Wed, Jun 14, 2023

2023 State of Cyber Defense: The False-Positive of Trust

Download the Report

Lack of trust ranked as the biggest security concern by security decision-makers globally.

Kroll conducted a survey of 1,000 senior information security decision-makers based in North and South America, APAC and EMEA. Respondents were from organizations with between $50 million and $10 billion in revenue, across multiple sectors. Our goal was to understand the current state of cyber defense, the levels of organizational trust, and how true cyber maturity links to trust in facilitating organizations to stay ahead of the curve in a constantly evolving threat landscape. 

Our findings reveal a concerning inconsistency between organizations’ level of trust in their own cybersecurity status and their readiness to achieve true cyber resilience.

Key Highlights Include
  • Why security decision-makers rank a lack of trust as their biggest cybersecurity challenge
  • The dangers of the majority of respondents trusting their employees’ abilities to avoid falling victim to a cyber incident above security teams and tools
  • The critical difference between what security teams are defending against versus what they believe their security tools protect them from 
  • Country and industry breakdowns on the reasons behind distrust in an organization

Over-confidence in the Current Cyber Defense Landscape

Organization's Cyber Defense
Do you trust your organization’s cybersecurity defenses to successfully defend against most/all cyberattacks? [1000], split by region, omitting some answer options

Security decision-makers place trust and confidence in their teams and technology to protect their organizations, but many display an ‘over-confidence’. Over a third (37%) of senior security decision-makers interviewed report they ‘completely trust’ their organization is protected and can successfully defend against most/all cyber-attacks, indicating a level of over-confidence in being able to defend against all potential threats.

This ties to the link found with CFOs also being over-confident in their companies’ ability to defend against cybersecurity incidents, in research conducted by Kroll in 2022 - CFO Cyber Security Survey: Over-Confidence is Costly.

Not All Security Leaders Understand What Their Security Tools Are Protecting Against

Cybersecurity platforms used
How many cybersecurity platforms does your organization use regularly to monitor cybersecurity alerts? [1000], split by sector

For any organization looking to effectively defend against cyber threats, it is essential they understand what they are protecting against and which tools to implement to protect themselves in the long-term.

Most organizations are using multiple platforms for cybersecurity – with eight platforms used on average.

Interestingly, the higher the average number of platforms used, the more cybersecurity incidents the organizations have experienced.

Senior Leadership Have Cautious Trust in Their Cyber Defenses, but Security Teams ‘Over-Trust’

State of Cyber Defense
Do you feel that the level of trust the senior leadership team has in your team to keep the business secure from threats could be improved in your organization? [1000], omitting some answer options

95% of security decision-makers feel that improvements are needed in the level trust given by senior leadership.

Humans Are Trusted More Than Technology

State of Cyber Defense
Which of the following do you trust the most within your organization? [1000], combination of responses ranked first, second and third, omitting some answer options

When it comes to specific departments, information security decision-makers have understandably significant levels of trust in information security teams (94%). When looking at the methods to prevent a cyberattack, respondents state that they trust their fellow employees’ abilities to avoid falling victim to a cyber incident (66%) above all else.

Trust in employees is ranked higher than the ability of the security team to identify and prioritize security gaps (63%), accuracy of data alerts (59%), effectiveness of cybersecurity tools and technologies (56%), and the accuracy of threat intelligence data (56%).

The Benefits of Trust Are Overshadowed by a Lack of It

State of Cyber Defense
In general (thinking about other organizations as well as your own), what do you believe are the consequences of a lack of trust in the cyber environment? [1000], omitting some answer options

An overwhelming majority (98%) agree there is a cost to a lack of trust in the workplace, and this cost can be far-reaching.

Much, Much More Inside

Download the Report

We will use this information to respond to your inquiry and process your data in accordance with our privacy policy.

The full report also covers:

  • What do information security decision-makers view as effective ways to build trust?

  • What are seen as the key limiting factors to achieving cyber resilience?

  • How do organizations leverage outsourcing and MDR? 

  • What is perceived as the most frequent cause of loss of trust?

For access to the full results, complete the form to download the report.


Cyber Risk

Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.

Cyber Risk Retainer

Kroll delivers more than a typical incident response retainer—secure a true cyber risk retainer with elite digital forensics and incident response capabilities and maximum flexibility for proactive and notification services.

Penetration Testing Services

Validate your cyber defenses against real-world threats. Kroll’s world-class penetration testing services bring together front-line threat intelligence, thousands of hours of cyber security assessments completed each year and a team of certified cyber experts — the foundation for our sophisticated and scalable approach.


Kroll Responder MDR

Stop cyberattacks. Kroll Responder managed detection and response is fueled by seasoned IR experts and frontline threat intelligence to deliver unrivaled response.

Computer Forensics

Kroll's computer forensics experts ensure that no digital evidence is overlooked and assist at any stage of an investigation or litigation, regardless of the number or location of data sources.

Virtual CISO (vCISO) Advisory Services

Kroll’s Virtual CISO (vCISO) services help executives, security and technology teams safeguard information assets while supporting business operations with augmented cyber expertise to reduce business risk, signal commitment to data security and enhance overall security posture.


24x7 Incident Response

Kroll is the largest global IR provider with experienced responders who can handle the entire security incident lifecycle.

Cloud Security Services

Kroll’s multi-layered approach to cloud security consulting services merges our industry-leading team of AWS and Azure-certified architects, cloud security experts and unrivalled incident expertise.

Ransomware Preparedness Assessment

Kroll’s ransomware preparedness assessment helps your organization avoid ransomware attacks by examining 14 crucial security areas and attack vectors.