Absolute Survey Warns of Realities of Security Operations: Enterprise PCs Left "Defenseless" for 76 Days Annually
According to a report by Absolute Security, about 20% of enterprise endpoint security software fails to function, leaving PCs exposed to cyber threats for up to 76 days a year and causing $400 billion in downtime losses.
📋 Article Processing Timeline
- 📰 Published: April 6, 2026 at 20:00
- 🔍 Collected: April 6, 2026 at 11:30
- 🤖 AI Analyzed: April 21, 2026 at 01:14 (349h 44m after Collected)
*This release is a Japanese translation based on the English release distributed by Absolute Security on March 23, 2026 (local time). In the event of any discrepancies in content or interpretation, the English version shall prevail.*
Absolute Security (hereinafter "Absolute"), a leader in enterprise cyber resilience, has released its latest research report, the "Absolute Security 2026 Resilience Risk Index." According to this survey, approximately 20% of enterprise endpoint security software is not functioning properly, revealing that enterprise PCs are exposed to the risk of cyber attacks for up to 76 days a year. As a result, downtime losses due to cyber incidents have reached a scale of 400 billion US dollars annually.
Christy Wyatt, President and CEO of Absolute, stated the following:
"Cyber attacks are no longer an avoidable business risk, but business interruptions (downtime) can be prevented. In the current security industry, there is a significant gap between 'being deployed' and 'being functional.' We are continually releasing innovative tools for threat detection and prevention into the world, but unfortunately, we are lagging behind when it comes to guaranteeing that these tools will reliably continue to operate when they are needed most. Companies need to shift to countermeasures predicated on 'resilience,' ensuring that security functions reliably continue to operate under all circumstances."
Key Highlights of the "Absolute Security 2026 Resilience Risk Index"
This report was created by Absolute's expert team in cyber resilience by analyzing telemetry data collected and anonymized from millions of endpoint devices. The report also includes critical findings that reveal the causes behind why downtime is triggering a global economic crisis.
Severe Delays in Patch Application: An average delay of 127 days was confirmed in the application of critical OS patches for Windows 10 and 11. During this period, devices are left vulnerable to threats such as zero-day attacks, ransomware, security breaches, and configuration failures. This number of days is a significant deterioration from the 56 days in the previous year's report.
Continued Use of End-of-Support OS: Currently, about 10% of PCs still use Windows 10. After the end of support in October 2025, these devices are exposed to extremely high risks against new vulnerabilities and attacks.
Disconnect Between Generative AI Usage and Security: While the use of high-risk generative AI such as DeepSeek is expanding, the number of browser sessions has nearly doubled year-over-year (from 150 million to 350 million). Considering the situation where security tools fail to function at a rate of about 20%, it highlights the reality that appropriate governance has not kept pace.
Deficiencies in Data Protection: Across all industries, risks were identified where 20% of devices had sensitive data stored, 30% were unencrypted, and 25% had unknown whereabouts.
Surge in AI-Enabled Devices: Approximately 20% of security software fails to protect...
Absolute Security (hereinafter "Absolute"), a leader in enterprise cyber resilience, has released its latest research report, the "Absolute Security 2026 Resilience Risk Index." According to this survey, approximately 20% of enterprise endpoint security software is not functioning properly, revealing that enterprise PCs are exposed to the risk of cyber attacks for up to 76 days a year. As a result, downtime losses due to cyber incidents have reached a scale of 400 billion US dollars annually.
Christy Wyatt, President and CEO of Absolute, stated the following:
"Cyber attacks are no longer an avoidable business risk, but business interruptions (downtime) can be prevented. In the current security industry, there is a significant gap between 'being deployed' and 'being functional.' We are continually releasing innovative tools for threat detection and prevention into the world, but unfortunately, we are lagging behind when it comes to guaranteeing that these tools will reliably continue to operate when they are needed most. Companies need to shift to countermeasures predicated on 'resilience,' ensuring that security functions reliably continue to operate under all circumstances."
Key Highlights of the "Absolute Security 2026 Resilience Risk Index"
This report was created by Absolute's expert team in cyber resilience by analyzing telemetry data collected and anonymized from millions of endpoint devices. The report also includes critical findings that reveal the causes behind why downtime is triggering a global economic crisis.
Severe Delays in Patch Application: An average delay of 127 days was confirmed in the application of critical OS patches for Windows 10 and 11. During this period, devices are left vulnerable to threats such as zero-day attacks, ransomware, security breaches, and configuration failures. This number of days is a significant deterioration from the 56 days in the previous year's report.
Continued Use of End-of-Support OS: Currently, about 10% of PCs still use Windows 10. After the end of support in October 2025, these devices are exposed to extremely high risks against new vulnerabilities and attacks.
Disconnect Between Generative AI Usage and Security: While the use of high-risk generative AI such as DeepSeek is expanding, the number of browser sessions has nearly doubled year-over-year (from 150 million to 350 million). Considering the situation where security tools fail to function at a rate of about 20%, it highlights the reality that appropriate governance has not kept pace.
Deficiencies in Data Protection: Across all industries, risks were identified where 20% of devices had sensitive data stored, 30% were unencrypted, and 25% had unknown whereabouts.
Surge in AI-Enabled Devices: Approximately 20% of security software fails to protect...