Two-thirds of organizations lack understanding of their own cyber risk, while three quarters plan to prioritize proactive risk reduction strategies, according to a new Critical Start report.The top 250 MSSP and managed detection and response (MDR) provider’s inaugural Cyber Risk Landscape Peer Report shows that businesses are struggling to understand their cyber risks. The report also examines the amount of risk organizations are willing to accept, resource constraints, and key priorities for approaching cyber risk in the future.Despite being armed with traditional threat-based security mechanics, roughly two in three organizations in the study were struck by a cyber breach in the last two years that required intervention. In addition, six in 10 security executives expressed concerns over the current misalignment between cybersecurity investments and their organization's risk reduction priorities.83% of organizations agree that a comprehensive, cyber risk reduction strategy will yield a reduction in the likelihood of a significant cyber incident occurring. 93% of organizations plan to offload specific segments of cyber risk reduction work streams or projects to security service providers within the next two years. 93% of organizations expressed the belief that a holistic, evidenced based approach to cyber risk management will yield a reduction in the likelihood of a significant cyber incident occurring. This includes integrating risk assessment, protection, detection, response, and recovery into a cohesive strategy.