Report by Proofpoint

2025 Voice of the CISO

22 FINDINGSPublished Aug 26, 2025
View Original Report →

Key Findings

In the U.S., 80% of CISOs express concern over potential customer data loss via public GenAI platforms.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOsGen AIData lossUS

Despite this, 68% of CISOs believe employees understand cybersecurity best practices.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOsEmployees

Despite near-universal adoption of Data Loss Prevention (DLP) tools, one-third say their data remains inadequately protected.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOsData lossDLPData protection

67% of organisations now rank information protection and governance as a top priority.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOsInformation protectionGovernance

Human error remains the top cybersecurity vulnerability in 2025, with 66% of CISOs citing people as their greatest risk.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOsHuman errorInsider threat

64% of global CISOs say enabling GenAI tool use is a strategic priority over the next two years.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOsGen AI

67% of organisations are implementing usage guidelines for GenAI.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOsGen AIPolicy

Enthusiasm for AI-powered defenses has dipped from last year’s high of 87%.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOsAI

76% of CISOs feel at risk of experiencing a material cyberattack in the next 12 months. This is up from 70% last year.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOsCyber attack

While 65% of CISOs now say their organizations have taken steps to protect them from personal liability, one-third still feel they lack the resources to meet their cybersecurity goals.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOsResources

More than half (59%) of organisations restrict employee use of GenAI tools altogether.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOsGen AI

63% of CISOs say they have experienced or witnessed burnout within the past year.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOs

Nearly a third of organisations still lack dedicated insider risk resources.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOsInsider riskInsider threat

Two-thirds of CISOs (which is 66%) experienced material data loss in the past year. This is up from 46% in 2024.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOsData loss

68% of organisations are exploring AI-powered defenses.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOsAI

66% of CISOs say they would consider paying a ransom to prevent data leaks or restore systems. This figure rises to 84% in Canada and Mexico.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOsRansomData leakCanadaMexico

66% of CISOs report facing excessive expectations.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOs

Boardroom alignment with CISOs has declined from a high of 84% in 2024 to 64% this year.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOsBoard

Three in five CISOs (60%) worry about customer data loss via public GenAI tools.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOsGen AIData loss

58% of CISOs say they are unprepared to respond to a material cyberattack in the next 12 months.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOsCyber attackPreparadnessResilience

92% of organisations attribute at least some data loss to departing employees. This is up from 73% last year.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOsData lossCyber riskInsider threat

58% of CISOs say they are unprepared to respond to a material cyberattack in the next 12 months.

Proofpoint2025 Voice of the CISO·Aug 26, 2025
CISOsCyber attackPreparadnessResilience