New report finds 75% of CTOs say unclear ownership impairs cyber resilience strategy
Dallas, TX – April 8, 2026 – LevelBlue, the world’s largest pure-play provider of managed security services, today released Persona Spotlight: CTO (Chief Technology Officer), the latest report in its ongoing research examining how technology leaders are navigating cyber resilience in an era of AI-driven transformation.
Building on insights from LevelBlue’s 2025 Futures Report: Cyber Resilience and Business Impact, the findings reveal a growing disconnect for today’s CTOs: while organizations are confident in their security technologies and architectures, gaps in alignment, accountability, and workforce readiness are limiting their effectiveness. As AI continues to reshape both cyber defenses and threats, CTOs are increasingly focused on unifying the enterprise to strengthen resilience.
“CTOs are confident in their technology, but resilience ultimately depends on how well people, processes, and priorities align,” said Kory Daniels, Chief Security & Trust Officer at LevelBlue. “Closing the gap between technical capability and organizational readiness, especially in the face of AI-driven threats, will define which organizations can respond quickly and maintain trust.”
Are human factors the weakest link in cyber resilience?
Despite advancements in security technology, only 27% of CTOs report strong organizational alignment on cyber resilience.
-
75% say unclear ownership impairs strategy
-
36% report a significant increase in cyberattacks
-
One in five experienced a breach in the past 12 months
This lack of accountability can delay response times and disconnect cybersecurity from broader business risk. In response, 57% of CTOs cite embedding cybersecurity across the business as their top priority.
Are workforce vulnerabilities driving the next wave of attacks?
CTOs are increasingly concerned about threats targeting human behavior:
-
60% say it is harder for employees to distinguish legitimate from malicious activity
-
57% believe ransomware attacks are imminent
-
50% say the same about business email compromise
While ~60% report strong threat management for known risks, preparedness for emerging threats lags:
How are CTOs approaching workforce education and alignment?
Although workforce risk is top of mind, investment remains uneven:
-
Just 22% prioritize workforce education on cyber resilience
-
42% report significant investment in resilience processes
-
33% cite inadequate KPIs linking cybersecurity to business outcomes
More than one-third say efforts to align cyber risk with business risk are ineffective or stalled.
Is the software supply chain introducing new human risk?
CTOs recognize growing risk across the software supply chain:
-
60% are concerned about third-party distribution channels
-
50% cite third-party risk as a major issue
-
Only 27% report high visibility into their supply chain
Preparedness remains limited, with just 21% prioritizing identification of third-party components and 22% establishing supplier benchmarks.
To download the full report, click here. For more information, visit www.levelblue.com.
About LevelBlue
LevelBlue reduces risk and builds lasting resilience so organizations can innovate and advance their mission with confidence. As the world’s most analyst-recognized and largest pure-play managed security services provider, LevelBlue elevates client outcomes that matter: stronger defense, faster response, and sustained business continuity. LevelBlue combines AI-powered security operations, advanced threat intelligence, and elite human expertise to provide the most comprehensive portfolio of strategic advisory, managed security, offensive security, and incident response services. Learn more at LevelBlue.com.
Media Contacts
Devon Swanson
LevelBlue
devon.swanson@LevelBlue.com
