. Key findings reveal a continued high volume of breaches across various sectors, with little impact observed from current data disclosure requirements.

Physical Security

• Genetec - State of Physical Security (2025) - Analyzes the current state of physical security, focusing on global trends and challenges in 2025. Key findings reveal persistent recruiting difficulties, fluctuating budgets impacting project timelines, and the growing influence of IT in physical security decisions alongside increasing cloud adoption.
• Security Industry Association - Security Megatrends (2025) - This report outlines eight key security megatrends for 2025. Significant trends highlighted include the increasing importance of AI-driven security automation, the convergence of IT and OT security, and the democratization of identity and mobile credentials.
• Nozomi - Networks OT IoT Security Report (2025) - Analyzes operational technology (OT) and internet of things (IoT) cybersecurity trends in the second half of 2024. Key findings reveal a significant increase in sophisticated attacks targeting industrial control systems, highlighting the growing need for robust security measures in critical infrastructure.
• Trustwave - Manufacturing Risk Radar Report (2025) - Analyzes the evolving threat landscape for the manufacturing sector in 2025. Key findings highlight the increasing convergence of IT and OT systems, a persistent rise in ransomware attacks, and the need for enhanced security measures across all attack stages.

AI and Emerging Technologies

• Australian Institute of Company Directors - Directors Introduction to AI (2024) - Provides an overview of artificial intelligence tailored for directors, highlighting its strategic implications, governance considerations, and best practices for AI implementation in organizations.
• Okta - Secure Sign in Trends Report (2024) - Analyzes multi-factor authentication (MFA) adoption trends and authenticator usage. Key findings reveal variations in adoption rates across regions, industries, and organization sizes, with specific insights into the security and usability of different authenticator types.
• Team8 - Ciso Survey (2025) - Analyzes key insights from Team8's 2025 CISO Village Survey, primarily focusing on the impact of AI on cybersecurity risks and strategies. Key findings reveal that one in four CISOs experienced an AI-generated attack, while securing enterprise AI adoption and managing widespread AI agent deployment emerge as top priorities for 2025.
• Zimperium - Global Mobile Threat Report (2024) - Analyzes the global mobile threat landscape and the increasing prevalence of mobile-first attack strategies. Key findings reveal a surge in mobile phishing (mishing) attacks targeting specific industries, alongside the growing danger of malicious sideloaded applications and sophisticated mobile malware.
• Zscaler - ThreatLabz AI Security Report (2024) - Analyzes enterprise AI adoption trends and associated security risks. Key findings reveal a dramatic increase in AI transactions, alongside a corresponding rise in blocked transactions, highlighting the growing need for robust AI security measures across various industries.

