In 2025, 98% of organizations reported spending between $1 and $5 million to recover from cyber incidents, with the average recovery cost per incident being $2.5 million.

In 2025, 83% of CISOs reported that Cyber Resilience was more critical for their organization than traditional cybersecurity measures, compared to 90% in the previous year.

67% of CISOs stated they are the primary executive responsible for ensuring Cyber Resilience within their organization.

72% of CISOs agreed that their role has evolved to include leading their organization’s ability to recover continuity following a cyberattack or security incident.

96% of Chief Information Security Officers (CISOs) agree that the convergence of operational technology (OT) and information technology (IT) security is essential for protecting critical infrastructure from emerging threats.

40% of CISOs plan to invest in OT/IT security convergence over the next 12 months as part of their hybrid infrastructure strategies.

94% of CISOs agree that emerging threats are forcing them to rethink and reprioritize their cybersecurity and infrastructure strategy.

47% of CISOs report being completely confident that AI-powered security tools can effectively defend against autonomous, AI-driven cyberattacks.

97% of CISOs agree that hybrid infrastructure provides greater resilience and risk management capabilities than relying solely on cloud or on-premises environments.

88% of CISOs agree that the convergence of OT and IT security exposes new challenges that many organizations are not yet prepared to address.

CISOs who remained at their companies and took on expanded responsibilities saw an average compensation increase of 8.1% in 2025, compared to a 5% increase among those who switched jobs.

In 2025, overall CISO compensation increased by an average of 6.7% compared to the previous year.

In 2025, 71% of CISOs received executive perks, an increase from 40% to over 50% this year for D&O insurance.

15% of CISOs changed employers in 2025, an increase from 11% in 2024.

The top 1% of CISOs earn more than $3.2 million in total compensation, which is approximately 10 times the median and 20 times the bottom 10%.

70% of CISOs receive equity, which can represent up to half of total pay among top earners.

73% of U.S. CISOs reported facing a significant cyber incident in the past six months.

54% of CISOs lack standardized, business-relevant metrics.

56% of CISOs say their security tools don’t integrate fully.

65% of CISOs manage 20 or more security tools.