Only 24% of organisations are spending significantly more on proactive measures (e.g., monitoring, testing, controls) than reactive measures (e.g., incident response, fines, recovery)—which is considered the ideal spend ratio.

Most companies (67%) are spending roughly equal amounts on proactive and reactive cybersecurity measures.

64% noted a direct push from the C-suite to adopt more proactive defense measures.

81% of IT leaders say moving to a proactive cybersecurity posture is a top goal for their organisation in the year ahead.