Moreover, the findings indicate a reduction in organizational resilience against cyberattacks. While 32% of IT and security professionals rated their resilience as high, this percentage was at 35% in 2015, suggesting a decline over the past year.

The primary obstacle to effective security according to the respondents is the absence of an adequate cyber security incident response plan (CSIRP).

Additionally, two-thirds of participants identified insufficient planning and preparedness” as the next biggest challenge to achieving resilience. The research also highlighted that 46% view “complexity in IT processes” as a barrier, up from 36% in 2015.

Regarding security incidents experienced by the respondents:

About 53% reported dealing with at least one data breach in the past two years. Over the same period, 74% noted that their organization had faced threats due to “human error,” as stated in the release.

Malware (74%) and phishing (64%) topped the list of commonly encountered attacks. Despite this, most respondents lacked confidence in their organizations’ ability to recover from an attack, but 68% believed that their organization could still maintain a level of resilience.