Survey Reports

Industry Trends

• Accenture - State of Cybersecurity Resilience (2025) - Analyzes the widening gap between AI adoption and cybersecurity maturity across global enterprises. Key findings reveal only 13% of organizations possess advanced capabilities to defend against AI-driven threats, while just 10% have reached a proactive security posture that significantly reduces attack risk and technical debt.
• Aon - Intangible vs. Tangible Risk Report (2024) - Analyzes the evolving risks associated with intangible assets like AI and intellectual property (IP) in the context of cybersecurity. Key findings reveal that generative AI and cybersecurity are top CEO concerns, and new AI regulations may inadvertently increase litigation related to intellectual property rights.
• CompTIA - State of Cybersecurity (2025) - Analyzes the current state of cybersecurity, focusing on organizational priorities, incident impact, and workforce development needs. Key findings reveal that cybersecurity is a high priority for 59% of organizations, yet 56% experienced significant incident impact, highlighting a critical skills gap and the growing influence of generative AI on cybersecurity strategies.
• Deloitte - Future of Cyber Survey (2024) - Explores the evolving role of cybersecurity in driving strategic business value. Key findings reveal a growing influence of CISOs within the C-suite and a deepening integration of cybersecurity into technology-driven business programs.
• FERMA - Global Risk Manager Survey Report (2024) - Analysis of global risk management practices across 77 countries and six regional associations. Key findings reveal a significantly increased focus on corporate strategy integration and the growing maturity of enterprise risk management models, particularly concerning sustainability risks.
• ISC2 - Cyberthreat Defense Report (2024) - Examines the current state of cyberthreat defense, including emerging threats and defense strategies across various industries. Key findings reveal a persistent skills shortage alongside growing concerns about AI's dual impact on cybersecurity, both enhancing defenses and creating new attack vectors.
• KnowBe4 - Cybersecurity Culture Report (2024) - Explores the state of cybersecurity culture in organizations, highlighting trends and best practices across different sectors. Key findings indicates Security culture greatly varies across the world, indicating a siloed approach is not sustainable. problem in our fully connected world
• Kong - API Security Perspectives (2025) - Outlines the growing threat of AI-enhanced attacks on APIs and emphasizes the need for robust API security measures and the rising risks associated with these new types of threats.
• Norton - Cyber Safety Insights Report (2024) - Provides insights into consumer cyber safety trends and challenges across various industries. Key findings reveal that one in four users have been targeted by dating scams, and nearly one-third have experienced catfishing, highlighting the significant prevalence of online dating fraud.
• Proofpoint - Voice of the CISO Report (2024) - Insights into the perspectives and challenges faced by Chief Information Security Officers across different sectors. Key findings reveal persistent concerns around human error and insider threats, coupled with growing confidence in navigating evolving cybersecurity landscapes.
• PwC - Global Digital Trust Insights (2024) - Examines global trends in digital trust and cybersecurity across various industries. Key findings reveal cloud security as a top concern despite significant investment, highlighting a persistent gap in effective management and the increasing importance of generative AI in cyber defense.
• Salt - CISO and CIO Investment Priorities (2025) - Surveys key cybersecurity investment priorities for CISOs and CIOs in 2025, as detailed in a white paper by Osterman Research and sponsored by Salt Security. Key findings highlight shifts in priorities based on evolving threat landscapes and increased focus on incident response and proactive security measures.
• SANS - SANS Cyber Threat Hunting Survey (2024) - Provides insights into the current state of cyber threat hunting across different sectors. Key findings reveal shifts in attacker tactics, techniques, and procedures (TTPs), along with variations in methodologies and organizational approaches to threat hunting.
• Splunk - State Of Security (2025) - Examines the evolving challenges and future strategies for Security Operations Centers (SOCs). Highlights that inefficiencies, primarily from excessive tool maintenance and alert overload, significantly hinder operations, while AI is becoming a key driver for efficiency despite prevalent trust concerns.
• Team8 - CISO Survey (2025) - Outlines critical trends and strategic imperatives shaping the future of cybersecurity, based on the 2025 CISO Village Survey. Notable findings reveal record cybersecurity budget increases, a dual perception of AI as both a threat and a defensive tool, and heightened CISO personal liability amidst stringent regulatory changes.
• Vanta - State of Trust Report (2024) - Explores the growing challenges in building and maintaining trust for organizations, focusing on security risks, compliance burdens, and the increasing third-party vendor risks. Key findings reveal the increasing difficulty of managing compliance burdens, third-party risks, and the impact of AI adoption on security posture.
• Verizon - Mobile Security Index (2024) - Provides insights into mobile and IoT security risks, focusing on their amplified impact within critical infrastructure sectors. Key findings reveal a widespread perception of increased risk across all sectors, with significantly higher breach risks and impacts observed in critical infrastructure due to high IoT usage.
• World Economic Forum - Global Cybersecurity Outlook (2025) - Provides a global perspective on cybersecurity trends and challenges exploring the impact of emerging technologies, geopolitical tensions, and cybercrime. Key findings reveal a growing complexity in cyberspace, driven by increased digitalization and interconnectedness, necessitating proactive and adaptive security strategies.

