VendorsCISA
CISA
Cybersecurity reports and statistics published by CISA
8 categories1 reports
Research Reports
Reports and publications from CISA
Recent Statistics & Reports
Government Services and Facilities had the highest OT protocol exposure, at 63%.
1/1/2025•
OT
83% of organizations remediated all identified exploitable services, reducing their cyber risk.
1/1/2025•
Exploitable services
High-severity KEVs saw a 25% reduction in remediation time.
1/1/2025•
KEV
Most security.txt files were hosted on port 443 (46%), while 18% were on unsecured ports like 80 and another 18% were on pots like 8080 that are not as safe but can be configured manually to support the necessary encryption.
1/1/2025•
security.txtPort 443
Government Services and Facilities had the highest exposure to publicly accessible OT (Operational Technology) protocols, with 63% exposure.
1/1/2025•
OTGovernment
58% of KEVs were linked to open-source software vulnerabilities, particularly PHP and Apache.
1/1/2025•
KEV
The CISA Known Exploited Vulnerabilities (KEV) Catalog recorded 1,199 KEVs as of August 31, 2024.
1/1/2025•
KEV
Outdated SSL and TLS encryption misconfigurations declined, with the average misconfiguration ratio per enrollee dropping from 3.8 to 2.5.
1/1/2025•
SSLTLS
Email security adoption showed strong progress, with 89% of organizations implementing DMARC (Domain-based Message Authentication, Reporting & Conformance).
1/1/2025•
Email securityDMARC
Email security adoption showed strong progress, with 7% of organizations implementing both DMARC and SPF (Sender Policy Framework).
1/1/2025•
Email securityDMARCSPF
Federal organizations saw a 60% decline in exploitable service instances.
1/1/2025•
Exploitable servicesFederal
Showing 21-31 of 31 results