In 2025, 83% of CISOs reported that Cyber Resilience was more critical for their organization than traditional cybersecurity measures, compared to 90% in the previous year.

In 2025, 98% of organizations reported spending between $1 and $5 million to recover from cyber incidents, with the average recovery cost per incident being $2.5 million.

67% of CISOs stated they are the primary executive responsible for ensuring Cyber Resilience within their organization.

72% of CISOs agreed that their role has evolved to include leading their organization’s ability to recover continuity following a cyberattack or security incident.

47% of CISOs report being completely confident that AI-powered security tools can effectively defend against autonomous, AI-driven cyberattacks.

88% of CISOs agree that the convergence of OT and IT security exposes new challenges that many organizations are not yet prepared to address.

97% of CISOs agree that hybrid infrastructure provides greater resilience and risk management capabilities than relying solely on cloud or on-premises environments.

40% of CISOs plan to invest in OT/IT security convergence over the next 12 months as part of their hybrid infrastructure strategies.

96% of Chief Information Security Officers (CISOs) agree that the convergence of operational technology (OT) and information technology (IT) security is essential for protecting critical infrastructure from emerging threats.

94% of CISOs agree that emerging threats are forcing them to rethink and reprioritize their cybersecurity and infrastructure strategy.

70% of CISOs receive equity, which can represent up to half of total pay among top earners.

In 2025, 71% of CISOs received executive perks, an increase from 40% to over 50% this year for D&O insurance.

In 2025, overall CISO compensation increased by an average of 6.7% compared to the previous year.

The top 1% of CISOs earn more than $3.2 million in total compensation, which is approximately 10 times the median and 20 times the bottom 10%.

CISOs who remained at their companies and took on expanded responsibilities saw an average compensation increase of 8.1% in 2025, compared to a 5% increase among those who switched jobs.

15% of CISOs changed employers in 2025, an increase from 11% in 2024.

The percentage of U.S. Chief Information Security Officers (CISOs) who are very or extremely concerned about losing their job after a major breach decreased from 77% in 2024 to 55% in 2025.

59% of CISOs cite agentic AI as their leading near-term threat.

17% of CISOs say they always feel personally blamed for security incidents, regardless of the root cause.

58% of CISOs say incidents occurred even though their security tools were in place.