Application Security

• BlackDuck - Global State of DevSecOps (2024) - Provides insights into the current state of DevSecOps, focusing on the impact of AI-assisted coding and evolving security testing practices. Key findings reveal a significant shift towards AI-driven security testing, alongside challenges in effectively interpreting and acting upon resulting security test data.
• Checkmarx - Future of Application Security (2024) - Analyizes the current state of application security and the challenges organizations face. Key findings reveal a growing disconnect between the increasing complexity of applications and the resources dedicated to securing them, highlighting the urgent need for a comprehensive "code-to-cloud" security approach.
• Checkmarx - State of Software Supply Chain Security (2024) - Provides insights into current trends in supply chain threats across industries such as banking and finance, insurance, software, technology, engineering, manufacturing, industrial, and public sector. Key findings reveal a significant reliance on Software Composition Analysis (SCA) as a foundational element, while the adoption of Software Bill of Materials (SBOMs) and broader interdisciplinary SSCS programs lags behind.
• Cycode - State of Application Security Posture Management (2025) - Examines application security challenges and strategies from the perspectives of CISOs, AppSec Directors, and DevSecOps managers across the UK, US, and Germany. Key findings reveal inefficiencies strain the relationship between security and development teams, eroding trust and hindering productivity.
• Snyk - State of Open Source Security (2024) - Examines the current state of open source security, including trends and challenges across various industries. Key findings indicate a plateau in OSS security improvements, with concerning declines in several key areas such as dependency tracking and a lack of significant year-over-year progress in supply chain security maturity.
• Traceable - Global State of API Security (2025) - Annual survey gathering insights from 1,548 respondents across 100+ countries on the state of API security. Key findings reveal a persistent increase in API-related breaches, the inadequacy of traditional security solutions, and the growing risk posed by bot attacks and the integration of generative AI.

Cloud Security

• Crowdstrike - SaaS Security Posture Management (2025) - Analyizes the 2024 SaaS Security Posture Management market, benchmarking companies' innovation and growth potential. Key findings highlight a competitive landscape with significant growth opportunities and best practices for companies seeking to improve their security posture.
• Fortinet - Cloud Security Report (2025) - Examines the state of cloud security, focusing on deployment strategies, multi-cloud adoption, and prevalent security concerns. Key findings reveal low confidence in real-time threat detection and a persistent cybersecurity skills gap, highlighting the need for increased investment and improved security practices.
• Google - Cybersecurity Forecast 2025 (2025) - Insights from Google Cloud leaders on emerging cybersecurity trends. Key predictions include the continued rise of ransomware and multifaceted extortion, the increasing use of AI by attackers, and the persistent threat from state-sponsored actors like China, Russia, Iran, and North Korea.
• ISC2 - Cloud Security Report (2024) - Provides insights into 2024 cloud security trends and challenges, focusing on multi-cloud environments and the adoption of DevSecOps. Key findings reveal significant barriers to advancing cloud maturity, particularly regarding skills gaps and the complexities of streamlining cloud compliance across multiple platforms.
• PaloAlto - State of Cloud Native Security Report (2024) - Examines the current state of cloud-native security, including trends, challenges, and best practices across different sectors. Key findings include significant law enforcement actions against several prominent ransomware groups, resulting in arrests, takedowns, and the apparent retirement of some actors, alongside the emergence of new groups and fraudulent activities.
• Sonatype - State of Cloud Security Report (2024) - Provides insights into the state of cloud security and software supply chain management across different sectors. Key findings highlight the increasing sophistication of attacks leveraging shadow downloads to bypass repository managers and the significant number of compromised packages discovered.

