For this report, Black Kite Research decided to approach the cost of a data breach from a new angle, to build upon survey-based data in a comprehensive way. The first half of this report provides insight into the 2,400 analyzed data breaches. The second half, the cyber risk posture deep dive, covers a thorough analysis of the 1,700 organizations that are still online and in business today.

In this report, we look back at the 900 million attacks we analyzed in the threat landscape of 2024. Additionally, we offer organizations tactical insights and strategic recommendations for improving defenses this year. From the financial impact of attacks to geopolitical tensions that lead to cyber warfare, cybersecurity is top of mind for enterprise and government organizations in 2025.

Security services remained the top category for M&A activity across consulting and MSSP, followed by sectors including Risk & Compliance and SecOps / IR / Threat Intel. While companies have prioritized email security solutions for decades, analysts expect the email security market to grow significantly in the coming years. Advanced threats relating to phishing and social engineering necessitate strong email security to protect employee and company data from threat actors.

This is the first published study in this field to include SPoF (Single Point of Failure) data, which highlights the dependencies a company has on third-party systems and services. This paper represents a snapshot of our ongoing work exploring what is a deep and highly complex dataset.

At Gallagher Re, we have been exploring this data’s vast potential for several years. This research has informed the development of a suite of proprietary tools and services aimed at supporting the (re)insurance community in realising the potential of cyber data to enhance underwriting and portfolio monitoring. Principal among these is TIDE, our portfolio quality and benchmarking tool.

DataGrail’s 2024 Data Privacy Trends Report shows how these factors are playing out on the ground and provides a benchmark for businesses to see how they are tracking. Businesses are receiving more privacy requests, also known as Data Subject Requests (DSRs) every year; we saw a 246% increase in requests from 2021 to 2023.

Common Vulnerabilities and Exposures (aka CVEs) in containers, at least according to the interviews conducted for this study, are a pain (in the vuln). Chainguard conducted ten interviews with software professionals at a range of companies that build or operate containers. The interview questions dealt with the processes and workflows that these professionals use to identify, triage, and remediate CVEs in containers. Many of the questions either involved a request for a time estimate of each step of the process or probed the “why” behind the process or workflow.

For this year’s report, we asked comms pros how they are currently using gen AI to help them craft press release content. The answers reveal a willingness among some PR practitioners to test multiple use cases for AI that help streamline the press release creation process. While challenges remain, comms pros reported experiencing several downstream benefits of distributing press releases across the newswire.

The 2024 State of the Media: Tech Edition is a subsection of that report, zeroing in on the behaviors and perspectives of journalists and media influencers who cover the technology and engineering industry, a pool of over 500 respondents. We examined their specific challenges and implications for the PR professionals seeking to work with them, as well as the potential opportunities. Our respondents provided candid insights into what they want and need from public relations professionals whose organizations and clients strive to build brand awareness, consumer trust, and thought leadership in the technology and engineering sector.

The report explores the thinking of 750 global cloud decision-makers and users about the public, private and multi-cloud market. It shares their current and future cloud strategies, often showing year-over-year (YoY) changes to help identify trends. And it offers perspective on how some trends have changed over the years. The survey began in the first quarter of 2020 during the early days of the COVID-19 outbreak spreading outside of China.

This tenth annual Flexera 2021 State of the Cloud Report (previously known as the RightScale State of the Cloud Report) delves into the details of what respondents had to say to reveal what’s happening with all things cloud—from spend allocation to cost management to strategies. Leveraging this data can help IT professionals plan the next steps of their cloud journey. The report explores the thinking of 750 global cloud decision-makers and users about the public, private and multi-cloud market. It shares their current and future cloud strategies, often showing year-over-year (YoY) changes to help identify trends.

Our Ensign Threat Classification Matrix for identified threat groups helps organizations to prioritize their cyber defense against the territory-contextualised threats. We provide the MITRE ATT&CK heat-maps to support organizations in prioritizing their cyber defenses against specific adversary techniques and follow-through defensive actions, such as threat hunting, Red Teaming, and tuning of detection rules. We have also laid out the observed top targeted industry groups and top exploited vulnerabilities.

This report is the first attempt to map out the most critical identity security weaknesses in the hybrid enterprise environment. These Identity Threat Exposures (ITEs), gathered from hundreds of live production environments, are the key weaknesses that allow attackers to access credentials, escalate privileges and move laterally, both on-prem and in the cloud.

Our research sheds light on a concerning trend: 90% of exposed valid secrets remain active for at least five days after the author is notified. This finding emphasizes a crucial lesson in code security: while detecting vulnerabilities is critical, the real challenge lies in remediation. Security, we believe, must be a shared responsibility across all stages of the Software Development Life Cycle (SDLC), not just the domain of specialized teams. Raising awareness about these seemingly minor lapses is essential for mitigating supply chain risks.

This research aims to equip cloud security professionals, DevOps, DevSecOps, CISOs, and development leaders with valuable insights and practical recommendations for safeguarding their cloud environments, and in doing so, help to secure the cloud for everyone. In some ways, our study confirmed what is already widely known: attackers are constantly scanning the Internet for lucrative opportunities.

Built on passion and expertise, Altitude Cyber delivers strategic advisory services specifically tailored for founders, investors, startups, and their boards. Our unique approach fuses strategic insight with financial acumen to help your company soar to new heights.

In this report, Coalition Security Labs’ dedicated security research team dives into data derived from Coalition’s extensive threat collection technologies and provides critical information to help security professionals, brokers, and businesses navigate the current cyber risk landscape. Readers will gain insights into how to prioritize vulnerabilities, understand which technologies threat actors are targeting, and compare cyber hygiene across industries.

Marking its fourth year of publication, the Red Report 2024 provides a critical dive into the evolving threat landscape, presenting a detailed analysis of adversaries’ most prevalent tactics, techniques, and procedures (TTPs) used throughout the past year. Conducted by Picus Labs, this annual study examines over 600,000 malware samples and assesses more than 7 million instances of MITRE ATT&CK techniques. It gives security teams invaluable insights into the techniques that pose the most critical cyber risk to organizations.

This year, we delve deeper into web entities, or content served over HTTP – think websites, web-based control panels, load balancers, and even APIs. Web entities have become a ubiquitous part of our daily lives, enabling us to shop, read the news, and stay in touch with loved ones. Our goal is to share our findings and analysis with the community to provide a deeper understanding of the complexities of the internet. We hope that readers can use these findings to enhance their understanding of the services that comprise the web and make more informed decisions about how to safeguard their digital assets.

Cloud security risks and vulnerabilities are on the rise and 30% of businesses fail to apply adequate security controls or provide the tools security and DevOps engineers really need to solve this problem. Unprecedented and rapid expansion to the cloud, prompted by many organizations’ digital transformation also means that cloud services are expanding faster than ever before. AWS alone has experienced over 1000% growth in services since 2013.

Process for Attack Simulation and Threat Analysis (PASTA) is a threat modeling methodology, co-developed by VerSprite’s CEO Tony UcedaVelez. It provides a process for simulating attacks to applications, analyzing cyberthreats that originate them, and mitigating cybercrime risks that these attacks and threats pose to organizations. The process is employed by security professionals across industries to prioritize risks and develop a mature cybersecurity framework that is woven into the business culture and the application development process.