The Downtime Era is Now: Cyber Incidents and AI Enabled Attacks are Driving $400 Billion in Downtime Losses Annually

RSAC 2026--Absolute Security, an enterprise cyber resilience leader, today published its 2026 Resilience Risk Index, revealing that endpoint security software fails to protect devices nearly 21 percent of the time. This finding means that globally-distributed PCs are vulnerable to AI-driven attacks and cyber incidents up to 76 days per year—a gap that is contributing to $400 billion in annual downtime losses.¹

“Cyberattacks are inevitable, downtime is optional,” said Christy Wyatt, President and CEO of Absolute Security. “The cybersecurity industry has rushed to provide innovations that detect and prevent threats, unfortunately it’s lagging when it comes to ensuring that tools can remain operational when they are needed most. Enterprise security, risk, and business leaders that are working together to ensure their critical defenses remain resilient under any conditions will avoid falling victim to the downtime era.”

Absolute Security Resilience Risk Index 2026 Top Highlights
To compile the report, the company’s Cyber Resilience experts analyzed anonymized telemetry across millions of endpoint devices. Included in the research are additional key findings revealing why downtime has become a global economic crisis:

• Critical OS patching across PCs running Windows 10 and 11 is behind an average of 127 days, leaving devices vulnerable to downtime caused by zero day attacks, ransomware, compromise, and configuration failures. This is a sharp increase over what was revealed in the 2025 report, when overall patching lagged 56 days.

• 10% of PCs continue to run on Windows 10. With Microsoft having ended support for the OS in October 2025, these devices are now highly-exposed to adapting and emerging vulnerabilities and attacks.

• PCs continue to engage with high-risk GenAI sites like DeepSeek while also massively increasing the number of browser sessions observed from 150 million to 350 million, year-over-year. With endpoint security tools failing 20% of the time, this means that GenAI visits may be taking place without governance applied.

• Across all industries, 20 percent of connected devices store sensitive data, with 30 percent lacking encryption, and 25 percent unaccounted for. Last year’s report revealed that 18 percent of connected devices stored sensitive data, with 35 percent lacking encryption, and 26 percent unaccounted for.

• Endpoint devices are rapidly becoming the new AI platform, despite security software failing 20 percent of the time. In the 2025 report, it was shown that 68 percent of PCs had enough RAM needed to fully take advantage of AI (16-32 GB). This year, it was revealed that enterprises are ramping investment in AI ready devices, with 96% now equipped with 16-32 GB.

Download your copy: Absolute Security’s Cyber Resilience Risk Index 2026

RSAC 2026, MOSCONE SOUTH, #2039, Tuesday, March 24 – Thursday, March 26
Join Absolute Security Cyber Resilience experts during exhibition hours to discover how the AI-Powered Absolute Security Cyber Resilience Platform helps customers defend their organizations against threats, protect against risk, and to stop costly downtime caused by cyberattacks, ransomware, compromises, and software failures. Schedule a meeting or demo in advance.

RSAC 2026: The Resilient CISO, Wednesday, March 25, from 6 to 9 PM PDT
At the Marriott Marquis in San Francisco, join Absolute Security for The Resilient CISO. This limited-seating event will feature cybersecurity leaders and technology visionary Ray Kurzweil discussing the future of AI, security, and cyber resilience. The evening will also highlight recognition of the 2026 SC Award Resilient CISO honorees. Register to attend the event, and access free and discounted RSAC passes.

All findings, statistics, data, and information presented in this press release are cited and referenced in the report; percentages are rounded up to nearest whole numbers; some figures are approximations.

About Absolute Security
Absolute Security is partnered with more than 28 of the world’s leading endpoint device manufacturers, embedded in the firmware of 600 million devices, trusted by thousands of global enterprise customers, and licensed across 16 million PC users. With the Absolute Security Cyber Resilience Platform integrated into their digital enterprise, customers ensure their mobile and hybrid workforces connect securely and seamlessly from anywhere in the world and that business operations recover quickly following cyber disruptions and attacks. To learn more, visit www.absolute.com and follow us on LinkedIn, X, Facebook, and YouTube.

ABSOLUTE SECURITY, ABSOLUTE, the ABSOLUTE LOGO, AND NETMOTION are registered trademarks of Absolute Software Corporation ©2026, or its affiliates. All Rights Reserved. Other names or logos mentioned herein may be the trademarks of Absolute or their respective owners. The absence of the symbols ™ and ® in proximity to each trademark, or at all, herein is not a disclaimer of ownership of the related trademark.

View source version on businesswire.com: https://www.businesswire.com/news/home/20260322489682/en/