Identity Security

• Astrix - State of Non Human Identity (2024) - Highlights growing concerns over non-human identities as attack vectors, limited automation and visibility into API and third-party connections. Key findings reveal low confidence in preventing NHI-based attacks, coupled with significant challenges in managing basic security controls like permissions and API keys, highlighting a critical need for improved NHI security practices.
• ConductorOne - Identity Security Outlook Report (2024) - Highlights how increasing technological and organizational complexity are driving new identity risks. Key findings reveal increasing budgets for identity and access management, coupled with a growing adoption of zero standing privileges to mitigate escalating identity-based threats.
• CyberArk - Identity Security Threat Landscape Report (2024) - Examines the impact of cyberattacks on identity, including cyber debt, GenAI, machine identities, and third- and fourth-party risks. Key findings reveal a growing "cyber debt" fueled by these factors, highlighting the need for proactive security strategies.
• CyberArk - State of Machine Identity Security Report (2025) - Focuses on the critical and often-overlooked area of machine identity security. Key findings reveal that a significant percentage of organizations are concerned about risks stemming from compromised machine identities (37%) and expired certificates (36%), highlighting a lack of visibility and control over secrets management.
• Hypr - State of Passwordless Identity Assurance (2025) - Focuses on the adoption and impact of passwordless identity assurance. Key findings indicate a growing momentum for passwordless authentication in the enterprise, with usage increasing by 10% compared to the previous year.
• IDS Alliance - 2024 Trends in Securing Digital Identities (2024) - Provides insights into current plans, historical trends, and approaches to cybersecurity and identity management. Key research found that 22% of businesses see managing and securing digital identities as the number one priority of their security program, up from 17% in 2023.
• ManageEngine - Identity Security Survey (2024) - Explores global identity security readiness across industries and roles, examining the rising tide of AI-driven phishing, social engineering, and credential theft. Key findings reveal a significant gap between perceived and actual IT ecosystem visibility and control, highlighting the urgent need for improved identity security posture across organizations.
• Omada - State Of Identity Governance (2025) - Focuses on the state of identity governance in large organizations, leveraging insights from a survey of IT and business leaders. Despite increased cybersecurity funding, organizations struggle with high IGA total cost of ownership and persistent excessive access permissions, driving a demand for modern cloud-based, AI-driven solutions to automate manual processes.
• Orca - State of Cloud Security Report (2025) - Analyzes security challenges in multi-cloud environments, with a focus on AI risk, data exposure, and neglected assets. Key findings reveal that 62% of organizations have at least one vulnerable AI package, 38% expose sensitive databases to the public, and 13% possess a single asset with over 1,000 potential attack paths.
• PushSecurity - Identity Attacks (2024) - Highlights that 2024 is seeing a rise in identity-based attacks, as attackers increasingly target vulnerable identities now that identity has become the new security perimeter. Key findings reveal a significant increase in account takeovers via exploited identities, highlighting the evolving attack landscape and the substantial financial gains for perpetrators.
• SailPoint - Horizons of Identity Security (2024) - Explores the evolving landscape of identity security, emphasizing its role in mitigating cyber risks while enhancing business value and productivity. Key findings highlight the potential for strategic investments to improve security posture and deliver higher returns, particularly among organizations demonstrating advanced maturity levels.
• Semperis - Ransomware Holiday Risk Report (2024) - Focuses on the increased risk of ransomware attacks during holidays and times of corporate upheaval. A key finding indicates that 63% of organizations experiencing corporate upheaval also experienced a ransomware attack, highlighting the opportunistic nature of threat actors.
• Semperis - Ransomware Risk Report (2024) - Analyzes the future challenges and next steps organizations are planning to take in response to the current cybersecurity landscape. A key finding is that despite the significant damage caused by ransomware, only 29% of surveyed organizations plan to increase their security budgets in the next year, with notable variations across countries (US: 28%, UK: 45%).
• Varonis - The Identity Crisis (2024) - Analyzes the prevalence of cyberattacks in 2024, focusing on the crucial role of stolen identities. The report reveals that credential stuffing and similar methods are the most common attack vectors, enabling attackers to maintain undetected access for extended periods to exploit vulnerabilities and exfiltrate sensitive data.

Penetration Testing

• Bugcrowd - The Total Economic Impact Of Bugcrowd Managed Bug Bounty (2024) - Analyzes the economic benefits and impacts of Bugcrowd's managed bug bounty programs, supported by data-driven insights from Forrester. Key findings reveal significant cost savings through early vulnerability detection and remediation, exceeding the program's cost by a substantial margin.
• Cobalt - State of Pentesting (2025) - Offers an overview of the current state of penetration testing, including trends, challenges, and best practices across various industries. A key finding reveals a significant increase in manual penetration testing alongside the emergence of AI-driven attacks and vulnerabilities, necessitating a refined pentesting maturity model.
• Fortra - Penetration Testing Report (2024) - Provides insights into the current landscape of penetration testing, including common vulnerabilities and industry-specific challenges. Key findings reveal a growing reliance on third-party services, coupled with increasing concerns about phishing attacks and the need for more frequent testing across diverse environments.
• HackerOne - Hacker Powered Security Report (2024) - Explores the state of hacker-powered security, including trends in bug bounty programs and vulnerability disclosure across industries. Key findings highlight the expanding expertise of security researchers into AI, APIs, and an emphasis on layered security defenses.
• NCC Group - Annual Research Report (2024) - Highlights NCC Group's 25 years of research, covering topics from cryptography to hardware and embedded systems. Key highlights include pioneering research, innovative tools, and active community engagement, showcasing a year of significant advancements in the field.

