Only 2% of organizations have implemented adequate Cyber resilience!

PWC.com reported that “Yet despite widespread awareness of the challenges, significant gaps persist. To safeguard their organisations, executives should treat cybersecurity as a standing item on the business agenda, embedding it into every strategic decision and demanding C-suite collaboration.”  The PWC report entitled “Findings from the 2025 Global Digital Trust Insights” (https://www.pwc.com/us/en/services/consulting/cybersecurity-risk-regulatory/library/global-digital-trust-insights.html) included these comments:

PwC’s 2025 Global Digital Trust Insights survey of 4,042 business and tech executives from across 77 countries revealed significant gaps companies must bridge before achieving cyber resilience.

• Gaps in implementation of cyber resilience: Despite heightened concerns about cyber risk, only 2% of executives say their company has implemented cyber resilience actions across their organisation in all areas surveyed.

• Gaps in preparedness: Organisations feel least prepared to address the cyber threats they find most concerning, such as cloud-related risks and third-party breaches.

• Gaps in CISO involvement: Fewer than half of executives say their CISOs are involved to a large extent with strategic planning, board reporting and overseeing tech deployments.

• Gaps in regulatory compliance confidence: CEOs and CISOs/CSOs have differing levels of confidence in their ability to comply with regulations, particularly regarding AI, resilience and critical infrastructure.

• Gaps in measuring cyber risk: Although executives acknowledge the importance of measuring cyber risk, fewer than half do so effectively, with only 15% measuring the financial impact of cyber risks to a significant extent.

Obviously very concerning news! What do you think?