LevelBlue research finds CTOs push for enterprise alignment as human factors undermine cyber resilience strategy

New report finds 75 per cent of CTOs say unclear ownership impairs cyber resilience strategy

LevelBlue, the world’s largest pure-play provider of managed security services, has released Persona Spotlight: CTO (Chief Technology Officer), the latest report in its ongoing research on how technology leaders are navigating cyber resilience in an era of AI-driven transformation.

The report builds on insights from LevelBlue’s 2025 Futures Report: Cyber Resilience and Business Impact. However, it highlights a growing disconnect. While organisations remain confident in their security technologies and architectures, gaps in alignment, accountability, and workforce readiness are weakening their cyber resilience strategy.

As AI reshapes both cyber defences and threats, CTOs are increasingly focused on unifying the enterprise to strengthen resilience.

Kory Daniels, Chief Security & Trust Officer at LevelBlue, said, “CTOs are confident in their technology, but resilience ultimately depends on how well people, processes, and priorities align. Closing the gap between technical capability and organisational readiness, especially in the face of AI-driven threats, will define which organisations can respond quickly and maintain trust.”

Are human factors weakening cyber resilience strategy?

Despite advancements in security technology, only 27 per cent of CTOs report strong organisational alignment on cyber resilience:

• 75 per cent say unclear ownership impairs strategy
• 36 per cent report a significant increase in cyberattacks
• one in five experienced a breach in the past 12 months

As a result, weak accountability can delay response times and disconnect cybersecurity from broader business risk. In response, 57 per cent of CTOs now prioritise embedding cybersecurity across the business.

Are workforce vulnerabilities driving the next wave of attacks?

CTOs are increasingly concerned about threats targeting human behaviour:

• 60 per cent say it is harder for employees to distinguish legitimate from malicious activity
• 57 per cent believe ransomware attacks are imminent
• 50 per cent say the same about business email compromise

At the same time, while around 60 per cent report strong threat management for known risks, preparedness for emerging threats still lags:

• 39 per cent believe AI-driven attacks are imminent
• only 24 per cent feel prepared to manage them

How are CTOs approaching workforce education and alignment?

Although workforce risk remains a top concern, investment is uneven:

• just 22 per cent prioritise workforce education on cyber resilience
• 42 per cent report significant investment in resilience processes
• 33 per cent cite inadequate KPIs linking cybersecurity to business outcomes

Meanwhile, more than one-third say efforts to align cyber risk with business risk are ineffective or stalled.

Is the software supply chain introducing new human risk?

CTOs also recognise growing risk across the software supply chain:

• 60 per cent are concerned about third-party distribution channels
• 50 per cent cite third-party risk as a major issue
• only 27 per cent report high visibility into their supply chain

However, preparedness remains limited. Just 21 per cent prioritise identifying third-party components, while only 22 per cent have established supplier benchmarks.

To download the full report, click here. For more information, visit www.levelblue.com.

About LevelBlue

LevelBlue reduces risk and builds lasting resilience so organisations can innovate and advance their mission with confidence. As the world’s most analyst-recognised and largest pure-play managed security services provider, LevelBlue delivers stronger defence, faster response, and sustained business continuity.

The company combines AI-powered security operations, advanced threat intelligence, and elite human expertise to offer a comprehensive portfolio of strategic advisory, managed security, offensive security, and incident response services. Learn more at LevelBlue.com.

About Cyber News Live

Stay ahead with Cyber News Live! First, we deliver real-time reporting and sharp threat intelligence. Additionally, we provide educational content for professionals, practitioners, and curious minds. From there, whether it’s breaking breach alerts or deep dives into attack vectors, we cover it all. Ultimately, our mission is clear: we make complex cyber topics understandable. And beyond that, we ensure critical knowledge stays accessible to everyone.