According to the report, 81% of the security leaders anticipate a cyberattack on their organizations in the next 12 months while only 48% believe they can prevent one. 54% of the security leaders identify AI generated attacks as the biggest security risk. 76% of the security leaders faced high to moderate challenges in resuming business fully in the aftermath of a cyberattack.
North America witnessed the highest incidence of reported attacks at 64% of surveyed security leaders indicating their organization had been targeted, followed by 57% in Europe and 51% in the Australia-New Zealand region. In response to these rising threats, 63% of security leaders plan to increase cybersecurity investments over the next 12 months. Improving compliance and risk management emerged as the top priority for 84% of respondents, followed closely by investments in SOC automation (76%) and incident response and recovery capabilities (75%), reflecting a clear focus on strengthening both proactive and reactive cybersecurity measures.
While only 35% of security leaders feel confident in their in-house expertise to manage cybersecurity risks, 90% expect to continue relying on external sourcing to bolster their capabilities. Additionally, only 37% feel they are effective in communicating their organization's IT security posture to the board and C-suite, highlighting a gap in both internal expertise and strategic communication at the leadership level.