Among the RSACTM Community, it is well understood that cross-sector collaboration is critical for building a robust cybersecurity strategy. In fact, a recent study conducted by RSAC and MeriTalk revealed that deep collaboration and structured coordination are the pillars of resilience in high-performing organizations. The MeriTalk and RSAC 2025 Collective Cyber Resilience Index report offers a glimpse into how far organizations have come with their cybersecurity readiness.
To gauge the efficacy of collaboration and intelligence sharing’s impact on both private and public organizations, we surveyed cybersecurity decision-makers from 100 US federal and 100 US private sector companies. Interestingly, the survey results demonstrate that overall, these organizations scored an average of 6.7 out of 10, reflecting only moderate resilience. Survey results suggest there is a gap between theory and practice with 85% of participants recognizing the potential of collaboration yet only 35% expressing that their current strategy is highly effective. More than half of respondents (53%) reported engaging in government-led information sharing, but fewer than a third (31%) of organizations said they participate in joint threat-hunting initiatives.
Shifting Perspectives on Cyber Resilience
Though there is a gap, organizations are taking steps toward building stronger partnerships. The vast majority (79%) of respondents report an increase in their collaboration with external partners over the past three years, indicating that many are moving toward building more effective strategies. AI and automation for incident response, supply chain and third-party risk monitoring, and shared cloud security and interoperability standards are among the primary drivers for those who are working toward collective cyber resilience. Respondents also identified Zero Trust implementation and cross-organizational workforce engagement as critical components of highly effective resilience strategies.
Intelligence Sharing on the Rise
Increasingly, cybersecurity decision-makers are setting aside any reservations they might have had about intelligence sharing, particularly with regard to government-led information sharing programs with 85% of respondents saying the benefits outweigh the risks. The vast majority of survey participants (93%) said they have formal communication protocols for coordinating incident response, and 80% reported they are conducting joint incident response simulations at least annually. Of those, 49% are engaging in these simulations at least quarterly. What’s also interesting is that 68% of respondents said they were significantly more reliant upon intelligence from external partners than they were three years ago, and that same number of respondents share cyberthreat intelligence with external partners at least monthly.
Advantages Outweigh Risks
The report suggests that private-public partnerships are a pathway to collective cyber resilience as these relationships allow for an enhanced security posture, access to better threat intelligence, improved incident response times, and greater protection of critical infrastructure. Even though these benefits don’t negate data privacy concerns, technical integration difficulties, or legal regulatory constraints, 85% of those surveyed said the advantages of sharing cyber threat intelligence outweigh the risks.
A Proactive Approach to Cybersecurity
Among those decision-makers who rated the resilience efforts of their organizations as excellent, 40% report sharing threat intelligence daily. Additionally, 77% said they have formal communication protocols with all key partners and 64% have fully implemented Zero Trust across all systems. To learn more about cyber resilience leaders and what sets organizations apart from others, read the full report, The 2025 Collective Cyber Resilience Index.