Since early 2024, evisec's team has reviewed and analyzed 1000+ research papers and published 23 CRD editions. It has been a privilege to share our insights with you – thanks for reading! We’re now evolving the CRD into a refreshed format. For the time being, instead of regular
The Cybersecurity Research Digest cuts through the marketing fluff and bias to bring you relevant and objective insights on cybersecurity stats and trends, all backed by empirical data. This post features highlights from trustworthy research sources released between May 20 and June 30, 2025, followed by a list of all
On diverging enthusiasm for AI in security, attack cost trends, workforce gaps, APT activity, and the latest in cybercrime ops.
On cyber-enabled crime stats by FBI, trends in access vectors, dwell times, ransomware, security budgets, and more.
On UK's national cyber resilience, most leveraged attack vectors, insurance claim data, ransomware and social engineering trends.
On ransomware stats, vulnerability exploitation, identity compromise and disruptive tactics.
On incident response engagements, ransomware payments, incident root causes, security careers, hybrid work, software security & global threat trends.
On ransomware payments, MITRE ATT&CK techniques, OT security, and DDoS targeting.
On CISO executive influence, security tool sprawl, the Pareto Principle, DDoS trends and more.
On the struggles of small organizations, AI adoption, infostealer surge and more.
On human risk stats, artifacts vs LOLbins, security-specific GenAI & more.
On raising incident severities, budgets, perceptions on GenAI, factors influencing job satisfaction, and productivity vs security.
On AI-generated code, tool overload, security vs development, managed services uptake, incident costs, initial access methods & more,
On managing outages, framing GenAI risks, zero-day use, security tooling, and SaaS and API observabilty.
On ransomware and workforce trends, passkey adoption and effects of API sprawl.
On DDoS trends, SMB issues, SaaS risks, training programs & more.
On encryption levels, exploitation times, cloud attacks, AI usage policies & more.
Introducing the rationale behind the CRD and outlining the approach taken to address the challenges faced by cybersecurity leaders.
On GenAI's security and impact, ransomware stats, attack frequencies, cloud vulns, healthcare impacts & more.
On supply chain vulns, cloud compromises, security UX, women in security, NIS2 & workforce stress.
On targeted industries, email security, 3rd party risk, DDoS & APIs.
On ransomware targeting, impact of insurers, using open source components, cost of data breaches & more.
On critical infrastructure attacks, DDoS, incidents costs, industry funding, DevOps & more.
On top attack vectors, ransomware payments, cloud security, IT/OT silos and psychological harm from attacks.