RedSeal, a leader in the cybersecurity analytics market, has released the results of a CEO study, which surveyed perceptions of — and confidence in — their cybersecurity posture.

The study, based on a survey of 200 chief executive officers from organizations across a host of major industries, including technology, finance, manufacturing, government and retail, found that more than 80 percent of CEOs are confident in their firm’s cybersecurity strategies, despite the fact that security incidents have surged 66 percent year-over-year since 2009, according to PricewaterhouseCoopers’ 2017 Global State of Information Security Survey.

“CEOs are underestimating their companies’ cyber vulnerabilities,” said Ray Rothrock, chairman and CEO of RedSeal. “Their confidence does not square with what we observe. Cyber-attacks are up and financial losses associated with these attacks are increasing dramatically.”

This is a particularly acute problem in the Middle East, where according to PricewaterhouseCoopers’ 2016 report on cybersecurity in the Middle East, companies suffered larger financial losses than their global counterparts as a result of cyber-attacks with 50 percent reporting losses greater than $500,000 as opposed to 33 percent globally.

While CEOs remain confident that their cyber strategies are well-equipped to handle the risks facing their company networks, there is a disconnect between their perception and reality. The RedSeal study found that half of the CEOs still prioritize keeping hackers out of the network, versus just 24 percent who were concerned with building capabilities to deal with hackers who have successfully breached their network's perimeter defenses.

“The new cyber battleground is inside the network, not at the perimeter,” said Rothrock. “Firewalls, virus detectors, and malware scans are required to keep out 99 percent of the bad guys, but the one percent who get in can cripple a firm, critical infrastructure or a government agency.”

The study found that, while 87 percent of CEOs agree that they need a better way to measure the effectiveness of their cybersecurity investments, 84 percent still plan to increase their spending in the next year. A trend reiterated by IDC’s Oct. 2016 prediction that organizations will spend $101.6 billion on cybersecurity software, services, and hardware in 2020, a 38 percent increase from its 2016 spend projections.