Companies experience weeks-long disruptions after cyber incidents, with none able to recover operations within a day, new research shows.
Absolute Security surveyed 750 Chief Information Security Officers (CISOs) in the US and UK to assess the state of cyber resilience.
According to the findings, over the past 12 months, 55% of organizations experienced a cyberattack, ransomware infection, compromise, or data breach that left mobile, remote, or hybrid endpoint devices inoperable.
In turn, 57% reported their organizations took more than 4.5 days (on average) to fully recover, and 19% said that it took as long as two weeks. There wasn’t a single respondent who reported being able to recover within a day of the incident.
When it comes to monetary losses related to recovery costs, 98% of companies spent between $1 and $5 million, while the average recovery cost per incident was $2.5 million. According to the researchers, these reported losses likely don’t reveal the full costs, as they don’t factor in business downtime caused by attacks.
Despite the worrying trend, only 68% of respondents said they have an organizational cyber resilience strategy in place, down from 90% in another Absolute Security survey under a year ago. Similarly, only 65% said that their company prioritizes cyber resilience over traditional prevention, detection, and response, down from 83% last year.
And yet, according to Christy Wyatt, president and CEO of Absolute Security, there is no organization that will avoid the reality of facing a cyberattack at some point.
“There is simply no way to avoid the inevitable – at some point every organization will face the reality of an attack or IT incident that takes down the business. Organizations that aren’t prepared to bounce back quickly face an almost existential crisis, as prolonged downtime can literally crush a business,” said Wyatt.
CISOs are the ones who usually have to deal with the aftermath of cyber incidents – and 72% agreed that their role no longer includes simply being responsible for security and risk only, but also involves leading the company’s path to recovery.
The issue becomes not just operational, but somewhat personal: 61% said their organization expects the cybersecurity group to guarantee zero cybersecurity incidents. While 59% expressed concerns that a significant breach with costly downtime could lead to job loss, personal liability, and legal penalties.
The year 2025 in particular was unprecedented in the number of breaches and marked the emergence of AI-driven intrusions. Organizations will have to swiftly adapt to the new reality where autonomous AI agents are joining the likes of more typical cyber incidents, such as data thefts, leaks, supply-chain compromises, and ransomware attacks.
Your email address will not be published. Required fields are markedmarked