Proofpoint Report Highlights AI Risks, CISO Burnout & Cybersecurity Gaps

76% of CISOs anticipate a fabric cyberattack within the subsequent yr, with human threat and GenAI-driven information loss topping their considerations

Proofpoint, Inc., a number one cybersecurity and compliance firm, at this time launched its fifth annual Voice of the CISO report, exploring key challenges, expectations and priorities of chief data safety officers (CISOs) worldwide. The 2025 report, which surveyed 1,600 international CISOs throughout 16 international locations, spotlights two essential traits: the surge in cyberattacks is fueling heightened anxiousness amongst CISOs—together with a rising willingness to pay ransoms when incidents happen—and the fast rise of GenAI is forcing safety leaders to stability innovation with threat, regardless of mounting considerations round information publicity and misuse.

As cyber threats develop into extra frequent and multifaceted, CISOs are more and more involved about their group’s capacity to face up to a fabric assault. 76% of CISOs really feel liable to experiencing a fabric cyberattack within the subsequent 12 months, but 58% say they’re unprepared to reply. Two-thirds of CISOs skilled materials information loss up to now yr, with insider-driven incidents topping the record of causes. With 92% attributing not less than some information loss to departing staff based on survey information, human conduct stays a essential vulnerability. Reflecting the strain, 66% of CISOs say they’d think about paying a ransom to stop information leaks or restore programs, primarily based on survey responses.

AI has rapidly emerged as each a high precedence and a high concern for CISOs: 64% of world CISOs say enabling GenAI device use is a strategic precedence over the subsequent two years, whilst safety worries persist. Within the U.S., 80% of CISOs specific concern over potential buyer information loss by way of public GenAI platforms. As adoption accelerates, organizations are shifting from restriction to governance, with 67% implementing utilization pointers and 68% exploring AI-powered defenses—although enthusiasm has dipped from final yr’s excessive of 87%.

“This yr’s findings reveal a rising disconnect between confidence and functionality amongst CISOs,” stated Patrick Joyce, international resident CISO at Proofpoint. “Whereas many safety leaders specific optimism about their group’s cyberposture, the fact tells a special story—rising information loss, readiness gaps, and protracted human threat proceed to undermine resilience. As GenAI adoption accelerates each alternative and risk, CISOs are being requested to do extra with much less, navigate unprecedented complexity, and nonetheless safeguard what issues most. It’s clear that the function of the CISO has by no means been extra pivotal—or extra pressured.”

Key international findings from Proofpoint’s 2025 Voice of the CISO report embody:

• Confidence vs. Actuality: CISOs Brace for Assaults Amid Rising Knowledge Loss and Readiness Gaps. In 2025, 76% of CISOs surveyed really feel liable to experiencing a fabric cyberattack within the subsequent 12 months, up from 70% final yr. But 58% admit their group is unprepared to reply. Two-thirds skilled a fabric information loss up to now yr (up from 46% in 2024) regardless of the vast majority of CISOs expressing confidence of their cybersecurity tradition.
• Assaults from All Angles, Similar Consequence. CISOs face an more and more fragmented risk panorama with no single dominant threat—e mail fraud, insider threats, ransomware, and cloud account takeover are all high considerations. Regardless of the various techniques, most assaults result in the identical consequence: information loss. Reflecting the excessive stakes, 66% of CISOs say they’d think about paying a ransom to revive programs or stop information leaks—rising to 84% in Canada and Mexico.
• Knowledge Doesn’t Stroll Itself Out the Door. 92% of CISOs who skilled information loss say departing staff performed a job—up from 73% final yr. Regardless of near-universal adoption of Knowledge Loss Prevention (DLP) instruments, one-third say their information stays inadequately protected. As GenAI accelerates, 67% now rank data safety and governance as a high precedence, prompting a shift to dynamic, context-aware safety.
• The Folks Drawback Persists. Human error stays the highest cybersecurity vulnerability in 2025, with 66% of CISOs citing folks as their biggest threat, regardless of 68% believing staff perceive cybersecurity greatest practices. This disconnect highlights a essential hole: consciousness alone is just not sufficient. Practically a 3rd of organizations nonetheless lack devoted insider threat sources to assist bridge the hole between information and conduct.
• Pal or Foe? AI’s Double-Edged Sword. The fast rise of GenAI is amplifying considerations round human threat. Three in 5 CISOs fear about buyer information loss by way of public GenAI instruments, with collaboration platforms and GenAI chatbots seen as high safety threats. Regardless of this, 64% say enabling secure GenAI use is a high precedence—highlighting a shift from restriction to governance. Most are responding with guardrails: 67% have applied utilization pointers, and 68% are exploring AI-powered defenses, although enthusiasm has cooled from 87% final yr. Greater than half (59%) prohibit worker use of GenAI instruments altogether.
• Boardroom Alignment Slips as CISO Stress Mounts. Boardroom alignment with CISOs has declined from a excessive of 84% in 2024 to 64% this yr. Nonetheless, enterprise valuation has emerged as boards’ high concern following a cyberattack—up from the underside of the record final yr—signaling that cyber threat is gaining traction as a strategic precedence.
• Totally different 12 months, Similar Pressures. CISOs proceed to face mounting strain within the face of rising threats and restricted sources: 66% report dealing with extreme expectations, and 63% say they’ve skilled or witnessed burnout throughout the previous yr. Whereas 65% now say their organizations have taken steps to guard them from private legal responsibility, one-third nonetheless really feel they lack the sources to fulfill their cybersecurity objectives.

“Synthetic intelligence has moved from idea to core, remodeling how each defenders and adversaries function,” commented Ryan Kalember, chief technique officer at Proofpoint. “CISOs now face a twin duty: harnessing AI to strengthen their safety posture whereas making certain its moral and accountable use. This balancing act locations them on the heart of strategic decision-making. However AI is only one of many forces reshaping the CISO function. As threats intensify and environments develop extra advanced, organizations are reevaluating what cybersecurity management actually seems like in at this time’s enterprise.”

The put up Proofpoint Report Highlights AI Risks, CISO Burnout & Cybersecurity Gaps first appeared on AI-Tech Park.