Privacy and Data Protection

• Cisco - Data Privacy Benchmark Study (2024) - Provides insights into data privacy trends, challenges, and breaches across various industries. Key findings reveal strong global support for privacy laws, yet slow progress on transparency and AI readiness alongside growing concerns regarding data usage in Generative AI.
• Code42 - Annual Data Exposure Report (2024) - Highlights insider threat risks and trends based on insights from over 700 security professionals. Key findings reveal a significant increase in insider-driven data loss and the growing influence of emerging technologies on data exposure trends.
• Drata - State of GRC (2025) - Focuses on the evolving role of Governance, Risk Management, and Compliance (GRC), transitioning from a cost center to a strategic business driver. A key finding highlights the challenges GRC teams face in balancing compliance complexity and business growth, including concerns about AI hallucinations providing improper GRC guidance.
• Hyperproof - IT Risk and Compliance Benchmark Report (2025) - Examines the state of IT risk and compliance, focusing on the maturation of GRC programs and trends in framework adoption. Key findings reveal the maturing of GRC programs, evolving framework adoption, and the increasing significance of third-party risk management as a major concern.
• Immuta - State of Data Security Report (2025) - A survey of 700+ data professionals examines the current state of data security, including challenges, trends, and best practices across various industries. Key findings reveal that security and access remain top concerns amidst growing data demands, with people, processes, and technology all contributing to the complexities.
• ISACA - State of Privacy (2025) - Outlines key trends in global privacy practices, including staffing needs, budget constraints, and the increasing integration of AI in privacy operations. Key findings reveal significant skill gaps and difficulties in staff retention, coupled with increasing reliance on AI for privacy initiatives and a growing concern over privacy breaches.
• Kiteworks - Forecast for Managing Private Content Exposure Risk (2025) - Outlines 12 predictions for managing private content exposure risk, based on cybercrime, cybersecurity, and compliance trends focusing on sensitive content communications. Key predictions highlight the evolving global data privacy landscape, the increasing importance of secure content collaboration, and the need for robust API security to manage these risks effectively.
• Proofpoint - Data Loss Landscape (2024) - Provides an overview of the data loss landscape, including trends and challenges faced by organizations across various industries. Key findings reveal significant financial costs associated with data breaches stemming from malicious and negligent insiders, highlighting a critical need for improved data loss prevention strategies.
• Proofpoint - Global Email Security Market Report (2024) - Benchmarks 21 top email security vendors, highlighting growth opportunities and market trends. Key findings highlight the significant pressure on vendors to adapt to the rapidly evolving threat landscape and maintain solution efficacy.

Ransomware

• Cyberreason - Ransomware The True Cost to Business (2024) - Examines the true cost of ransomware attacks on businesses across different sectors. Key findings reveal the evolution of ransomware beyond simple data encryption, highlighting its increasingly sophisticated methods and the significant financial and operational consequences for victims.
• Sophos - State Of Ransomware (2025) - Outlines the state of ransomware in 2025, examining technical and operational attack vectors, data handling, and the financial and human costs of incidents. Notably, data encryption rates are at a six-year low of 50%, and median ransom payments dropped by 50%, though exploited vulnerabilities remain the leading attack vector.
• Spycloud - Ransomware Defense Report (2024) - Examines malware and ransomware defense strategies and trends across different sectors. Key findings reveal a resurgence in ransomware attacks and highlight the increasing sophistication of malware, including stealthy stealers and the significant risk posed by third-party exposures.

