Cyber Resilience Gaps Expose Two-Week Business Disruptions
Event summary
- A new survey by Absolute Security reveals that organizations experience an average of nearly five days of downtime following cyberattacks.
- 19% of organizations surveyed reported cyber incident recovery efforts lasting as long as two weeks.
- Organizations are spending an average of $2.5 million per cyber incident, excluding lost business revenue.
- 72% of CISOs now view their role as including responsibility for business continuity recovery following cyberattacks.
The big picture
The survey highlights a growing disconnect between the perceived importance of cyber resilience and the actual capabilities of organizations to recover from attacks. The rising costs and extended downtime are unsustainable, signaling a potential crisis point for businesses increasingly reliant on digital operations. This trend underscores the need for a fundamental shift in cybersecurity strategy, moving beyond prevention to prioritize resilience and business continuity.
What we're watching
- Governance Dynamics
- Increased CISO accountability for business continuity will likely lead to more direct reporting lines and potentially expanded budgets, shifting power dynamics within organizations.
- Regulatory Headwinds
- The escalating costs and prolonged downtime associated with cyber incidents will likely accelerate regulatory scrutiny and mandate stricter resilience standards.
- Execution Risk
- The decline in reported Cyber Resilience strategy adoption (from 90% to 68% in a year) suggests a potential execution risk as organizations struggle to translate awareness into action.
Related topics