Press Release

Deloitte Global’s Future of Cyber survey shows how organizations around the world are adapting to a shifting threat landscape by amplifying the CISO role and prioritizing cyber-savvy boards

Deloitte Global released the fourth edition of the Global Future of Cyber survey, which found that cybersecurity is increasingly becoming a cornerstone of many organizations’ growth strategies and business plans amidst today’s advanced and complex threat landscape. The findings from Deloitte Global’s largest cyber-related survey to date show how decision-makers are shifting their responses to cyber threats. Among other strategies, businesses are increasing the responsibility and strategic influence assigned to chief information security officers (CISOs), promoting further involvement from the board on cybersecurity-related matters, and turning to measures like artificial intelligence (AI).

In recent years, the ever-evolving tech environment has led Deloitte to identify organizations based on their level of cyber-maturity in the survey findings. Key indicators of a high-performing, cyber-mature organization include increased efforts of cyber planning, implementation of key cybersecurity activities, cyber engagement at the board level, and deployment of AI within their cyber programs. This year’s survey reinforces the urgency of securing cyber systems, as 25% of respondents from cyber-mature businesses reported 11 or more cybersecurity incidents in the past year, a 7% increase of incidents since the 2023 survey.

Deepa Seshadri, Partner, Leader – Cyber, Deloitte India says that “As India rapidly embraces digitalisation, cyber threats have become more sophisticated, targeting diverse sectors from financial services to manufacturing. Indian organisations must go beyond compliance and adopt a more proactive approach to cybersecurity, integrating it as a foundation for innovation and resilience. The rise of AI-driven threats, combined with the unique complexities of India’s regulatory landscape, demands that businesses focus on building cyber capabilities that not only protect but also enable long-term growth. Plant security, OT security and convergence of IT and OT are some of the important aspect that CISOs are considering in India. We are seeing Indian CISOs play a pivotal role in leading these initiatives, helping organisations secure their digital futures.”

 

Stemming from the climbing number of cyberattacks, the report underlines the growing responsibilities CISOs are having as important allies to their CEOs and boards, particularly as their influence expands across an increasingly tech-savvy C-suite. One aspect in making the role exceedingly important has been the growing wave of AI-generated threats, which can target enterprises to exploit vulnerabilities by impersonating trusted sources. While the CISO’s expertise gains value, organizations are turning simultaneously to AI-enabled tools to strengthen cybersecurity and combat risks. Each of this suggests an increasingly integrated cyber function across business and technology:

  • Around one-third of respondents report a significant increase in CISO involvement during strategic conversations about tech-related capabilities in the past year.
  • Over the last decade CISOs have traditionally reported to the chief information officer (CIO), however they are increasingly gaining the ear and trust of CEOs, as 20% of decision-makers revealed their CISOs now report directly to their CEO.
  • Cyber is playing a large role in securing an organization’s investment in tech capabilities, particularly when it comes to priority areas such as cloud (48%), Generative AI (41%), and data analytics (41%).
  • On average 39% of respondents are using AI capabilities in their cybersecurity programs to a large extent.

“The rise of AI and other evolving technologies has significantly transformed the threat landscape. As threats become more sophisticated and impactful to core business, CISOs are increasingly required to adopt a more strategic role driving cross business risk prioritization and mitigation,” says Emily Mossburg, Deloitte Global Cyber Leader. “The close relationship between CISOs and CEOs is a testament to the role security plays in a business’s long-term success. Today, CISOs are not only protectors against outside threats, but key players helping their organization find success by integrating cyber considerations in the strategic decision-making process.”

 

Organizations continue to embrace cyber as an essential component of their enterprise tech stack, budgeting strategies, and future business plans. They also increasingly rely on technology-driven programs to fuel growth and innovation. As business leaders realize the potential of cyber, the report finds:

  • The top three expected outcomes from cybersecurity initiatives are protecting intellectual property (46%), improving threat detection and response (44%), and increasing efficiency and agility (44%).
  • Overall, 83% of respondents agree or completely agree that measures like qualitative risk assessments and benchmarking are an integral part of their overall cybersecurity strategy.
  • 58% of respondents also expect to begin integrating cybersecurity spending with budgets for other programs, such as digital transformation initiatives, IT programs, and cloud investments.

“This year’s report highlights how the connection between cybersecurity and business outcomes continues to grow stronger, enabling cyber to have greater impacts in achieving organizational objectives” adds Mossburg. ” The increased reliance organizations have on their technology-driven programs is evolving the CISO roles and their cyber initiatives into essential components in driving business growth in a tech-powered future.”

The Future of Cyber findings exhibit how cybersecurity is integral to building trust in a tech-powered future and point to why organizations should continually invest in areas throughout their business to increase cyber efficiency and overall growth. Specifically, organizations should focus on hiring and developing cyber talent, executing thorough digital planning, and collaborating with extended ecosystems, all while incorporating cyber into strategic business initiatives. For more information, please visit Global Future of Cyber Survey, 4th Edition.

Methodology

Deloitte Global designed its fourth edition of the Global Future of Cyber Survey based on the complexity of today’s business and technology landscape, focusing on the needs of enterprise leaders who may recognize the importance of cyber yet struggle to harness its value. Deloitte Global based its report on a survey of nearly 1,200 cyber decision-makers at the director level or higher (C-suite executives and C-suite direct reports), across 43 countries and 6 industries limited to organizations with at least 1,000 employees and US$500 million in annual revenue.