AI and Emerging Technologies

• Cisco - State of AI Security (2025) - Analyzes the emerging AI security risks and attack vectors within the AI threat landscape. Key findings reveal a growing need for proactive AI security research and the development of robust policies to mitigate these risks.
• HiddenLayer - AI Threat Report (2024) - Provides insights into the AI threat landscape across various industries. Key findings highlight the increasing threats of adversarial AI attacks, including deepfakes and data privacy breaches, and the vulnerabilities of AI-based systems to supply chain attacks.
• ICONIQ - The AI Builders Playbook (2025) - Focuses on the "how-to" of conceiving, delivering, and scaling AI-powered offerings, including product roadmap, go-to-market strategies, talent, cost management, and internal productivity. Key findings indicate that AI-native companies are rapidly scaling products, with agentic workflows being the most common type of AI product built by 80% of AI-native companies, while model accuracy and the increasing importance of cost are top considerations for foundational models.
• Okta - AI at Work (2025) - Focuses on the perspectives of C-suite executives regarding the transformative impact of artificial intelligence (AI) on security, innovation, and efficiency within organizations. Key findings reveal executive sentiment, concerns, and priorities regarding AI implementation, highlighting varying levels of understanding and integration across different organizations.
• Wiz - AI Security Readiness (2025) - Analyzes the current state of AI security readiness among cloud architects, engineers, and security leaders, highlighting critical gaps. Key findings reveal widespread AI adoption is significantly outpacing the development of in-house security expertise and the implementation of AI-specific posture management tools, leading to substantial visibility challenges like shadow AI.

Resources

Annual reports are the result of a collaborative effort, combining research from both paid and non-profit sources, drawn from within the organization and the broader cybersecurity community. These reports rely on the contributions of various organizations that help shape the field by setting standards, offering certifications, conducting research, and influencing policy.

The categories below highlight the diverse roles these organizations play in building cybersecurity programs and advancing best practices. By exploring these groups, readers can gain insight into the ecosystem that underpins the development of annual reports and drives progress in the industry.

Research Consulting: These are organizations that offer paid research services, market analysis, and consulting in the field of information technology and cybersecurity.

Standards and Certifications: Organizations involved in setting cybersecurity standards, providing certifications, and creating frameworks for best practices.

Threat Intelligence and Incident Response: Organizations focused on sharing threat intelligence, coordinating cyber incident responses, and combating cyber threats.

Policy and Advocacy: Institutions shaping cybersecurity policies, regulations, and public awareness on a national or international scale.

Working Groups: These are collaborative organizations or professional associations that conduct research, share information, and develop best practices in cybersecurity.

Government and Non-profits: This category includes government agencies and non-profit organizations dedicated to cybersecurity research, policy development, and public awareness.

Research Consulting

• 451 Research - A technology research and advisory firm specializing in emerging technology segments including cybersecurity market analysis and trends.
• ABI Research - A technology market intelligence company providing strategic guidance on transformative technologies, including cybersecurity and digital security.
• Forrester Research - An advisory company that offers paid research, consulting, and event services specialized in market research for information technology.
• Frost & Sullivan - A consulting firm offering market research and analysis in cybersecurity, with particular focus on emerging technologies and market opportunities.
• Gartner - A technology research and consulting firm which offers private paid consulting as well as executive programs and conferences.
• GigaOm - A research firm offering practical, hands-on, practitioner-driven research for businesses.
• International Data Corporation (IDC) - A global provider of market intelligence and advisory services.
• KuppingerCole - A global analyst company specializing in information security, identity & access management, and risk management.
• Omdia - A global technology research powerhouse focusing on cybersecurity market analysis and digital transformation.

Standards and Certifications

• American Institute of CPAs - The AICPA SOC2 is a framework for managing and safeguarding customer data based on five trust service criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy.
• The Information Security Forum (ISF) - A global, independent organization dedicated to benchmarking and sharing best practices in information security.
• The International Organization for Standardization (ISO) - An international organizational body composed of representatives which conduct closed research for creation of standards.
• The Information Systems Audit and Control Association (ISACA) - An international professional association focused on IT governance, which conducts research for and on behalf of the members.
• The International Information System Security Certification Consortium (ISC)² - An American not-for-profit organization which conducts research for consumers of their cybersecurity training and certifications.
• SANS Institute - A private U.S. for-profit company which conducts research for consumers of their cybersecurity training and certifications.
• Trusted Computing Group (TCG) - Develops and promotes open standards for hardware-enabled security.

