19% of Chief Information Security Officers (CISOs) expect a significant increase in new tasks for their IT or security teams due to security risks or vulnerabilities related to AI.

96% of CISOs believe that multi-factor authentication (MFA) cannot keep up with evolving threats.

78% of Chief Information Security Officers (CISOs) expect AI to create moderate or significant increases in security workloads as they address new vulnerabilities.

98% of CISOs expressed that multi-factor authentication (MFA) is not doing enough to protect employees.

92% of Chief Information Security Officers (CISOs) reported that their company has implemented, begun implementing, or plans to implement passwordless authentication in 2025, a significant increase from 70% in 2024.

38% of Chief Information Security Officers (CISOs) believe zero trust is the future of cybersecurity.

67% of organizations expect to complete their transition from Virtual Private Networks (VPNs) to zero trust access by 2026, reflecting a significant shift in security practices.

The number of completed rollouts of passwordless authentication initiatives doubled in 2025 compared to the previous year, highlighting a rapid increase in implementation.

52% of Chief Information Security Officers (CISOs) identified reduced risk of password reuse, phishing, and exploits as the top benefit of passwordless authentication in 2025.

In 2025, 98% of Chief Information Security Officers (CISOs) expressed doubt over the ability of multi-factor authentication (MFA) to adequately protect employees, showing a slight decrease from 99% in 2024.

22% of Chief Information Security Officers (CISOs) reported having a formal strategy for incorporating AI identities into their organization's zero-trust security architecture, while 78% did not have such a strategy.

59% of Chief Information Security Officers (CISOs) expect a moderate increase in new tasks for their IT or security teams due to security risks or vulnerabilities related to AI.

13% of Chief Information Security Officers (CISOs) believe that zero trust only works for certain organizations in 2025, down from 22% in 2024.

97% of Chief Information Security Officers (CISOs) view Network Access Control (NAC) as a critical component of any zero trust framework.

93% of Chief Information Security Officers (CISOs) reported that their perception of Network Access Control (NAC) has improved in the past year.

78% of Chief Information Security Officers (CISOs) anticipate higher security workloads due to vulnerabilities linked to AI models, data exposure, and agent behaviour.

In 2025, 83% of companies reported increasing their investment in Network Access Control (NAC), while only 2% indicated a decrease in investment.

87% of companies are increasing their Network Access Control (NAC) budgets in 2025, up from 83% in 2024.

CISOs reported a 17 percentage point increase in clarity regarding their cyberinsurance coverage for insider threats in 2025.

CISOs reported a 17 percentage point increase in clarity regarding their cyberinsurance coverage for insider threats in 2023.