CISOs Are Questioning What A Crisis Framework Should Look Like
Help Net Security, Wednesday, December 3rd, 2025
CISOs increasingly assume the next breach is coming. What concerns them most is whether their teams will understand the incident quickly enough to limit the fallout. A recent report by Binalyze looks at how investigation practices are holding up across large US enterprises.
84% say a successful breach is inevitable. That belief shapes budgets, staffing plans and expectations during an incident. It also increases pressure to shrink the gap between detection and investigation. Even so, teams wait an average of 8.6 hours before bringing forensics into the response process.
Slow engagement creates cost. Each hour of delay adds about $114,000 to the impact of an attack. The exact number will vary from case to case, but it reflects a shared view across the industry. Response time is a financial risk as much as a technical one.