New report finds 75% of CTOs say unclear ownership impairs cyber resilience strategy
Dallas, TX – April 8, 2026 – LevelBlue, the world’s largest pure-play provider of managed security services, today released Persona Spotlight: CTO (Chief Technology Officer), the latest report in its ongoing research examining how technology leaders are navigating cyber resilience in an era of AI-driven transformation.
Building on insights from LevelBlue’s 2025 Futures Report: Cyber Resilience and Business Impact, the findings reveal a growing disconnect for today’s CTOs: while organizations are confident in their security technologies and architectures, gaps in alignment, accountability, and workforce readiness are limiting their effectiveness. As AI continues to reshape both cyber defenses and threats, CTOs are increasingly focused on unifying the enterprise to strengthen resilience.
“CTOs are confident in their technology, but resilience ultimately depends on how well people, processes, and priorities align,” said Kory Daniels, Chief Security & Trust Officer at LevelBlue. “Closing the gap between technical capability and organizational readiness, especially in the face of AI-driven threats, will define which organizations can respond quickly and maintain trust.”
Despite advancements in security technology, only 27% of CTOs report strong organizational alignment on cyber resilience.
75% say unclear ownership impairs strategy
36% report a significant increase in cyberattacks
One in five experienced a breach in the past 12 months
This lack of accountability can delay response times and disconnect cybersecurity from broader business risk. In response, 57% of CTOs cite embedding cybersecurity across the business as their top priority.
CTOs are increasingly concerned about threats targeting human behavior:
60% say it is harder for employees to distinguish legitimate from malicious activity
57% believe ransomware attacks are imminent
50% say the same about business email compromise
While ~60% report strong threat management for known risks, preparedness for emerging threats lags:
39% believe AI-driven attacks are imminent
Only 24% feel prepared to manage them
Although workforce risk is top of mind, investment remains uneven:
Just 22% prioritize workforce education on cyber resilience
42% report significant investment in resilience processes
33% cite inadequate KPIs linking cybersecurity to business outcomes
More than one-third say efforts to align cyber risk with business risk are ineffective or stalled.
CTOs recognize growing risk across the software supply chain:
60% are concerned about third-party distribution channels
50% cite third-party risk as a major issue
Only 27% report high visibility into their supply chain
Preparedness remains limited, with just 21% prioritizing identification of third-party components and 22% establishing supplier benchmarks.
To download the full report, click here. For more information, visit www.levelblue.com.
LevelBlue reduces risk and builds lasting resilience so organizations can innovate and advance their mission with confidence. As the world’s most analyst-recognized and largest pure-play managed security services provider, LevelBlue elevates client outcomes that matter: stronger defense, faster response, and sustained business continuity. LevelBlue combines AI-powered security operations, advanced threat intelligence, and elite human expertise to provide the most comprehensive portfolio of strategic advisory, managed security, offensive security, and incident response services. Learn more at LevelBlue.com.
Media Contacts
Devon Swanson
LevelBlue
devon.swanson@LevelBlue.com