Security
SHARE
Facebook X Pinterest WhatsApp

Cytactic: Internal Chaos Often Surpasses Cyber Threats

Cytactic’s 2025 CIRM report finds 70% of security leaders say internal misalignment causes more chaos than cyber attackers during incidents.

Written By
thumbnail Luis Millares
Luis Millares
Sep 26, 2025
Channel Insider content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

Seventy percent of security leaders said that internal misalignment caused more chaos than the threat actors themselves during cybersecurity incidents, according to Cytactic’s 2025 State of Cybersecurity Incident Response Management (CIRM) Report.

‘Technically comprehensive’ plans collapse under pressure

The study, conducted by independent research firm TrendCandy, surveyed 480 senior cybersecurity leaders in the US to understand how organizations respond to major cybersecurity incidents and the internal challenges they face in the process.

Among the respondents were 165 CISOs, representing industries such as manufacturing, software, telecommunications, education, healthcare, and more.

The report revealed that 70 percent of leaders believe internal misalignments created more chaos than the attackers themselves. This presents a fundamental mismatch, with 73 percent of respondents describing their response plans as “technically comprehensive” while simultaneously admitting that these procedures fail under real-world pressure.

The CIRM report also highlighted leadership- and authority-related issues, pointing to internal misalignment as a significant obstacle. Here’s a quick overview:

  • 73 percent said they experienced CISO-CEO tension during incident response, exacerbating chaotic environments.
  • 54 percent shared that decision ownership shifted mid-incident, causing delays.
  • 41 percent stated that critical actions were delayed because no one knew who had final authority.

Cytactic stated that these findings highlight the “unsolved challenge” of incident response readiness, or the readiness gap, persisting even among experienced businesses and enterprises.

“To move from this chaotic reality to strategic incident response management, organizations must embrace disruptive, AI-powered technologies to minimize damage when cyber incidents strike,” said Nimrod Kozlovski, founder and chief executive officer at Cytactic. 

“The report makes it clear: preparing before and executing well at the time of an incident is critical to lessening the brand and financial damage of a cyber attack. With the vast majority of security leaders citing internal chaos due to lack of authority, clarity, and coordination under pressure, causing more chaos than the threat actor itself, the need for structured, well-orchestrated tools is undeniable,” he added.

From lack of preparation to translation gaps

Preparedness and the breadth of tools for handling cyber incidents were also central themes in the CIRM report. According to the study, 57 percent said they faced a major incident they had never rehearsed, while only 26 percent felt confident in their crisis technology deployment experience.

Concerns about tool fragmentation were also prominent, with 67 percent saying fragmented or complex tools slowed overall response. In light of this, 93 percent stated that AI-powered assistance could have prevented at least one major error they experienced, and 95 percent said they were already investing in AI simulations to strengthen incident readiness.

The Cytactic study further highlighted “translation time”—the back-and-forth between legal, communications, and technical teams—as a major issue, with 86 percent of respondents saying it led to costly delays.

A concrete example of this involved incident dashboards, where 24 percent of respondents reported that non-technical leaders could not interpret them without assistance, worsening those delays.

Security leaders’ wishlist to address the readiness gap

Given these challenges, the CIRM report also shed light on the possible ways forward envisioned by security leaders to resolve the incident readiness gap. Specifically, it asked what they would change if given a magic wand.  Here were their responses:

  • 65 percent wanted real-time AI-generated decision guidance
  • 52 percent wished for more frequent, realistic simulations
  • 47 percent requested faster legal and communications alignment
  • 46 percent cited seamless cross-functional coordination

Tim Brown, chief information security officer of SolarWinds and board advisor at Cytactic, emphasized the critical role of CISOs amid evolving threats, underscoring the need for dynamic strategies and tools to respond and stay ahead. 

“It is clear that organizations need technological tools to fill the critical gap in incident response management. Automation, predefined plans, and AI tools will reduce that dependency on human improvisation during incidents and will allow teams to focus on managing the incident rather than improvising,” said Brown.

“The key is using technology tools to practice, prepare, plan, and use these practices to manage both minor and major incidents,” Brown added.

thumbnail Luis Millares

Luis Millares has extensive experience reviewing virtual private networks (VPNs), password managers, and other security software. He has tested and reviewed numerous forms of tech, covering consumer technology like smartphones and laptops, all the way to enterprise software and cybersecurity products. He has authored over 450 online articles on technology and has worked for the leading tech journalism site in the Philippines, YugaTech.com. He currently contributes to the Daily Tech Insider newsletter, providing well-researched insights and coverage of the latest in technology.

Recommended for you...

thumbnail Darktrace Releases New Forensics Capabilities in Platform
Security
Darktrace Releases New Forensics Capabilities in Platform
Victoria Durgin
Sep 25, 2025
thumbnail CrowdStrike Fal.Con 2025: Key Partnerships and Integrations Recap
Security
CrowdStrike Fal.Con 2025: Key Partnerships and Integrations Recap
Luis Millares
Sep 23, 2025
thumbnail NinjaOne Exec on Why AI is Changing the Concept of Trust
Security
NinjaOne Exec on Why AI is Changing the Concept of Trust
Victoria Durgin
Sep 18, 2025
thumbnail SonicWall’s Michael Crean on State of Managed Security
Security
SonicWall’s Michael Crean on State of Managed Security
Victoria Durgin
Sep 17, 2025
Channel Insider Logo

Channel Insider combines news and technology recommendations to keep channel partners, value-added resellers, IT solution providers, MSPs, and SaaS providers informed on the changing IT landscape. These resources provide product comparisons, in-depth analysis of vendors, and interviews with subject matter experts to provide vendors with critical information for their operations.

facebook
linkedin
youtube
rss
spotify
x

Company

About us Contact us Advertise with us

Categories

Channel Business Security AI Infrastructure Lists & Awards

Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information