European business leaders increasingly recognise cyber risk as the biggest threat to business continuity and operations, but many still stop short of treating it as a CEO responsibility. New research from HarfangLab, the European cybersecurity leader in workspace detection and response, reveals three quarters (73%) say a cyber incident could significantly disrupt operations and revenue, with almost half of businesses (48%) seeing an impact to revenue within the same business day, 14% of them within a few hours. Yet despite recognising the potential business impact, only 18% of organisations say business continuity and rapid recovery is the primary focus of their cybersecurity strategy and more than half (55%) of business leaders acknowledge that cybersecurity is primarily treated as a technical issue rather than a responsibility shared by the C-suite.
Companies only put cybersecurity on the CEO agenda once revenue is threatened: organisations where revenue is affected within hours are twice as likely to make cybersecurity a CEO priority (46% vs 23% overall). This suggests leadership ownership increases when business impact is immediate and tangible.
European businesses lose revenue within hours of a cyberattack but need days to recover
European leaders rank cyberattacks as the biggest threat to business continuity, ahead of geopolitical instability, skill shortages and AI-related risks. Cyber risk is prioritised because it is immediate, measurable and operational.
A quarter (25%) of European organisations say that a 24-hour disruption to critical operations would result in significant or severe revenue loss (16% or more of daily revenue). 4% even say this would lead to daily revenue losses of 25% or more.
At the same time, European organisations estimate it takes an average of 4.32 days to return to normal operations following a cyber incident, revealing a widening gap between the speed of financial impact and the speed of recovery.
Cybersecurity ownership is fragmented
While cyber risk is increasingly recognised as a business issue, ownership remains fragmented across technical and executive functions, leaving many organisations without a clear leader accountable for cyber resilience. The research shows that responsibility is split across CEO (23%), CISO (27%) and CIO (33%) roles, showing no clear ownership across Europe’s businesses.
Accountability after a breach is similarly distributed, reinforcing the absence of a single point of responsibility – 24% CEOs, 36% CIOs, CISOs or CTOs and 22% external providers would be held accountable.
AI investment is accelerating faster than cyber governance
While organisations increasingly recognise cyber threats, many are simultaneously expanding their use of AI. The largest share of AI investment is focused on productivity and efficiency (23%), while only 16% prioritise AI investment for cybersecurity and defence. At the same time, less than half of organisations require a security review before deploying AI tools (46%), while only 40% have formal AI policies in place.
The findings suggest that many businesses are deploying AI faster than they are building the governance frameworks needed to secure it. This creates a growing imbalance between the speed of AI adoption and organisations’ ability to manage the new security risks it introduces.
“The AI focus is particularly alarming, because the fast arrival of agentic AI inside of businesses is actually creating new type of threats that cybersecurity professionals and providers are currently coping with. W explains Anouck Teiller, Deputy CEO at HarfangLab.
Accountability increasing through regulation
As cyber risk becomes increasingly intertwined with business continuity, regulatory pressure is accelerating executive accountability, and regulation is bringing cyber security into the boardroom. Three quarters (75%) of European business leaders say cyber regulation is increasing board-level accountability. 59% are personally concerned about being held accountable for cyber incidents.
While 72% of business leaders agree that European cybersecurity regulations are a competitive advantage, many of them are struggling to operationalise compliance fast enough. 65% say that their organisation struggles to implement regulatory requirements in practice, and 60% say the pace of regulatory change is difficult to keep up with.
” Our research shows a clear disconnect between awareness and ownership,” says Anouck Teiller, Deputy CEO at HarfangLab. “Business leaders recognise the disruption and revenue loss cyber incidents can cause, but responsibility around cybersecurity remains fragmented and treated like an IT issue. Cyber resilience requires clear ownership supported by strong internal expertise and trusted external partners. Businesses that treat cybersecurity as a business continuity issue rather than a technical one that can be resolved with high budgets, will be the most resilient.”
For more information and to access the full report : https://harfanglab.io/resources/the-state-of-cybersecurity-report-2026/
– END –
About HarfangLab
HarfangLab is a global cybersecurity provider specializing in endpoint protection against known and unknown threats. Founded in 2018, HarfangLab detects 100% of attacks and neutralizes them on workstations and servers.
Its EDR was the first to be certified by the French National Cybersecurity Agency (ANSSI) and by the German Federal Office for Information Security (BSI). A Forrester Notable Vendor, HarfangLab protects hundreds of customers worldwide, including public administrations and companies of all sizes that depend on its EDR, EPP, and ASM solutions to secure their workspaces.
Your security, your choice: deploy complete detection and response via the Cloud, Hybrid, or On-Prem. The HarfangLab platform integrates natively with industry-leading security tools, leverages in-house AI, is fully operable via API, and ensures full transparency into data and detection rules – delivering strategic autonomy for SOC teams and the workspaces they defend.