Security leaders' perception of their own cyber resilience was analyzed in a recent study by Immersive Labs. Despite high confidence in overall resilience, the study found that teams are insufficiently prepared for threats, as 82% agree they could have mitigated some to all of the damage of their most significant cyber incident in the last year if they were better prepared, and more than 80% don't think, or are unsure, their teams have the capabilities to respond to future attacks.
Seventeen percent of respondents consider their cybersecurity team to be fully-staffed and almost half of respondents admit they aren’t able to measure cyber capabilities, further eroding confidence in the organization’s preparedness. When cyberattack prevention and damage control are both lacking, organizations may be more vulnerable than initially thought.