Threat actors are augmenting traditional ransomware and extortion with attacks designed to intentionally disrupt operations. Amid these trends, we’re also seeing a multi-pronged approach in attacks, as threat actors target multiple areas of the attack surface. In fact, 70% of the incidents Unit 42 responded to happened on three or more fronts, underscoring the need to protect endpoints, networks, cloud environments and the human factor in tandem. These incidents involved large organizations grappling with extortion, network intrusions, data theft, advanced persistent threats and more.

The CrowdStrike 2025 Global Threat Report is the industry’s preeminent source on adversary intelligence, examining the emerging adversary trends of the past year. The purpose of this report is to arm you, the world’s security professionals and dedicated cyber defenders, with the knowledge you need to keep a step ahead of these threat actors — and to never, ever underestimate them.

Hornet security’s cybersecurity solutions process more than 4 and a half billion emails every month. By analyzing the threats identified in these communications, combined with a detailed knowledge of the wider threat landscape, the Security Lab reveals major security trends, threat actor actions and can make informed projections for the future of Microsoft 365 security threats, enabling businesses to act accordingly. Those findings and data are contained within this report.

In this report, the security domain of the CISO continues to expand. This area is one of the most challenging to protect as the threats that attack these devices, like mobile malware and botnets, are becoming more sophisticated. ThreatLabz found that mobile threats are becoming more targeted and sophisticated—with 29% and 111% growth in mobile banking malware and mobile spyware attacks, respectively—even as the overall volume of mobile attacks has declined.

In our 12th annual Data Breach Industry Forecast, our focus covers a wide swath of attacks from the personal (teens exploitation), corporate (increases in internal fraud), national (using dynamic identification as a fraud defense), and global (bad actors pursuing data centers). Spanning all these predictions is the dramatically accelerated speed and scaling of cyberattacks that are AI-enabled. This year’s predictions come from Experian’s long history of helping companies navigate breaches over the past 22 years.

The 2024 Data Threat Report (DTR) analyzes how core security practices have changed in response to or in anticipation of changing threats. This report also offers perspectives on what organizations can do to leverage data assets to expand opportunities to make their businesses more agile and build trust with their customers. It analyzes global trends in threats to data and the underlying controls, regulations, risks and emerging technologies that need to be addressed.

The Permiso Security State of Identity Security Report (2024) offers a comprehensive analysis of cloud identity and access management practices across global organizations. This study, encompassing over 500 entities, unveils critical trends and challenges shaping the future of identity security. 93% of organizations can inventory identities across all environments, as well as track keys, tokens, certificates and any modifications that are made to any environment.

The report has delivered a holistic annual view of the vulnerabilities within Microsoft’s platforms and products, and has established an undeniable business case for the importance of removing admin rights to reduce risk. In this report, we will examine how these vulnerability trends, along with cloud security adoption, collectively influence how we should think about cybersecurity and risk management in 2022 and beyond.

This report focuses on the security of deployed AI models in cloud services and environments. Our research indicates that more than half of organizations have adopted AI models for custom applications. More than half of organizations are deploying their own AI models. Default AI settings are often accepted without regard for security.

Non-human identities (NHIs) such as bots, API keys, service accounts, OAuth tokens, and secrets are indispensable for automating tasks, enhancing efficiency, and driving innovation within organizations. The survey provides insights into their opinions about their current NHI security, the obstacles they’re facing, and the strategies and tools they’re using. The aim is to shed light on the current state of NHI security and identify areas for improvement.

This year’s research shows that, while most businesses have a ransomware strategy in place, many are incomplete. They’re either missing a documented plan or the right people to execute it. As a result, we see that many organizations are paying the ransom. Likewise, whilst many have cyber insurance, too many simply don’t know if or to what degree it covers them for ransomware attacks.

In the ever-evolving landscape of cybersecurity, the significance of security testing cannot be overstated. As we delve into the 2023 trends, it’s clear that penetration testing remains the cornerstone of a robust security strategy. we’ve observed a substantial 31% increase in manual pentest engagements, highlighting a growing reliance on this building block of security.

In this report, one clear finding from the survey was that it is important to test throughout the application lifecycle using a variety of methods. Although testing early continues to be important, having visibility into and being able to monitor and test deployed applications is still critical. Although security testing capabilities have also improved, the value of individual testing capabilities has changed in response to increased threats and changing application architectures.

In this report, CrowdStrike OverWatch threat hunters distilled their findings into hundreds of new behavior-based preventions over the past 12 months. As a result, the team’s front-line findings directly augment the Falcon platform’s ability to detect and prevent the latest threats. This data specifically focuses on interactive intrusions — attacks where adversaries establish an active presence within a target network, often engaging in hands-on-keyboard activities to achieve their objectives.

The Google Cloud Cybersecurity Forecast 2024 report predicted that cyber criminals and nation-state cyber operators will more heavily leverage server-less technologies within the cloud because it offers greater scalability, flexibility, and can be deployed using automated tools. The report focuses on recommendations for mitigating risks and improving cloud security for cloud security leaders and practitioners.

Unit 42 analyzed several petabytes of public internet data collected by Cortex Xpanse — the Palo Alto Networks attack surface management solution — in 2022 and 2023. This report outlines aggregate statistics about how attack surfaces worldwide are changing and drills down into particular risks that are most relevant to the market. Today’s attackers have the ability to scan the entire IPv4 address space for vulnerable targets in minutes.

The primary goal of OT Security Leaders it to ensure that the risk of a cyber incident impacting the Reliability, Availability and Safety of operations is minimised. This requires identification and management of vulnerabilities, and a layer of controls to prevent threat actors from accessing networks. The logical starting point is to identify and classify all assets though this is rarely a simple task.

The results of the surveys affect our product strategy and go-to-market methods, and hopefully help organizations engage in deeper conversations with colleagues and teams as they continually consider modernizations to their data protection and cyber-resiliency strategies. This year’s report surveyed 1,200 respondents — comprised of CISOs (or executives with similar responsibility), security professionals, and backup administrators — whose organizations suffered at least one ransomware attack in 2023 to assess different perspectives in the united fight against ransomware.

The report explores the thinking of 750 global cloud decision-makers and users about the public, private and multi-cloud market. It shares their current and future cloud strategies, often showing year-over-year (YoY) changes to help identify trends. And it offers perspective on how some trends have changed over the years. The survey began in the first quarter of 2020 during the early days of the COVID-19 outbreak spreading outside of China.

This tenth annual Flexera 2021 State of the Cloud Report (previously known as the RightScale State of the Cloud Report) delves into the details of what respondents had to say to reveal what’s happening with all things cloud—from spend allocation to cost management to strategies. Leveraging this data can help IT professionals plan the next steps of their cloud journey. The report explores the thinking of 750 global cloud decision-makers and users about the public, private and multi-cloud market. It shares their current and future cloud strategies, often showing year-over-year (YoY) changes to help identify trends.

The survey tapped 750 IT professionals and executive leaders worldwide representing a broad cross-section of industries and context areas in the winter of 2022. Flexera sources participants from an independent panel that is rigorously maintained and is comprised of vetted respondents with detailed profiles. At numerous points throughout the report, we’ve provided our own interpretation of the data as Flexera Points of View.