A new study suggests that most security professionals are as confident as ever in their ability to protect their organizations even as breaches continue to proliferate, with the Breach Level Index recording more than 180 million incidents in the last quarter alone.

ThreatTrack Security Inc. surveyed 250 practitioners at organizations with more than 2,000 employees in various segments and found that 94 percent are optimistic that their defenses will hold up in the next year and 81 percent said they’d personally guarantee that their customers’ data will be safe in 2015. The sentiment is most pronounced in the healthcare, financial services and retail sectors, which have been the target of historic data heists in the last 12 months that saw hackers steal credit card numbers and other personally identifiable information belonging to hundreds of millions of consumers.

The report indicates that the confidence of security professionals stems at least in part from the perception that progress is being made. Seventy percent of respondents indicated that their organizations are actively investing in trying to prevent data breaches. Most of the spending on new threat detection technology, campaigns to phase out vulnerable end-points and policy improvement initiatives.

Yet while the overwhelming majority of practitioners apparently see reason to be optimistic about the future of cybersecurity, fewer would stake their jobs on it, especially in the most heavily targeted segments. Barely two thirds of respondents hailing from the financial sector told ThreatTrack that they would personally guarantee customer data will not fall into the wrongs hands, a figure that rose to 73 percent in the healthcare industry. And organizations with more than 10,000 employees are more cautious about making such promises than their smaller peers.

That casts a shadow on the otherwise rosy picture that practitioners paint, although it also suggests that security professionals have become more aware of the threats facing their organization. ThreatTrack said organizations with a chief information security officer (CISO) were making the greatest progress. Nearly all respondents said they believe senior management listens to the recommendations of the CISO and accordingly, 96 percent of the participants whose companies have such a position expressed confidence in their ability to fend off hackers will improve next year.

Specifically, the firm found that companies where the CISO position exists are twice as likely to invest a “significant amount of time integrating new cyber defenses” than those that don’t and as a result foresee spending considerably fewer resources cleaning infected end-points of malware.

The report makes clear that CISO position is gaining traction and authority. But it’s also evident that many more companies will fall victim to lackluster defenses before they fully understand the scope of the threats they face.