Two-thirds of CISOs report feeling burned out weekly or daily.

13% of CISOs oversee 50 or more security tools.

82% of CISOs say they are under pressure from executives or boards to reduce staff using AI.

39% of CISOs say they often feel blamed, even when incidents fall outside their direct control.

CISO confusion about cyber insurance policy coverage for supply-chain attacks decreased from 58% in 2024 to 43% in 2025.

40% of CISOs considered leaving their role altogether.

82% of CISOs feel confident quantifying risk.

57% of CISOs report that half or fewer of their security tools deliver measurable Return on Investment (ROI).

78% of CISOs lack a formal strategy for handling AI identities in a zero trust security architecture in 2025.

33% of CISOs rank external threats as their number-one stressor.

54% of CISOs lack standardized, business-relevant metrics.

73% of U.S. CISOs reported facing a significant cyber incident in the past six months.

65% of CISOs manage 20 or more security tools.

Overall concern among U.S. CISOs about a breach fell from 86% in 2024 to 62% in 2025.

Boards most often ask CISOs for the following metrics: risk-reduction trendlines (51%), quantified business impact (47%), and incident-response performance metrics (40%).

Nearly 20% of recent incidents reported by CISOs were already AI-related.

90% of CISOs say their role may be at risk to some degree if a breach were to occur.

87% of CISOs say pressure in their role has increased over the past year.

78% of U.S. CISOs expect AI to create a moderate or significant amount of new IT or security work for their teams due to AI-related security risks and vulnerabilities.

56% of CISOs say their security tools don’t integrate fully.