In 2025, 19% of CISOs indicated that recovery efforts from cyber incidents extended as long as two weeks.

In 2025, not a single Chief Information Security Officer (CISO) reported being able to recover from a cyber incident within a day.

In 2025, 61% of CISOs indicated that their organization’s board and C-suite expect the cybersecurity group to guarantee zero breaches and ransomware incidents.

72% of CISOs agreed that their role has evolved to include leading their organization’s ability to recover continuity following a cyberattack or security incident.

67% of CISOs stated they are the primary executive responsible for ensuring Cyber Resilience within their organization.

In 2025, 83% of CISOs reported that Cyber Resilience was more critical for their organization than traditional cybersecurity measures, compared to 90% in the previous year.

88% of U.S. organizations manage two or more identity security tools, creating fragmentation that introduces blind spots.

66% of U.S. organizations say traditional privileged access reviews delay projects.

54% of U.S. organizations uncover unmanaged privileged accounts and secrets every week.

In 2025, 57% of CISOs reported that their organizations took more than 4.5 days on average for full remediation and recovery after a cyber incident.

65% of CISOs agreed that their organization prioritizes Cyber Resilience over traditional prevention, detection, and response.

Only 1% of U.S. organizations have fully implemented a modern Just-in-Time (JIT) privileged access model.

63% of U.S. organizations admit employees bypass controls to move faster.

91% of U.S. organizations report that at least half of their privileged access is always-on, providing unrestricted access to sensitive systems.

In 2025, 98% of organizations reported spending between $1 and $5 million to recover from cyber incidents, with the average recovery cost per incident being $2.5 million.

In 2025, 55% of Chief Information Security Officers (CISOs) in the US and UK reported that their organization experienced a cyberattack, ransomware infection, compromise, or data breach that rendered mobile, remote, or hybrid endpoint devices inoperable.

In one-third (33%) of cases, the SMB business owner personally handles alerts and incident resolution.

16% of SMBs allocate less than $50 per user on security annually.

99% of security leaders at U.S. organizations with at least $1 billion in revenue plan to increase their cybersecurity budgets over the next two to three years.

53% of New Yorkers try to follow best practices like using two-factor authentication when using public WiFi, while 15% report using no security measures at all.