CISOs Evolve From Incident Responder Into Cyber Resilience Leader

A new e-book from Absolute Security delves into the evolving role of CISOs and the attacks they are preparing their organizations for.

With massive security breaches happening to the some of the world’s largest corporations, cybersecurity strategy has moved from the corner of the IT office to a topic in the boardroom.

As a result, the role of a chief information security officer has also evolved. CISOs have shifted from security incident responders to leaders in developing an organization’s cyber resilience strategy.

Absolute Security, which provides a security platform for managed service providers, published an e-book Thursday: The State of Enterprise Cyber Resilience.

The e-book includes survey responses of 750 CISOs in the U.S. and UK.

Most CISOs who participated in the study (72 percent) said their position has evolved from security and risk responsibility to leading business continuity and recovery after a cyberattack, ransomware attack and other security incidents and disruptions.

Some other takeaways:

• 67 percent said they are the primary executive responsible for their organization’s cyber resiliency strategy

• 68 percent said their organizations’ currently have a cyber resilience strategy in place

• 55 percent said their organization had experienced a cyberattack, ransomware incident, compromise or data breach that “rendered mobile, remote, or hybrid endpoint devices inoperable.”

• 57 percent reported “their organizations took more than 4.5 days (on average) for full remediation and recovery, with 19 percent revealing recovery efforts stretched as long as two weeks. The survey further revealed that 98 percent of organizations are spending between $1 and $5 million to recover from cyber incidents, with the average cost to recover per incident now $2.5 million.”

• 59 percent of CISOs said they had concerns that a “security or IT incident causing significant downtime could lead to job loss, personal liability, or legal penalties.”

CISOs also reported that they are anticipating the following security incidents in the next 12-18 months: ransomware, insider threats, supply chain attacks, and compliance violations.

The emerging prominence of the CISO role and the investment organizations are willing to put into cybersecurity align with findings from MES Computing’s IT Leaders Spending Intent survey.

Among over 100 senior midmarket IT leaders surveyed in Q4 2025, a majority said that their IT budgets had increased by 5 percent from 2024 to 2025 largely due to cybersecurity initiatives.

Among those surveyed by MES Computing, 36.5 percent said 11 percent to 20 percent of their IT budget was spent on cybersecurity.