With geopolitical tensions rising and AI technology rapidly transforming the landscape, 2024 has brought both new opportunities and unprecedented challenges for security leaders.
At Team8’s 2024 CISO Village Summit, over 100 top cybersecurity leaders gathered to discuss their most pressing concerns. During the event, we presented them with a survey, the results of which we bring here, capturing the heartbeat of today’s cybersecurity leaders.
Budget Increases and the Drive for Resilience
In correlation to the expanding threat landscape and increased legal pressure, security budgets are growing this year – even more than in 2023. In fact, over 70% of surveyed CISOs reported increases in their cybersecurity budgets (compared to 53% in 2023’s survey). Industries such as financial services, technology, and manufacturing are leading the charge, with significant investments being made to protect their operations.
While most CISOs have reported a budget increase, they have also shared that they are under pressure to demonstrate the value of these investments to their boards. They are expected to ensure that each dollar spent strengthens their defenses against sophisticated threats, from AI-driven phishing attacks to nation-state actors.
AI: A Double-Edged Sword
The rapid AI transformation is making waves in the cybersecurity world – posing significant opportunities and threats. As with each new technology, but at a much faster pace, an arms race is underway between defenders and attackers.
Nearly 70% of CISOs see AI as a potential threat, especially with the rise of deep fakes and AI-generated phishing attacks. Yet, at the same time, 85% of them also view AI as a powerful tool for defending their organizations. By integrating AI into their security frameworks, companies are automating detection, improving response times, and making strides in staying ahead of cybercriminals.
A parallel effort which is no less important is protecting AI Systems. Some of the new priorities flagged by CISOs in this arena are vulnerability management, data privacy in third-party AI apps, and managing “shadow AI” (unauthorized AI applications). As AI adoption rises, CISOs are highlighting the imminent need to develop expertise and guardrails to mitigate these risks while ensuring usability and innovation.
Data Security and Third-Party Risk: Ever-Present Challenges
The survey reveals that Data Security climbed up to be the number one pain point for security leaders in 2024. With the proliferation of cloud services and remote work, protecting sensitive data has become increasingly difficult. Add in the complexities of AI, and it’s no surprise that organizations are scrambling for better data loss prevention (DLP) solutions.
Another growing concern is Third-Party Risk Management (TPRM). Nearly half of CISOs cited TPRM as a major challenge, emphasizing the need for trusted vendor relationships and more effective monitoring tools. As businesses grow more interconnected, vulnerabilities in one vendor’s system can expose the entire network, underscoring the need for stronger and more automated risk management processes.
Compliance, Liability, and CISO Wellbeing
As cybersecurity legal risks have increased, so has the personal liability of the CISO. Recent litigation processes against CISOs, as well as the evolving regulatory landscape, including new rules like the FTC Standards for Safeguarding Customer Information and the EU AI Act, are forcing CISOs to spend more time ensuring compliance, which adds another layer of complexity to an already demanding role.
This added burden is causing heightened stress, with 54% of surveyed CISOs reporting that concerns over liability are impacting their personal wellbeing. Yet, despite the pressure, many CISOs have yet to take proactive steps to protect themselves legally—an area that we expect to see more focus on in the coming years.
Looking Ahead
As we approach 2025, insights from this survey may serve as a guide for security professionals, helping them prioritize key areas of focus and stay ahead of emerging threats. By fostering innovation, collaboration, and resilience, today’s CISOs are not just defending their organizations—they are shaping the future of cybersecurity. To support the Team8 CISO Village in addressing these critical focus areas, Team8 will continue hosting a series of expert-led webinars and huddles. These sessions will feature industry leaders sharing best practices and actionable insights on the most pressing challenges in cybersecurity, ensuring CISOs stay ahead of the curve in this rapidly evolving landscape. To become a Team8 villager – please apply here.
