Report by Ivanti

2026 State of Cybersecurity Report: Bridging the Divide

23 FINDINGSPublished Feb 12, 2026

View Original Report →

Key Findings

47% of companies use mean time to remediate as a cybersecurity metric.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

RemediationOperational MetricsCybersecurity MetricsMean Time to Remediate

92% of security professionals say automation reduces their team's mean time to respond.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

AutomationIncident ResponseOperational EfficiencyMean Time to Respond

51% of companies use a cybersecurity exposure score or risk-based index.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

Risk ScoringCybersecurity MetricsExposure ManagementCybersecurity Exposure ScoreRisk-Based Index

43% of security teams use AI for threat intelligence correlation.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

Threat IntelligenceAISecurity Analytics

48% of security professionals say IT teams do not respond urgently to cybersecurity concerns.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

IT OperationsRisk Management

Security professionals are 5.5 times more likely to believe defenders will use AI as effectively as, or more effectively than, threat actors over the next 24 months.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

43% of security professionals report high stress.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

WorkforceStressEmployee Wellbeing

77% of organizations have been targeted by deepfake attacks.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

DeepfakeSocial Engineering

79% of security professionals say stress harms their physical or mental health.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

WorkforceHealthBurnout

Security professionals are 2.4 times more likely to believe defenders use AI as effectively as, or more effectively than, threat actors.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

60% of security professionals use business impact analysis to inform their risk prioritization.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

Risk ManagementBusiness Impact AnalysisSecurity Metrics

77% of security professionals express some level of comfort with deploying agentic systems and allowing them to act without human review.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

AISecurity OperationsAutomation

53% of security teams utilize AI for cloud security policy enforcement.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

Cloud SecurityAICloud Security Policy Enforcement

44% of security teams use AI for incident response workflows.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

Incident ResponseAISecurity Operations

27% of organizations are very prepared for synthetic digital content threats.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

Synthetic MediaPreparadness

42% of security teams use AI for vulnerability response and remediation.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

Vulnerability ManagementAIVulnerability ResponseVulnerability Remediation

51% of organizations have faced sophisticated, personalized phishing emails powered by deepfake technology.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

PhishingDeepfakeSocial Engineering

87% of security professionals say integrating agentic AI is a priority for their teams.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

AISecurity StrategyAutomationAgentic AI

48% say synthetic digital content is a high or critical threat.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

Synthetic MediaThreat AssessmentDeepfake

There is a 21-point gap between the 48% who say synthetic digital content is a high/critical threat and the 27% who are very prepared.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

PreparednessSynthetic MediaRisk Gap

30% of security professionals are confident that their CEOs could reliably identify a deepfake.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

DeepfakeExecutive Risk

40% of security professionals believe IT lacks an understanding of their organization's risk tolerance.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

Risk ManagementOrganizational AlignmentIT Operations

41% of companies use percentage of exposures remediated as a cybersecurity metric.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026

Exposure RemediationOperational MetricsCybersecurity Metrics