Threat Intelligence and Incident Response

• The Anti-Phishing Working Group (APWG) - A global coalition focused on unifying the global response to cybercrime.
• The Cyber Threat Alliance (CTA) - An industry-driven group of cybersecurity organizations that share threat intelligence and conduct collaborative research to combat cyber threats.
• The Forum of Incident Response and Security Teams (FIRST) - Provides platforms, means and tools for incident responders to always find the right partner and to collaborate efficiently.
• The Global Cyber Alliance (GCA) - An international, cross-sector effort dedicated to reducing cyber risk.
• The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) - Focuses on operational issues of Internet abuse including botnets, malware, spam, viruses, and mobile messaging abuse.
• Ponemon Institute - Considered the pre-eminent research center dedicated to privacy, data protection and information security policy.

Policy and Advocacy

• The Rand Corporation - An American not-for-profit organization which conducts research and analysis on various aspects of cybersecurity and cyber policy focused on national security.
• Center for Strategic and International Studies (CSIS) - Technology Policy Program - A think tank with a Technology Policy Program that conducts research and provides insights into technology and cybersecurity policies.
• Electronic Frontier Foundation (EFF) - A non-profit organization defending civil liberties in the digital world, including privacy and cybersecurity issues.
• The Internet Security Alliance (ISA) - A multi-sector trade association focused on thought leadership, policy advocacy, and standards development for cybersecurity.
• World Economic Forum (Centre for Cybersecurity) - A global initiative that brings together stakeholders from industry, government, and academia to improve cybersecurity globally and secure the digital economy.

Working Groups

• The Cloud Security Alliance (CSA) - Promotes best practices for providing security assurance within cloud computing.
• The Internet Engineering Task Force (IETF) - Develops and promotes internet standards, including those related to security.
• The Open Web Application Security Project (OWASP) - A professional community that produces research concerning web application security, made freely available to the online community.
• Industrial Control Systems Joint Working Group (ICSJWG) - Facilitates information sharing and collaboration for cybersecurity in industrial control systems.
• The Open Source Security Foundation (OpenSSF) - A cross-industry collaboration to improve the security of open source software.
• Web Application Security Consortium (WASC) - An international group of experts, industry practitioners, and organizational representatives who produce security standards and research.

Government and Non-profits

• Australian Cyber Security Centre (ACSC) - Provides cyber security advice and support to Australian businesses and individuals.
• Canadian Centre for Cyber Security - Canada's national authority on cybersecurity.
• Center for Internet Security (CIS) - An American non-profit organization that provides cybersecurity solutions and best practices.
• Cybersecurity and Infrastructure Security Agency (CISA) - A U.S. government agency responsible for enhancing the security and resilience of the nation's critical infrastructure.
• Cybersecurity Forum Initiative (CSFI) - An American non-profit organization that promotes cybersecurity awareness and research.
• Cyber Peace Institute - A non-profit organization focused on reducing the impact of cyberattacks on civilians and promoting peace in cyberspace by supporting international cooperation and collective action.
• European Union Agency for Cybersecurity (ENISA) - A European Union agency that contributes to EU cybersecurity policy, enhances trust in digital services, and supports incident response capabilities across Europe.
• Europol - European Cybercrime Centre (EC3) - A strategic alliance focused on combating cybercrime within the European Union.
• German Federal Office for Information Security (BSI) - Germany's national cyber security authority providing IT security services and guidance.
• Internet Security Research Group (ISRG) - A non-profit organization focused on reducing financial, technological, and educational barriers to secure communication over the Internet.
• Japan National Center of Incident Readiness and Strategy for Cybersecurity (NISC) - Japan's central organization for national cybersecurity strategy and incident response.
• Korean Internet & Security Agency (KISA) - South Korea's government agency dedicated to promoting cybersecurity and a safer internet environment.
• MITRE Corporation - An American not-for-profit organization which conducts research and development supporting various U.S. government agencies.
• National Cyber Security Centre (NCSC) - The UK's technical authority for cyber incidents.
• National Cyber Security Centre - Netherlands (NCSC-NL) - The Dutch national cyber security center providing guidance and incident response.
• National Institute of Standards and Technology (NIST) - A U.S. agency that develops cybersecurity standards and guidelines.
• Norwegian National Security Authority (NSM) - Norway's expert body for information and object security, providing guidance and incident response capabilities.
• Singapore Cyber Security Agency (CSA) - Singapore's national agency overseeing cybersecurity strategy and development.

Contributing

Please refer to the guidelines at CONTRIBUTING.md for details.