Splunk

43% of respondents face unrealistic expectations by leadership.

57% of respondents report losing valuable investigation time to data management gaps.

52% of respondents say their team is overworked.

59% of organizations have moderately or significantly boosted their efficiency with AI.

78% of respondents say sharing data with observability teams resolves incidents faster.

Over half (56%) of respondents have prioritized the application of AI to security workflows this year.

Nearly half (46%) of respondents spend more time maintaining tools than defending the organization.

31% of SOCs are using GenAI for Querying security data.

52% of respondents say stress on the job has prompted them to think about leaving cybersecurity altogether.

66% of organizations experienced a data breach in the past year, making it the most common security incident.

29% of SOCs are using GenAI for Writing/editing security policies.

78% of respondents say their security tools are dispersed and disconnected.

Only 11% of organizations fully trust AI for mission-critical tasks.

78% of respondents cited faster incident detection as a moderate to transformative benefit of a unified approach for threat detection and response.

66% of respondents noted quicker remediation as a moderate to transformative benefit of a unified approach for threat detection and response

59% of respondents report having too many alerts.

33% of SOCs are using GenAI for Threat intelligence analysis.

1 in 3 (33%) of respondents plan to fill skills gaps with AI and automation.

Compared to publicly available tools, 63% agree that domain-specific AI significantly or extremely enhances security operations.

59% of respondents say tool maintenance is the main source of inefficiency.

69% say disconnected and dispersed tools creates moderate to significant challenges.

55% of respondents report having to address too many false positives.

83% of security leaders participate in board meetings "somewhat often" or "most of the time".

51% of CISOs see upskilling or reskilling security employees as a priority, versus 27% of boards.

46% of CISOs said attaining security milestones was indicative of their success, compared to only 19% of board respondents.

36% of CISOs consider contributing to revenue growth initiatives a priority compared to 24% of board members.

18% of CISOs revealed they were unable to support a business initiative because of budget cuts in the last 12 months.

59% of CISOs said they would become a whistleblower if their organisation was ignoring compliance requirements.

79% of CISOs say KPIs for their security teams have changed substantially over recent years.

21% of CISOs revealed they had been pressured not to report a compliance issue.

Cost-saving measures reported by CISOs include reduced security solutions and tools (50%), security hiring freezes (40%), and decreased or eliminated security training (36%).

82% of security leaders report directly to the CEO in 2024, which is up from 47% in 2023.

64% of CISOs reveal that the current threat and regulatory environment make them concerned they’re not doing enough.

64% of CISOs said that lack of support led to a cyberattack.

CISOs with good board relationships are more likely to be given the ability to pursue use cases for generative AI, such as creating threat detection rules (43% versus 31% of other CISOs), analyzing data sources (45% versus 28% of other CISOs), incident response and forensic investigations (42% versus 29% of other CISOs), and proactive threat hunting (46% versus 28% of other CISOs).

57% of CISOs prioritize regulation and compliance knowledge, compared to 44% of board members.

29% of CISOs say they receive the proper budget for cybersecurity initiatives, compared to 41% of board members who think cybersecurity budgets are adequate.

More board members than CISOs want CISOs to develop certain skills: Business acumen: 55% of board members vs 40% of CISOs, emotional intelligence: 45% of board members vs 35% of CISOs, Communication: 52% of board members vs 47% of CISOs.

52% of CISOs consider innovating with emerging technologies a priority, compared to 33% of board members.

53% of CISOs say their responsibilities and job expectations have become more difficult since they took the job.

15% of CISOs ranked compliance status as a top performance metric, compared to 45% of boards.

18% of CISOs claimed they were unable to support a business initiative due to budget cuts in the past year, and 64% said that lack of support led to a cyberattack.

Only 29% of CISOs say their board includes at least one member with cybersecurity expertise.

When there is a CISO on the board, 80% of boards report excellent or very good working relationships with CISOs in setting and aligning on strategic cybersecurity goals, versus 27% when there isn't a CISO on the board.

For boards with a CISO member, 60% report excellent or very good working relationships when communicating progress against milestones, security goal achievement and plan of record, compared to 16% for boards without a CISO member.

More board members than CISOs want CISOs to develop certain skills: Business acumen: 55% of board members vs 40% of CISOs, emotional intelligence: 45% of board members vs 35% of CISOs, Communication: 52% of board members vs 47% of CISOs.

50% of boards with a CISO member report excellent or very good relationships when budgeting adequately to meet goals, compared to 24% for boards without a CISO member.

60% of board members acknowledge that board members with cybersecurity backgrounds more heavily influence security decisions.

Board members with a CISO background report stronger relationships with security teams and feel more confident about the organisation’s security posture.

37% of board members with a CISO background express concern that they are not doing enough to protect the organisation, compared to a survey average of 62%.