Half of security teams struggling to cope with volume of vulnerabilities
As the number of CVEs continues to rise, a new study finds 46 percent of respondents say that the volume of vulnerabilities has placed additional strain on their security teams’ resources impacting not only organizational security but also staff well being.
The report from Hackuity also shows that 26 percent, admit this pressure has contributed to a data breach, while 36 percent, report it resulted in a regulatory fine.
80 percent of IT leaders overestimate cybersecurity readiness
A new study from WanAware shows a widening disconnect between how prepared organizations believe they are for cybersecurity incidents and how they actually perform under real-world conditions.
The survey of 600 leaders across industries finds 80 percent of cybersecurity and IT decision-makers claim they can detect and contain a cyber incident in under eight hours. However, external benchmarks, including IBM’s Cost of a Data Breach 2025 report, show attackers dwell inside environments undetected for an average of 181 days and breaches take 60 days to contain.
Organizations overconfident in dealing with cybersecurity incidents
New research from Immersive Labs reveals a widening gap between confidence and capability in cybersecurity.
While nearly every organization (94 percent) believes it can handle a major incident, the data tells a different story. According to Immersive’s analysis, average decision accuracy is just 22 percent, and the average containment time is 29 hours.
Internal chaos after a cyberattack causes more damage than the attack itself
A new survey from cybersecurity incident response management (CIRM) specialist Cytactic finds 70 percent of cybersecurity leaders say internal misalignment following a cyberattack caused them more chaos than the threat actor itself, leaving many organizations paralyzed by breakdowns in authority, coordination, and clarity.
The report also finds that while 73 percent of leaders describe their response plans as ‘technically comprehensive,’ many admit those plans collapse under real-world pressure. In addition, 86 percent say ‘translation time’ between legal, communications, and technical teams causes costly delays, underlining that breaches are often derailed more by internal breakdowns than by attackers.
