Report finds progress in cybersecurity in private sector