67% of organisations now rank information protection and governance as a top priority.

In the U.S., 80% of CISOs express concern over potential customer data loss via public GenAI platforms.

Human error remains the top cybersecurity vulnerability in 2025, with 66% of CISOs citing people as their greatest risk.

Despite this, 68% of CISOs believe employees understand cybersecurity best practices.

76% of CISOs feel at risk of experiencing a material cyberattack in the next 12 months. This is up from 70% last year.

64% of global CISOs say enabling GenAI tool use is a strategic priority over the next two years.

67% of organisations are implementing usage guidelines for GenAI.

Enthusiasm for AI-powered defenses has dipped from last year’s high of 87%.

Despite near-universal adoption of Data Loss Prevention (DLP) tools, one-third say their data remains inadequately protected.

More than half (59%) of organisations restrict employee use of GenAI tools altogether.

While 65% of CISOs now say their organizations have taken steps to protect them from personal liability, one-third still feel they lack the resources to meet their cybersecurity goals.

63% of CISOs say they have experienced or witnessed burnout within the past year.

Nearly a third of organisations still lack dedicated insider risk resources.

Two-thirds of CISOs (which is 66%) experienced material data loss in the past year. This is up from 46% in 2024.

68% of organisations are exploring AI-powered defenses.

66% of CISOs say they would consider paying a ransom to prevent data leaks or restore systems. This figure rises to 84% in Canada and Mexico.

66% of CISOs report facing excessive expectations.

Boardroom alignment with CISOs has declined from a high of 84% in 2024 to 64% this year.

Three in five CISOs (60%) worry about customer data loss via public GenAI tools.

58% of CISOs say they are unprepared to respond to a material cyberattack in the next 12 months.