Survey of 750 Enterprise CISOs Reveals 55% Faced Cyberattacks in 2025, with Majority Taking Nearly Five Days to Recover, as Absolute Security Warns of ‘Existential Threat’ Facing Businesses
Almost a fifth of organisations experienced operational disruptions that lasted as long as two weeks, with the majority facing downtime that lasted nearly five days, when hit with a cyberattack, according to research into the state of enterprise Cyber Resilience from Absolute Security.
Cyber Resilience is recognised as having the ability to ensure critical cyber defenses are operating effectively and to quickly restore business operations following a disruptive cyber incident or major software failure. This global study of 750 Chief Information Security Officers (CISOs) in the US and UK is the industry’s first research to provide insights into the state of Cyber Resilience, the challenges enterprises face, and steps security and risk executives can take to overcome them. The findings are now published in the first instalment of Absolute Security’s newly launched eBook series, The Resilient CISO: The State of Enterprise Resilience.
Cyberattacks, Downtime on the Rise
The study revealed that over the past 12 months, 55% of CISOs agreed their organisation had experienced a cyberattack, ransomware infection, compromise, or data breach that rendered mobile, remote, or hybrid endpoint devices inoperable. When asked about recovery time, a majority (57%) reported their organisations took more than 4.5 days (on average) for full remediation and recovery, with 19% revealing recovery efforts stretched as long as two weeks. The survey further revealed that 98% of organisations are spending between $1 and $5 million to recover from cyber incidents, with the average cost per incident now $2.5 million. Not a single respondent in the survey said they were able to recover from a cyber incident within a day, when hit by an attack in the past 12 months.
“There is simply no way to avoid the inevitable—at some point every organisation will face the reality of an attack or IT incident that takes down the business. Organisations that aren’t prepared to bounce back quickly face an almost existential crisis, as prolonged downtime can literally crush a business,” said Christy Wyatt, President and CEO, Absolute Security. “As security and risk leaders, we need to expand our focus beyond just traditional security to also include being the driving force behind ensuring business operations run consistently and without disruption.”
CISOs in the Firing Line
CISOs are increasingly held responsible when it comes to dealing with the downtime caused by cyberattacks and security software incidents. Seventy-two percent agree their role has evolved from being responsible for just security and risk, to leading their organisation’s ability to recover business continuity following a cyberattack, ransomware infection, other security incident, or software failure that stops business operations.
Adding to the pressures of the role, 61% agreed their organisation’s board and C-suite expect the cybersecurity group to guarantee zero breaches and ransomware incidents. A full 59% agreed they are concerned a security or IT incident causing significant downtime could lead to job loss, personal liability, and legal penalties.
Resilience Adoption Slipping Dangerously
In Case You Missed It:
Two weeks, 225 cocktails and 75 of the city’s best bars come together for Glasgow Cocktail Fortnight
Crab & Lobster Fish Shack nets national award shortlist after just 14 weeks in business
Borders social enterprises invited to unlock funding and support
Latest Social Enterprise Census reveals the lasting impact of Scotland’s social enterprises over a decade
67% of CISOs stated they are the primary executive responsible for ensuring cyber resilience, with 68% agreeing their organisation currently has a cyber resilience strategy in place. As threats and vulnerabilities continue to proliferate and the risk of extended downtime grows, 65% of CISOs agree their organisation prioritises cyber resilience over traditional prevention, detection, and response. These responses are in sharp contrast to what CISOs reported just under a year ago, when in another Absolute Security survey 83% of respondents agreed that cyber resilience was more critical for their organization than traditional cybersecurity measures, with 90% reporting they had a cyber resilience strategy in place.
Comprehensive CISO Cyber Resilience Resources, Community Launched
As part of the company’s commitment to the cybersecurity community, Absolute Security also today announced the launch of The Resilient CISO Inner Circle. This one-of-a-kind hub provides access to a community of visionary, resilient CISOs that are shaping the future of cybersecurity and resilience to help organisations in the modern digital business environment. The Inner Circle introduces expert content and insights delivered through video, blogs, reports, downloads, and The Resilient CISO LinkedIn Live sessions that feature discussions with industry CISOs on how to achieve cyber resilience.
