Key Findings
57% of CISOs are more likely than the rest of the C-suite (47%) to say their organisation has experienced a cybersecurity incident due to cybercriminals in the past three years.
84% of C-suite leaders report that their organisation experienced a cybersecurity incident in the past three years.
75% of CISOs say their organisation experienced a decrease in cybersecurity incidents following increased investment in AI, compared to the rest of the C-suite (68%).
21% of C-suite leaders say their organisation currently invests more than 10% of their IT budget in cybersecurity. This number is expected to roughly double to 38% next year
Two-thirds (66%) of CISOs say they are worried that the cybersecurity threats their organisation is facing are more advanced than their defences, which is significantly more than their C-suite counterparts (56%).
47% of CISOs say their organisation has experienced a cybersecurity incident due to inside threats in the past three years, compared to the rest of the C-suite (31%).
Russell 3000 companies experiencing a cyber incident typically see their stock price decrease by 1.5% over the following 90 days.
68% of CISOs are more likely than the rest of the C-suite (57%) to express concern about senior leaders at their organisation underestimating the dangers of cybersecurity threats.
The rest of the C-suite (77%) is more likely than CISOs (69%) to attribute success in decreased cybersecurity incidents to increased investments in employee cybersecurity training.