Organizations Adapt to a Relentless Cybersecurity Threat Landscape, Optiv Report Finds
Facing a digital battlefield that’s constantly shifting, organizations are adapting out of necessity. The latest 2025 Cybersecurity Threat and Risk Management Report from Optiv and the Ponemon Institute reveals that cybersecurity is no longer about static defense. It’s about dynamic adaptation. As cyber threats grow more sophisticated, so too must the tactics used to combat them the cybersecurity battlefield.
Cybersecurity Budgets Surge, but So Do Attacks
Seventy-nine percent of organizations are changing their cybersecurity budgets. Among them, 71% are increasing spending. The average cybersecurity budget now stands at $24 million. This financial uptick matches a rising threat landscape; 66% of respondents report an increase in cybersecurity incidents, up from 61% in 2024.
Budget decisions are increasingly based on data, not guesswork. Risk assessments now guide 67% of budget allocations, up from 53% last year. Despite more money and tools, the attack frequency continues to rise. This disconnect emphasizes the need for strategic investment, not just larger budgets.
Adapting Through Automation, AI, and Outsourcing
Organizations are leaning into automation. Over half say automated tools have improved their vulnerability response times, with 34% noting significant gains. Meanwhile, 46% of them are using AI and ML to prevent attacks, and 88% of them are incorporating generative AI. The top reasons for using AI? Operational efficiency and staying competitive.
Outsourcing is another key strategy. Managed Security Service Providers (MSSPs) are now employed by 58% of respondents, up from 47% in 2024. MSSPs offer cloud security support and help bridge expertise gaps.
Incident Response: More Than Just a Checklist
Fifty-one percent of organizations now have a consistently applied Cybersecurity Incident Response Plan (CSIRP), a rise from 46% last year. The plans are working better too; 57% say they help minimize damage from breaches, up from 50% in 2024. The most effective organizations review CSIRPs quarterly or biannually, and 45% submit formal reports to C-level executives.
Visibility and Prioritization Still Lacking
Despite gains, vulnerabilities remain a pressing issue. Seventy-four percent of organizations struggle with visibility into all possible points of attack. Only 42% have comprehensive asset inventory programs. Many organizations still scan and patch on a periodic, rather than real-time, basis, which reduces the effectiveness of their defenses.
SASE, SOAR, and the Tools of the Trade
Secure Access Service Edge (SASE) and Security Orchestration, Automation, and Response (SOAR) are making waves. Sixty-six percent have implemented or started implementing SASE, while 72% use SOAR at moderate or significant levels. High-performing organizations are more likely to embrace these tools; and more likely to apply best practices across their enterprise.
Measuring Success: It’s All About Speed
Time is the new gold standard in meeting cybersecurity threats. Forty-four percent of organizations now measure program success by how quickly they patch vulnerabilities. Other top metrics include the time to detect and contain breaches. Efficiency, not just prevention, defines modern cyber defense.
A Budget Without a Strategy Is Just a Number
While average budgets climb, high-performing organizations do more than spend, they strategize. They brief their boards more often, apply consistent CSIRPs, and consolidate tools smartly. It’s not about owning 55 separate security technologies; it’s about how they’re used.
The findings in Optiv’s cybersecurity threat report come from 620 U.S.-based IT and cybersecurity professionals knowledgeable about their organizations’ threat and risk management strategies.
Other News: Sixfold Expands AI Capabilities to Help Insurers Adapt to Growing Cyber Risks(Opens in a new browser tab)
