In a three-pronged study on cyber resilience attitudes among the top executives in US companies, the numbers showed some concerning trends.

In combining three methodologies — a focus group of eight IT leaders (CIO, CTO, and CISOs) of major US companies (several multinationals); individual in-depth interviews of other CIOs; and a worldwide survey of 513 senior IT and security professionals — to learn how organizations are handling cyber resilience, three aspects were addressed.

First, 33% of senior executives/line-of-business leaders (CEOs or managing directors) in the research were engaged in their company’s cyber preparedness initiatives. Similarly, only 21% of other senior leaders were heavily involved in these initiatives, and 52% of senior leaders in the research had no involvement in their company’s cyber cases.  Also, 30% of Security Ops (SecOps) teams surveyed fully understood ITOps’ roles and responsibilities for cyber preparedness and response; similarly, 29% of ITOps teams fully understood what falls to SecOps.

Second, 61 % of respondents believed that data loss within the next 12 months was “likely” to “highly likely” to occur due to increasingly sophisticated attacks. Of the respondents surveyed, on-premises workloads were thought to be more vulnerable than cloud workloads. On a scale of 1–5, with 5 being highly vulnerable, respondents rated on-premises data repositories a 2.8 and physical workloads a 2.77: higher than that of cloud workloads (2.67).

Manual detection processes falling short?

The final finding from the combined data was that data exfiltration attacks — defined in the research as the unauthorized transfer of data by malware or a malicious actors — occurred almost 50% more often than encryption attacks where hackers aim to decode encrypted data. Also:

    • Respondents ranked phishing as the most concerning threat to address.
    • Relying on manual detection and reporting processes was cited by respondents to be “very likely” to result in missed anomalies and successful attacks.
    • 57% of respondents had limited automation for key cybersecurity/cyber resilience functions; 22% reported being fully automated in these aspects.
    • With AI now a tool for both defense and offense, the research authors assert that a truly effective cyber resilience strategy must go beyond just backup and recovery: organizations need to adopt approaches that span prevention, mitigation, and recovery, integrating multiple layers of defense for comprehensive cyber resilience.

According to Javier Dominguez, CISO, Commvault, which commissioned the research: “We are beyond just reacting to cyber threats. The C-suite must ensure teams are prioritizing proactive defense, real-time threat intelligence, and robust risk management to pave the way for genuine cyber resilience. It’s also critical that SecOps and ITOps teams work closely together to look holistically at their security posture, end-to-end. Resilience isn’t an afterthought: it’s the blueprint.”