Skip to main content
shared header v2
Lucid Search Bar Implementation
Push Down Banner V1 Analytics Patch, remove after implementing V2 (S9 or S10)
Global nav V2 patch, remove after adding the mobile languages fix in the codebase (S7 or S8)

The State of Security 2023 Is Resilient

For once, fewer security teams say it’s hard to keep up, and the best have found a way to improve results, collaboration and funding.


The average dwell time is nine weeks.


It’s hard to get ahead of the attackers

While only 53% of security teams (down from 66% last year) say it's harder to keep up with security requirements, everyone struggles to escape a purely reactive mode:

  • 64% of SOC teams pivot, frustratingly, from one security tool to the next.
  • 87% of orgs say they’ve been a target of ransomware.
  • 88% of respondents report ongoing talent challenges.


Resilience is the goal — and, increasingly, the reality

Few organizations have a holistic approach to resilience, but it’s clearly what they’re aiming for:


  • MTTR is the top metric by which the business measures security success.
  • 81% of SOCs are collaborating more with IT operations to improve resilience.
  • Yet 31% of security teams say they have yet to formally implement any resilience strategies.

Just 31% of orgs have an enterprise-wide approach to resilience.


Dwell time for successful penetrations averages nine weeks.


More attacks, longer dwell times, higher costs

Fifty-two percent of orgs report suffering a recent data breach, up from 49% last year, and 39% the year before. Ransomware is ubiquitous: This year, 87% of orgs say they were targets of ransomware attacks (up from 79% last year). Effects include:

  • Significant personnel time needed for remediation (57% of orgs)
  • Loss of confidential data (48%)
  • Lost productivity for end users (41%)

See the report for details on supply chain attacks, business email compromise, malicious insiders and DDoS attacks.


Lessons from security leaders

To meet new and persistent challenges, 51% of respondents plan investments that combine cyber resilience with traditional business continuity/disaster recovery preparation.

Leading security orgs in our survey also:

  • Are 10-15% more likely to use analytics to identify cyber risks, improve threat detection and automate remediation
  • Are increasing the frequency of meetings between the CISO and the C-suite/board

Leading orgs are 2.5x as likely to be converging security functions with ITOps and other adjacent functions

Read The State of Security 2023 to understand the latest threats and top resilience strategies.