The 7 Obstacles to Security Resilience

The 7 Obstacles to Security Resilience

Insights from the Security Outcomes Report, Volume 3

4700+ respondents
26 countries

Why do some organizations respond to cybersecurity attacks better than others? We surveyed 4700+ IT security and privacy professionals in 26 countries to uncover what it takes to achieve security resilience — and why some are successful while others struggle.

What’s security resilience?

It’s the ability to protect the integrity of every aspect of your business so you can withstand unpredictable threats or changes, and then emerge stronger.

of security professionals say it’s vital to their business

We crunched the numbers and found 7 crucial roadblocks to security resilience


Insufficient executive support

Organizations lacking strong support from top execs are 39% less resilient than those who have it. Clearly, you need C-suite support — especially to address the other 6 challenges.

39% increase
Very low support Very high support
What works best?

Organizations where the CEO, CRO (Chief Revenue Officer) and CISO work closely together to prioritize resilience.


Weak security culture

People are your most valuable asset. But they’re also relentlessly targeted by attackers. Everyone has a role to play in security, which makes a strong security culture essential. Lacking one makes your job harder.

Strong security culture = 46% increase in security resilience

Slim resources in reserve

Teams busy with their “day jobs” can find their resilience quickly compromised by unanticipated security events, which can overwhelm teams of any size. Reserving internal or external resources to handle the unexpected improves your ability to respond and protect your business.


Complex hybrid IT

As organizations migrate to a hybrid environment, complexity can easily seep in. Keeping hybrid environments simple to manage and secure helps to preserve resilience while also making life way easier for admins.

±15% difference in average resilience scores across hybrid cloud environments that are simpler versus harder to manage
Small team? Don’t sweat it.

Our research shows team size doesn’t correlate with resilience. What matters more than bench depth? Solving these 7 challenges.


Behind on zero trust

With workers logging in from any location or device, continuous authentication is a must. A mature zero trust environment, which protects access as well as assets, can boost your security resilience by 30% compared to organizations lacking zero trust.

  • None
  • Multi-factor
  • Continuous validation and
  • Mature zero trust
30% increase

Immature XDR capabilities

If you can’t see your networks, clouds, endpoints and applications, resilience suffers. Extended detection and response (XDR) monitors it all and applies analytics and automation to detect and hunt down current and future threats.


Insufficient edge protection

With perimeters ever widening, organizations that fail to bring security closer to their users risk hurting their resilience — by up to 27%. A secure access service edge (SASE) strategy can close the gap.

The 10% rule

Our research shows team size doesn’t correlate with resilience. What matters more than bench depth? Solving these 7 challenges.

Discover how to overcome these challenges and build your own security resilience.