Deloitte’s Survey Shows Organizations Are Enhancing the CISO Role and Focusing on Cyber-Savvy Boards to Tackle Growing Security Threats.

• High- cyber-maturity organizations expect to achieve their business outcomes by 27% more on average than global respondents overall.

• The threat landscape is evolving as reported threats related to data-loss- impacted 28% of organizations in 2024, up by 14% vs. last year.

• 57% of respondents anticipate increasing their budget for cybersecurity over the next 12 to 24 months.

Today, Deloitte Global released the fourth edition of the Global Future of Cyber Survey report, which found that cybersecurity is increasingly becoming a cornerstone of many organizations’ growth strategies and business plans amidst today’s advanced and complex threat landscape. The findings from Deloitte Global’s largest cyber-related survey to date show how decision-makers are shifting their responses to cyber threats. Among other strategies, businesses are increasing the responsibility and strategic influence assigned to chief information security officers (CISOs), promoting further involvement from the board on cybersecurity-related matters, and turning to measures like artificial intelligence (AI).

Also Read: TrustCloud Unveils Quantum Vault in DocuSign’s App Center: The Future of Post-Quantum Encryption Preservation

In recent years, the ever-evolving tech environment has led Deloitte to identify organizations based on their level of cyber-maturity in the survey findings. Key indicators of a high-performing, cyber-mature organization include increased efforts of cyber planning, implementation of key cybersecurity activities, cyber engagement at the board level, and deployment of AI within their cyber programs. This year’s survey reinforces the urgency of securing cyber systems, as 25% of respondents from cyber-mature businesses reported 11 or more cybersecurity incidents in the past year, a 7% increase of incidents since the 2023 survey.

Stemming from the climbing number of cyberattacks, the report underlines the growing responsibilities CISOs are having as important allies to their CEOs and boards, particularly as their influence expands across an increasingly tech-savvy C-suite. One aspect in making the role exceedingly important has been the growing wave of AI-generated threats, which can target enterprises to exploit vulnerabilities by impersonating trusted sources. While the CISO’s expertise gains value, organizations are turning simultaneously to AI-enabled tools to strengthen cybersecurity and combat risks. Each of this suggests an increasingly integrated cyber function across business and technology:

• Around one-third of respondents report a significant increase in CISO involvement during strategic conversations about tech-related capabilities in the past year.
• Over the last decade CISOs have traditionally reported to the chief information officer (CIO), however they are increasingly gaining the ear and trust of CEOs, as 20% of decision-makers revealed their CISOs now report directly to their CEO.
• Cyber is playing a large role in securing an organization’s investment in tech capabilities, particularly when it comes to priority areas such as cloud (48%), Generative AI (41%), and data analytics (41%).
• On average 39% of respondents are using AI capabilities in their cybersecurity programs to a large extent

“The rise of AI and other evolving technologies has significantly transformed the threat landscape. As threats become more sophisticated and impactful to core business, CISOs are increasingly required to adopt a more strategic role driving cross business risk prioritization and mitigation,” says Emily Mossburg, Deloitte Global Cyber Leader. “The close relationship between CISOs and CEOs is a testament to the role security plays in a business’s long-term success. Today, CISOs are not only protectors against outside threats, but key players helping their organization find success by integrating cyber considerations in the strategic decision-making process.”

Also Read: Addressing the Short and Long Term Challenges of Today’s Modern Data Landscape

Organizations continue to embrace cyber as an essential component of their enterprise tech stack, budgeting strategies, and future business plans. They also increasingly rely on technology-driven programs to fuel growth and innovation. As business leaders realize the potential of cyber, the report finds:

• The top three expected outcomes from cybersecurity initiatives are protecting intellectual property (46%), improving threat detection and response (44%), and increasing efficiency and agility (44%).
• Overall, 83% of respondents agree or completely agree that measures like qualitative risk assessments and benchmarking are an integral part of their overall cybersecurity strategy.
• 58% of respondents also expect to begin integrating cybersecurity spending with budgets for other programs, such as digital transformation initiatives, IT programs, and cloud investments.

“This year’s report highlights how the connection between cybersecurity and business outcomes continues to grow stronger, enabling cyber to have greater impacts in achieving organizational objectives” adds Mossburg. “The increased reliance organizations have on their technology-driven programs is evolving the CISO roles and their cyber initiatives into essential components in driving business growth in a tech-powered future.”

The Future of Cyber findings exhibit how cybersecurity is integral to building trust in a tech-powered future and point to why organizations should continually invest in areas throughout their business to increase cyber efficiency and overall growth. Specifically, organizations should focus on hiring and developing cyber talent, executing thorough digital planning, and collaborating with extended ecosystems, all while incorporating cyber into strategic business initiatives. For more information, please visit Global Future of Cyber Survey, 4th Edition.

Methodology

Deloitte Global designed its fourth edition of the Global Future of Cyber Survey based on the complexity of today’s business and technology landscape, focusing on the needs of enterprise leaders who may recognize the importance of cyber yet struggle to harness its value. Deloitte Global based its report on a survey of nearly 1,200 cyber decision-makers at the director level or higher (C-suite executives and C-suite direct reports), across 43 countries and 6 industries limited to organizations with at least 1,000 employees and US$500 million in annual revenue.

[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]