2026 Global Digital Trust Insights: Only 6% Confident in Cyber Resilience

TL;DR: PwC’s survey of 3,887 business and tech executives across 72 countries reveals a stark cyber preparedness gap: only 6% feel confident in their organisation’s cyber resilience across all surveyed vulnerabilities. Whilst geopolitical uncertainty drives 60% to prioritise cyber risk investment, organisations remain predominantly reactive (67% split investment equally between reactive and proactive measures) with quantum computing readiness severely lagging (49% haven’t started quantum-resistant initiatives).

PwC’s 2026 Global Digital Trust Insights survey, published October 2025, exposes significant disconnects between cyber threat awareness and organisational preparedness. The findings paint a picture of businesses recognising risks whilst struggling to implement proactive defence strategies.

The Confidence Crisis

Only 6% of surveyed executives feel confident in their organisation’s cyber resilience across all surveyed vulnerabilities—a staggeringly low figure that suggests widespread recognition of security gaps. This crisis of confidence coincides with heightened geopolitical tensions driving strategic cybersecurity priorities.

Sixty per cent of organisations prioritise cyber risk investment in their top three strategic areas due to geopolitical uncertainty, with 41% changing critical infrastructure location strategies and 39% adjusting trade and operating policies. However, awareness hasn’t translated into proactive positioning.

Reactive Versus Proactive Spending

The reactive posture persists: 67% of organisations spend roughly equally on reactive versus proactive measures—a non-ideal ratio according to PwC. Just 24% invest significantly more in proactive measures, suggesting most organisations remain in firefighting mode rather than building resilient systems.

“Moving from reactive defense to proactive resilience is real opportunity for leaders,” according to Google Cloud leadership, highlighting the strategic shift organisations must make in this uncertain environment.

AI Security and Skills Gaps

Threat hunting ranks as the top AI security capability priority for the next 12 months, with agentic AI solutions among the highest-priority deployments. Fifty-three per cent of organisations are adopting AI and machine learning tools to address skills shortages.

However, knowledge and skills gaps represent the top two barriers to AI implementation for cyber defence—a paradox where AI tools intended to bridge capability gaps require expertise organisations lack. Forty-eight per cent of organisations that experienced major attacks now prioritise specialised managed services, with AI and cloud security leading use case adoption.

Quantum Computing Readiness Deficit

Quantum computing preparedness reveals perhaps the starkest gap: only 3% have implemented all leading quantum-resistant measures, whilst 49% haven’t started any quantum-resistant initiatives. A further 29% are in piloting and testing phases.

This lag poses significant risk as quantum computing capabilities advance. Organisations delaying quantum-resistant cryptography implementation risk exposure to “harvest now, decrypt later” attacks—where adversaries collect encrypted data today for decryption once quantum computers become sufficiently powerful.

Looking Forward

The survey reveals a troubling pattern: heightened awareness and stated priorities disconnected from implementation reality. Whilst geopolitical uncertainty and emerging technologies drive strategic concern, organisations struggle to transition from reactive security postures to proactive resilience.

The gap between recognition and action suggests systemic challenges—skills shortages, budget constraints, competing priorities, and complexity of implementing proactive security measures. Closing this gap requires more than awareness; it demands strategic commitment, investment reallocation, and fundamental shifts in how organisations approach cybersecurity resilience.

Source Attribution:

Share this article