- Report find that CISOs have less confidence that their staff protects their companies
- Almost double experienced a loss of material data this year
- Many are concerned about the risks of AI, some are ready to use it for their benefits.
Just more than half (57%) of the main information security officials (ities) believe that the staff understands their role in the protection of the company, has affirmed a new proofpoint research.
The figure has decreased from 84% in 2024, and comes along with a finding that despite its best efforts and investments in preventive measures, human error remains the main vulnerability, cited by around three out of five Ciso.
This comes like three out of four (74%) CISO of the United Kingdom experienced material data loss in the last year, almost double 39% in 2024.
The United Kingdom’s Ciso are worried that workers risk their companies
ProofPoint’s investigation added 86% of the instances of material loss of material data involved employees who come out, but despite awareness programs, 30% of organizations still lack internal risk resources.
Looking to the future, almost two thirds (63%) expect a material cyber attack in the next 12 months, and yet, almost so many (61%) admit that their organization is not prepared to respond with 57%prepared to pay a ransom to quickly restore systems or avoid data leaks.
Leaving cybercriminals aside (such as AI tools have lowered the entrance barrier while simultaneously increasing attack sophistication), the Ciso are also concerned about the use of AI within their companies. Two out of three (66%) restrict the use of Genai of employees completely, with only 60% with guenai use guidelines.
“As Genai’s adoption accelerates both the opportunity and the threat, we are asked to do more with less, navigate the unprecedented complexity and still safeguard what matters most,” said Proofpoint Global resident, Patrick Joyce.
Even so, more than half (55%) are exploring the improved defenses by AI in the future, with 72% prioritizing Genai’s safe use in the next two years.
“The Ciso now face a double responsibility: take advantage of AI to strengthen their security position while guaranteeing its ethical and responsible use,” added ProofPoint strategy director Ryan Kalember.
However, all this has resulted in greater pressure on the CISO: 67% reports excessive expectations (compared to 62% last year), and 58% have experienced or witnessed exhaustion in the last year.
Kalember said that the CISO have now become central for the decision -making of the company, however, ProofPoint’s investigation revealed the alignment of the joint room with CISO of the United Kingdom has decreased from 84% to 2024 to 57% in 2025, which suggests that they do not receive the support they need.
Looking towards the future, companies can make subtle changes to close the internal risk gap and improve the protection of data loss, while establishing the clarity of Ciso in the AI era.
