Given the constantly evolving and expanding threat landscape, digital resilience is no longer optional—it’s a survival necessity. Yet, the latest report from Splunk, “Bridging the Resilience Gap Across Public and Private Sectors,” conducted in collaboration with Foundry, reveals a troubling disparity between organizational confidence and preparedness. While 95% of surveyed decision-makers agree on the importance of resilience during a cyberattack, only 33% of private sector organizations believe they can recover within 12 hours. The situation is even more dire in the public sector, where budget constraints and resource shortages create additional hurdles.
I met with Mick Baccio, Global Security Advisor at Splunk, last week to talk about the report and get his perspective and insights. “There’s a lot of inconsistency in the messaging,” he explained. “A lot of organizations just think they are more prepared than they are. The data shows that they’re not.”
This gap underscores the urgent need for organizations to move beyond superficial confidence and take actionable steps toward genuine preparedness.
The Confidence-Preparedness Disconnect
The Splunk report sheds light on a universal challenge: the perception of readiness often doesn’t match reality. Public sector organizations reported lower preparedness rates (42%) compared to their private-sector counterparts (47%). Yet even private organizations struggle to align their confidence with their actual capabilities.
“Organizations think they’re doing enough, but when you dig into the data, they’re not addressing core practices like multifactor authentication or patch management,” Baccio explains. “They’re focusing on the shiny tools and skipping the basics.”
This confidence gap isn’t just theoretical—it has real-world consequences. Without a strong foundation, even the most advanced tools fail to deliver on their promises.
The Cyber Veggies: Why Basics Matter
Baccio has been beating the drum on the concept of “cyber veggies” for years—a metaphor for foundational cybersecurity practices such as patch management, asset inventory, and MFA. These basics, while unglamorous, are critical for resilience.
“You know you’re supposed to eat your vegetables for your health, and it’s the same with cybersecurity,” Baccio says. “If you skip these fundamentals, your enterprise pays the price. Fancy tools can’t fix bad processes.”
The numbers back this up. Organizations with strong foundational practices rated their resilience significantly higher than those with inconsistent implementations. Yet, only half of private-sector respondents and even fewer public-sector organizations consistently adopt these measures.
AI and Automation: Tools or Traps?
Advanced technologies like AI and automation promise to transform cybersecurity, but they’re not a panacea. According to the report, 64% of organizations plan to rely heavily on AI for cybersecurity in the coming year.
“AI is a force multiplier,” Baccio notes. “It helps process vast amounts of data, improves threat detection, and can automate repetitive tasks. But if your fundamentals are weak, AI just accelerates bad outcomes.”
Baccio likens it to automating a flawed response plan: “If your process is broken, AI will just make you fail faster.” He emphasizes the need for well-defined use cases and robust underlying systems to maximize AI’s potential.
Phishing and the Human Factor
Phishing remains one of the most pervasive threats, and generative AI has raised the stakes by enabling highly personalized and convincing attacks. While security awareness training is essential, Baccio argues it should not be the backbone of an organization’s defenses.
“User awareness is important, but it’s not a security measure,” he explains. “As a security team, you have to assume users will click the link and build defenses accordingly.”
This includes implementing MFA across networks and cloud accounts. “Phishing tests don’t always work because they focus on clicks, not the bigger picture of credential security,” Baccio adds.
Sector-Specific Challenges and Collaborative Solutions
The report highlights unique challenges faced by the public and private sectors. Public sector organizations cite insufficient budgets as a significant barrier, with 86% reporting financial constraints compared to 76% in the private sector. However, private organizations often lack regulatory mandates to enforce consistent practices, leading to uneven adoption of basic measures.
“Everyone thinks their budget is too low, but resilience isn’t just about new tools—it’s about doing the fundamentals well,” Baccio emphasizes.
Collaboration between sectors could bridge these gaps. Shared insights, regulatory frameworks, and joint investments in scalable solutions like cloud security and SOAR tools offer opportunities for mutual benefit.
Building a Resilient Future
Achieving true resilience requires a cultural shift. Organizations must balance investments in people, processes, and technology while prioritizing foundational practices.
“The fundamentals are immutable,” Baccio stresses. “You can add all the bells and whistles, but if you’re not eating your cyber veggies, your resilience strategy will fail.”
With advanced tools like AI and automation on the rise, organizations have the opportunity to enhance their defenses and recovery capabilities. But success hinges on getting the basics right and fostering a culture of continuous improvement.
As Baccio puts it, “Cyber resilience is like a pyramid—if the base isn’t solid, everything above it crumbles.”
By addressing the confidence gap and committing to actionable steps, organizations can fortify their defenses and ensure they’re ready for whatever threats come their way. Let’s not wait for the next crisis to start building a stronger foundation.
