2025 State of Data Security Report: Top Priorities, Challenges and Concerns for Today's CISOs.

80% of survey respondents cited fostering a strong security culture within their organization as their top challenge that could prevent their security program from being successful in 2025.

In the UK, security risks associated with third-party suppliers have surged by "more than ten percentage points" as a top concern, largely driven by the integration of third-party AI solutions

44% of security leaders surveyed plan to prioritize security infrastructure oversight and implementation, much of which now focuses on securing AI systems and preventing data leakage.

Security operations, which was the top security priority last year, has fallen to third place. Security awareness training is now the second priority.

"More than half" of the organizations surveyed confirmed they regularly experienced malware and phishing incidents.

68% of organizations surveyed have experienced data leakage incidents specifically related to employees sharing sensitive information with AI tools.

Only 23% of organizations surveyed have implemented comprehensive AI security policies.

Despite regularly experiencing malware and phishing incidents, 90% of respondents expressed confidence in their organizations' security measures.

91% of respondents believed their employee training initiatives were successful.

"More than half" of the organizations surveyed confirmed they regularly experienced malware and phishing incidents.