Fifth of Breaches Take Two Weeks to Recover From

Endpoint disruption has become a costly reality for enterprises. The Absolute Security survey reveals that more than half of surveyed organizations experienced attacks that knocked mobile, remote, or hybrid devices offline, with remediation timelines stretching from three to fourteen days. Financially, the burden is steep: the average incident costs $2.5 million, and 98% of firms report total recovery expenses between $1 million and $5 million. These figures underscore the urgent need for robust endpoint management and rapid response capabilities to protect both operational continuity and the bottom line.

At the same time, the data shows a worrying retreat in formal cyber‑resilience planning. Only 68% of respondents now report having a dedicated resilience strategy, down from 90% a year earlier, and a similar dip is seen in prioritizing resilience over traditional security functions. This erosion coincides with an expanded CISO mandate; 72% say they now oversee post‑breach recovery, blending security expertise with business continuity leadership. The shift signals that executives must broaden their security outlook, integrating resilience metrics, incident‑response drills, and cross‑functional coordination to avoid the existential risks of prolonged outages.

Real‑world breaches illustrate the stakes. The Jaguar Land Rover hack inflicted an estimated £1.9 bn ($2.6 bn) impact, while Marks & Spencer’s incident cost roughly £300 m ($400 m). Such losses extend beyond direct remediation, affecting brand reputation, regulatory exposure, and workforce stability. Organizations should therefore invest in proactive resilience measures—such as automated endpoint detection, tiered recovery playbooks, and continuous risk assessments—to shorten downtime and curb financial fallout. Aligning CISO responsibilities with broader operational goals will be critical for navigating an increasingly hostile cyber landscape.