April 9, 2026 – LevelBlue, the world’s largest pure-play provider of managed security services, has released Persona Spotlight: CTO (Chief Technology Officer), the latest report in its ongoing research examining how technology leaders are navigating cyber resilience in an era of AI-driven transformation. 

Building on insights from LevelBlue’s 2025 Futures Report: Cyber Resilience and Business Impact, the findings reveal a growing disconnect for today’s CTOs: while organisations are confident in their security technologies and architectures, gaps in alignment, accountability, and workforce readiness are limiting their effectiveness. As AI continues to reshape both cyber defences and threats, CTOs are increasingly focused on unifying the enterprise to strengthen resilience. 

Kory Daniels, Chief Security & Trust Officer at LevelBlue, said, “CTOs are confident in their technology, but resilience ultimately depends on how well people, processes, and priorities align. Closing the gap between technical capability and organisational readiness, especially in the face of AI-driven threats, will define which organisations can respond quickly and maintain trust.” 

Are human factors the weakest link in cyber resilience?

Despite advancements in security technology, only 27 per cent of CTOs report strong organisational alignment on cyber resilience: 

• 75 per cent say unclear ownership impairs strategy 
• 36 per cent report a significant increase in cyberattacks 
• one in five experienced a breach in the past 12 months. 

This lack of accountability can delay response times and disconnect cybersecurity from broader business risk. In response, 57 per cent of CTOs cite embedding cybersecurity across the business as their top priority. 

Are workforce vulnerabilities driving the next wave of attacks?

CTOs are increasingly concerned about threats targeting human behaviour: 

• 60 per cent say it is harder for employees to distinguish legitimate from malicious activity 
• 57 per cent believe ransomware attacks are imminent 
• 50 per cent say the same about business email compromise. 

While ~60 per cent report strong threat management for known risks, preparedness for emerging threats lags: 

• 39 per cent believe AI-driven attacks are imminent 
• only 24 per cent feel prepared to manage them 

How are CTOs approaching workforce education and alignment?

Although workforce risk is top of mind, investment remains uneven: 

• Just 22 per cent prioritise workforce education on cyber resilience 
• 42 per cent report significant investment in resilience processes 
• 33 per cent cite inadequate KPIs linking cybersecurity to business outcomes. 

More than one-third say efforts to align cyber risk with business risk are ineffective or stalled.  

Is the software supply chain introducing new human risk?

CTOs recognise growing risk across the software supply chain: 

• 60 per cent are concerned about third-party distribution channels 
• 50 per cent cite third-party risk as a major issue 
• only 27 per cent report high visibility into their supply chain. 

Preparedness remains limited, with just 21 per cent prioritising identification of third-party components and 22 per cent establishing supplier benchmarks. 

To download the full report, click here. For more information, visit www.levelblue.com.  

About LevelBlue

LevelBlue reduces risk and builds lasting resilience so organisations can innovate and advance their mission with confidence. As the world’s most analyst-recognised and largest pure-play managed security services provider, LevelBlue elevates client outcomes that matter: stronger defence, faster response, and sustained business continuity. LevelBlue combines AI-powered security operations, advanced threat intelligence, and elite human expertise to provide the most comprehensive portfolio of strategic advisory, managed security, offensive security, and incident response services. Learn more at LevelBlue.com.