Introducing Optiv’s State of Cyber Governance Report

February 17, 2023

The cybersecurity landscape had a tremendous 2022. The Conti ransomware attack against Costa Rica in April, for example, proved that organizations must prepare for increasingly sophisticated cyberattacks that could impact global economic and political systems. The urgent necessity of the hour is to identify and implement advanced cybersecurity technologies to counter these ever-evolving threats. Finding a balance between technology adoption and the mitigation of new and evolving cyber risks will continue to be the top priority in 2023 for security leaders worldwide.


Optiv’s cyber advisory and strategic leadership in this space - our presence across major global markets and diverse industry expertise - has allowed us to curate a ‘State of Cyber Governance’ Report for 2022. This report highlights key trends and patterns in cybersecurity governance structures, capabilities and technology landscapes across six key industries:


  • Industrials
  • Consumers
  • Healthcare
  • Energy and Utilities
  • Technology and Communication
  • Financial Services


Optiv’s ‘State of Cyber Governance 2022’ survey was distributed to organizations of various sizes and included questions about cybersecurity practices, technology usage and incident response plans. We conducted in-depth interviews with cybersecurity experts and practitioners, including more than 300 security leaders and executives, to gain further context about cybersecurity practices and the challenges faced by their organizations. Our report further analyzes security technology sales across industries of at least 3,000 security technologies.


Optiv has leveraged the National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF) as a baseline for comparing the performance of organizations across industries and sectors. The maturity scores were assigned according to the Capability Maturity Model Integration (CMMI) model for the analysis of different organizations and industries.


This report empowers security leaders to drive security-focused conversations within their organizations. We provide insights into:


  • A comprehensive overview of the current state of cybersecurity governance across industries
  • Cyber spending trends and resource allocation against industry benchmarks
  • Adoption and deployment of security technologies and their impact on overall cybersecurity governance
  • Maturity and effectiveness of cybersecurity capabilities across the industries


You can use this report in the link provided to strengthen your organization's cybersecurity posture and metrics, as well as prepare your organization to handle new era risks and threats. If you or your organization have questions for us or would like to schedule a conversation about this report, please do not hesitate to reach out to me at

Pradeep Sekar
Director, Cyber Strategy & Transformation | Optiv
Pradeep is a seasoned cybersecurity leader who has worked closely with and guided Fortune 100 and Fortune 500 Chief Information Security Officers (CISOs), Chief Information Officers (CIOs) and their teams across various industries to develop and sustain secure, adaptive and robust cybersecurity programs.

Optiv Security: Secure greatness.®

Optiv is the cyber advisory and solutions leader, delivering strategic and technical expertise to nearly 6,000 companies across every major industry. We partner with organizations to advise, deploy and operate complete cybersecurity programs from strategy and managed security services to risk, integration and technology solutions. With clients at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can. At Optiv, we manage cyber risk so you can secure your full potential. For more information, visit