66% of organizations faced a security incident in the past year.
COPY Swimlane Cracks in the Foundation: Why Basic Security Still Fails · Nov 12, 2025
Security incident
64% of organizations fail to continuously assess vendor and supplier security after onboarding.
COPY Swimlane Cracks in the Foundation: Why Basic Security Still Fails · Nov 12, 2025
Vendor security assessment Supplier security assessment Onboarding
64% of organizations report that AI and automation have increased their focus on the basics of cyber hygiene.
COPY Swimlane Cracks in the Foundation: Why Basic Security Still Fails · Nov 12, 2025
AI Automation Cyber hygiene
73% of organizations take longer than 24 hours to apply critical patches.
COPY Swimlane Cracks in the Foundation: Why Basic Security Still Fails · Nov 12, 2025
Patching Critical patches
41% of organizations rank expanding AI usage and expertise as the top improvement area.
COPY Swimlane Cracks in the Foundation: Why Basic Security Still Fails · Nov 12, 2025
AI
67% of organizations audit user access privileges quarterly or less often.
COPY Swimlane Cracks in the Foundation: Why Basic Security Still Fails · Nov 12, 2025
User access privilege
84% of organizations say AI and automation enhance cyber hygiene.
COPY Swimlane Cracks in the Foundation: Why Basic Security Still Fails · Nov 12, 2025
AI Automation Cyber hygiene
25% of organizations take between 8 and 30 days to apply critical patches.
COPY Swimlane Cracks in the Foundation: Why Basic Security Still Fails · Nov 12, 2025
Patching Critical patches
92% of organizations that experienced a security incident in the past year believe stronger cyber hygiene could have prevented it.
COPY Swimlane Cracks in the Foundation: Why Basic Security Still Fails · Nov 12, 2025
Security incident Cyber hygiene
15% of organizations self-identify as 'leading' in cyber hygiene maturity.
COPY Swimlane Cracks in the Foundation: Why Basic Security Still Fails · Nov 12, 2025
Cyber hygiene Maturity
52% of organizations identify the human element, including employee training and awareness, as their greatest weakness.
COPY Swimlane Cracks in the Foundation: Why Basic Security Still Fails · Nov 12, 2025
Human element Employee training Employee awareness
41% of IT and security decision-makers say budget or resource cuts have led to reduced capacity for detection and monitoring.
COPY Swimlane Federal Cyber Priorities Reshape Security Strategy · Aug 13, 2025
Enterprise Budget
79% of U.K. IT and security decision-makers say growing U.S. cybersecurity instability has made them more cautious with U.S.-based vendors.
COPY Swimlane Federal Cyber Priorities Reshape Security Strategy · Aug 13, 2025
Enterprise UK US cybersecurity instability
91% of organisations have taken new steps to protect operational resilience due to waning federal support.
COPY Swimlane Federal Cyber Priorities Reshape Security Strategy · Aug 13, 2025
Enterprise Operational resilience
29% of U.K. IT and security decision-makers have delayed or cancelled contracts due to growing U.S. cybersecurity instability.
COPY Swimlane Federal Cyber Priorities Reshape Security Strategy · Aug 13, 2025
Enterprise UK US cybersecurity instability
48% of IT and security decision-makers say budget or resource cuts have led to team restructuring.
COPY Swimlane Federal Cyber Priorities Reshape Security Strategy · Aug 13, 2025
Enterprise Budget
52% of IT and security decision-makers say budget or resource cuts have led to increased workloads without added support.
COPY Swimlane Federal Cyber Priorities Reshape Security Strategy · Aug 13, 2025
Enterprise Budget
Over half (54%) of organisations have developed internal cybersecurity frameworks independent of government guidance.
COPY Swimlane Federal Cyber Priorities Reshape Security Strategy · Aug 13, 2025
Enterprise Cybersecurity frameworks
85% of security teams have experienced budget or resource-related changes in the past six months.
COPY Swimlane Federal Cyber Priorities Reshape Security Strategy · Aug 13, 2025
Enterprise Budget
81% of IT and security decision-makers believe that eroding confidence in public-private coordination will hinder threat intelligence sharing.
COPY Swimlane Federal Cyber Priorities Reshape Security Strategy · Aug 13, 2025
Enterprise Threat intelligence sharing
86% of IT and security decision-makers warn that the disbanding of the Cyber Safety Review Board will disrupt post-incident coordination.
COPY Swimlane Federal Cyber Priorities Reshape Security Strategy · Aug 13, 2025
Enterprise Cyber Safety Review Board
79% of IT and security decision-makers say federal defunding has increased overall cyber risk.
COPY Swimlane Federal Cyber Priorities Reshape Security Strategy · Aug 13, 2025
Enterprise Federal defunding
As a result of U.S. cybersecurity instability, 43% of U.K. IT and security decision-makers have reassessed existing partnerships.
COPY Swimlane Federal Cyber Priorities Reshape Security Strategy · Aug 13, 2025
Enterprise UK US cybersecurity instability
63% of IT and security decision-makers state that recent or anticipated cuts are affecting team structure and staffing plans.
COPY Swimlane Federal Cyber Priorities Reshape Security Strategy · Aug 13, 2025
Enterprise Federal defunding
Nearly half (46%) of IT and security decision-makers report reducing their planned security investments for 2025 due to ongoing federal funding instability.
COPY Swimlane Federal Cyber Priorities Reshape Security Strategy · Aug 13, 2025
Enterprise Federal defunding Security investment
Organisations cited financial penalties (39%), security breaches (36%), and reputational damage (36%) as the top risks of poor compliance management
COPY Swimlane GRC Chaos: The High Price of Audits and Non-Compliance · Apr 15, 2025
Compliance Compliance Management GRC
62% say their audit evidence-gathering process is at least occasionally error-prone.
COPY Swimlane GRC Chaos: The High Price of Audits and Non-Compliance · Apr 15, 2025
Compliance Audit
Over half of organisations (54%) spend more than five hours each week on manual compliance tasks.
COPY Swimlane GRC Chaos: The High Price of Audits and Non-Compliance · Apr 15, 2025
Compliance Manual Processes GRC
90% of organisations are concerned that poor collaboration between GRC and security teams is undermining audit preparation.
COPY Swimlane GRC Chaos: The High Price of Audits and Non-Compliance · Apr 15, 2025
Compliance GRC Security Collaboration
96% of organisations say it’s challenging to keep up with the growing number of industry regulations.
COPY Swimlane GRC Chaos: The High Price of Audits and Non-Compliance · Apr 15, 2025
Compliance Regulations GRC
Only 29% of all organisations say their compliance programmes consistently meet internal and external standards.
COPY Swimlane GRC Chaos: The High Price of Audits and Non-Compliance · Apr 15, 2025
Compliance Compliance program GRC
On average, just 39% of the audit evidence process is automated.
COPY Swimlane GRC Chaos: The High Price of Audits and Non-Compliance · Apr 15, 2025
Compliance Audit Tool stack Automation GRC
92% of respondents rely on three or more tools to gather audit evidence.
COPY Swimlane GRC Chaos: The High Price of Audits and Non-Compliance · Apr 15, 2025
Compliance Audits Tool stack Tools GRC
Topics Covered Enterprise (14) Compliance (8) GRC (7) Cyber hygiene (4) Budget (4) AI (3) Automation (3) UK (3) US cybersecurity instability (3) Federal defunding (3) Security incident (2) Patching (2) Critical patches (2) Audit (2) Tool stack (2)