Key Takeaways
- 96% of chief information security officers prefer a hybrid infrastructure model to meet regulatory and compliance requirements
- 97% of CISOs believe a hybrid model will help meet obligations related to data sovereignty and residency
- 96% of respondents consider the convergence of operational technology and information technology essential for protecting critical infrastructure
- 9 out of 10 CISOs currently work in hybrid environments to maintain business continuity
- Lack of understanding of IT and OT security differences among leadership is a significant concern, with 2 out of 5 CISOs reporting this issue
Introduction to Hybrid Infrastructure
Hybrid infrastructure, which includes a mix of public and private cloud environments, on-premises workloads, and air-gapped systems, has become the preferred choice among security leaders for boosting resilience and managing risk. According to a report by Trellix, a staggering 96% of chief information security officers (CISOs) believe that a hybrid model is the best approach to meet regulatory and compliance requirements. This is because hybrid infrastructure provides a more flexible and adaptable environment, allowing organizations to better manage their risk and maintain business continuity.
Benefits of Hybrid Infrastructure
The benefits of hybrid infrastructure are numerous. For one, it helps organizations to maintain business continuity in the event of a cyberattack or localized failure. About 9 out of 10 CISOs currently work in hybrid environments, which suggests that this approach has become a standard practice in the industry. Additionally, 97% of CISOs believe that a hybrid model will help meet obligations related to data sovereignty and residency. This is particularly important in today’s globalized world, where data is often stored and processed across multiple jurisdictions. By using a hybrid infrastructure, organizations can ensure that they are meeting the necessary regulatory requirements and protecting their sensitive data.
Convergence of Operational Technology and Information Technology
Another key issue that CISOs are concerned about is the convergence of operational technology (OT) and information technology (IT). About 96% of respondents to the survey believe that this convergence is essential for protecting critical infrastructure from attack. However, despite this consensus, 2 out of 5 CISOs reported that their leadership lacks an understanding of how IT and OT security differ from one another. This lack of understanding can have serious consequences, as it can lead to security vulnerabilities and gaps in protection. Therefore, it is essential for organizations to educate their leadership about the differences between IT and OT security and to implement the necessary measures to protect their critical infrastructure.
Operational Resilience and Business Continuity
Operational resilience and business continuity have emerged as significant concerns in 2025, particularly in the wake of major cyberattacks that have disrupted business operations for weeks or even months. For example, the British automaker Jaguar Land Rover suffered a cyberattack in late summer that disrupted vehicle production for over a month, resulting in a $2.5 billion impact on the British economy. This incident highlights the importance of maintaining business continuity and operational resilience in the face of cyberattacks. By using a hybrid infrastructure and implementing the necessary security measures, organizations can reduce the risk of such incidents and ensure that their business operations continue uninterrupted.
Conclusion
In conclusion, hybrid infrastructure has become the preferred choice among security leaders for boosting resilience and managing risk. The benefits of hybrid infrastructure are numerous, including maintaining business continuity, meeting regulatory requirements, and protecting sensitive data. However, the convergence of OT and IT is a key issue that CISOs are concerned about, and it is essential for organizations to educate their leadership about the differences between IT and OT security. By using a hybrid infrastructure and implementing the necessary security measures, organizations can reduce the risk of cyberattacks and ensure that their business operations continue uninterrupted. As the threat landscape continues to evolve, it is essential for organizations to stay ahead of the curve and implement the necessary measures to protect their critical infrastructure and maintain operational resilience.
