Almost a fifth of organizations experienced operational disruptions that lasted as long as two weeks, with the majority facing downtime that lasted nearly five days, when hit with a cyberattack, according to research into the state of enterprise Cyber Resilience from Absolute Security.
Cyber Resilience is recognized as having the ability to ensure critical cyber defenses are operating effectively and to quickly restore business operations following a disruptive cyber incident or major software failure. This global study of 750 Chief Information Security Officers (CISOs) in the US and UK is the industry’s first research to provide insights into the state of Cyber Resilience, the challenges enterprises face, and steps security and risk executives can take to overcome them. The findings are now published in the first instalment of Absolute Security’s newly launched eBook series, The Resilient CISO: The State of Enterprise Resilience.
Cyberattacks, Downtime on the Rise
The study revealed that over the past 12 months, 55% of CISOs agreed their organization had experienced a cyberattack, ransomware infection, compromise, or data breach that rendered mobile, remote, or hybrid endpoint devices inoperable. When asked about recovery time, a majority (57%) reported their organizations took more than 4.5 days (on average) for full remediation and recovery, with 19% revealing recovery efforts stretched as long as two weeks. The survey further revealed that 98% of organizations are spending between $1 and $5 million to recover from cyber incidents, with the average cost per incident now $2.5 million. Not a single respondent in the survey said they were able to recover from a cyber incident within a day, when hit by an attack in the past 12 months.
“There is simply no way to avoid the inevitable—at some point every organization will face the reality of an attack or IT incident that takes down the business. Organizations that aren’t prepared to bounce back quickly face an almost existential crisis, as prolonged downtime can literally crush a business,” said Christy Wyatt, President and CEO, Absolute Security. “As security and risk leaders, we need to expand our focus beyond just traditional security to also include being the driving force behind ensuring business operations run consistently and without disruption.”
CISOs in the Firing Line
CISOs are increasingly held responsible when it comes to dealing with the downtime caused by cyberattacks and security software incidents. Seventy-two percent agree their role has evolved from being responsible for just security and risk, to leading their organization’s ability to recover business continuity following a cyberattack, ransomware infection, other security incident, or software failure that stops business operations.
Adding to the pressures of the role, 61% agreed their organization’s board and C-suite expect the cybersecurity group to guarantee zero breaches and ransomware incidents. A full 59% agreed they are concerned a security or IT incident causing significant downtime could lead to job loss, personal liability, and legal penalties.
Resilience Adoption Slipping Dangerously
67% of CISOs stated they are the primary executive responsible for ensuring cyber resilience, with 68% agreeing their organization currently has a cyber resilience strategy in place. As threats and vulnerabilities continue to proliferate and the risk of extended downtime grows, 65% of CISOs agree their organization prioritizes cyber resilience over traditional prevention, detection, and response. These responses are in sharp contrast to what CISOs reported just under a year ago, when in another Absolute Security survey 83% of respondents agreed that cyber resilience was more critical for their organization than traditional cybersecurity measures, with 90% reporting they had a cyber resilience strategy in place.
Comprehensive CISO Cyber Resilience Resources, Community Launched
As part of the company’s commitment to the cybersecurity community, Absolute Security also today announced the launch of The Resilient CISO Inner Circle. This one-of-a-kind hub provides access to a community of visionary, resilient CISOs that are shaping the future of cybersecurity and resilience to help organizations in the modern digital business environment. The Inner Circle introduces expert content and insights delivered through video, blogs, reports, downloads, and The Resilient CISO LinkedIn Live sessions that feature discussions with industry CISOs on how to achieve cyber resilience.
To deep dive deep into the survey and explore new CISO Cyber Resilience resources, visit The Resilient CISO Inner Circle.
Absolute Security is partnered with more than 28 of the world’s leading endpoint device manufacturers, embedded in the firmware of 600 million devices, trusted by thousands of global enterprise customers, and licensed across 16 million PC users. With the Absolute Security Cyber Resilience Platform integrated into their digital enterprise, customers ensure their mobile and hybrid workforces connect securely and seamlessly from anywhere in the world and that business operations recover quickly following cyber disruptions and attacks. Our award-winning capabilities have earned recognition and leadership status across multiple technology categories, including Zero Trust Network Access (ZTNA), Endpoint Security, Security Services Edge (SSE), Firmware-Embedded Persistence, Automated Security Control Assessment (ASCA), and Zero Trust Platforms. To learn more, visit www.absolute.com and follow us on LinkedIn, X, Facebook, and YouTube.
ABSOLUTE SECURITY, ABSOLUTE, the ABSOLUTE LOGO, AND NETMOTION are registered trademarks of Absolute Software Corporation ©2025, or its subsidiaries. All Rights Reserved. Other names or logos mentioned herein may be the trademarks of Absolute or their respective owners. The absence of the symbols ™ and ® in proximity to each trademark, or at all, herein is not a disclaimer of ownership of the related trademark.