Deloitte Global has released the fourth edition of the Global Future of Cyber survey, which found that cybersecurity is increasingly becoming a cornerstone of many organisations’ growth strategies and business plans amidst today’s advanced and complex threat landscape. The findings from Deloitte Global’s largest cyber-related survey to date show how decision-makers are shifting their responses to cyber threats. Among other strategies, businesses are increasing the responsibility and strategic influence assigned to chief information security officers (CISOs), promoting further involvement from the board on cybersecurity-related matters, and turning to measures like artificial intelligence (AI).

In recent years, the ever-evolving tech environment has led Deloitte to identify organizations based on their level of cyber-maturity in the survey findings. Key indicators of a high-performing, cyber-mature organization include increased efforts of cyber planning, implementation of key cybersecurity activities, cyber engagement at the board level, and deployment of AI within their cyber programs. This year’s survey reinforces the urgency of securing cyber systems, as 25% of respondents from cyber-mature businesses reported 11 or more cybersecurity incidents in the past year, a 7% increase of incidents since the 2023 survey.

Stemming from the climbing number of cyberattacks, the report underlines the growing responsibilities CISOs are having as important allies to their CEOs and boards, particularly as their influence expands across an increasingly tech-savvy C-suite. One aspect in making the role exceedingly important has been the growing wave of AI-generated threats, which can target enterprises to exploit vulnerabilities by impersonating trusted sources. While the CISO’s expertise gains value, organizations are turning simultaneously to AI-enabled tools to strengthen cybersecurity and combat risks. Each of this suggests an increasingly integrated cyber function across business and technology:

Around one-third of respondents report a significant increase in CISO involvement during strategic conversations about tech-related capabilities in the past year.

Over the last decade CISOs have traditionally reported to the chief information officer (CIO), however they are increasingly gaining the ear and trust of CEOs, as 20% of decision-makers revealed their CISOs now report directly to their CEO.

Cyber is playing a large role in securing an organization's investment in tech capabilities, particularly when it comes to priority areas such as cloud (48%), Generative AI (41%), and data analytics (41%).

On average 39% of respondents are using AI capabilities in their cybersecurity programs to a large extent.

"The rise of AI and other evolving technologies has significantly transformed the threat landscape. As threats become more sophisticated and impactful to core business, CISOs are increasingly required to adopt a more strategic role driving cross business risk prioritization and mitigation,” says Emily Mossburg, Deloitte Global Cyber Leader.

Organizations continue to embrace cyber as an essential component of their enterprise tech stack, budgeting strategies, and future business plans. They also increasingly rely on technology-driven programs to fuel growth and innovation. As business leaders realize the potential of cyber, the report finds:

The top three expected outcomes from cybersecurity initiatives are protecting intellectual property (46%), improving threat detection and response (44%), and increasing efficiency and agility (44%).

Overall, 83% of respondents agree or completely agree that measures like qualitative risk assessments and benchmarking are an integral part of their overall cybersecurity strategy.

58% of respondents also expect to begin integrating cybersecurity spending with budgets for other programs, such as digital transformation initiatives, IT programs, and cloud investments.

“This year’s report highlights how the connection between cybersecurity and business outcomes continues to grow stronger, enabling cyber to have greater impacts in achieving organizational objectives” adds Mossburg.

The Future of Cyber findings exhibit how cybersecurity is integral to building trust in a tech-powered future and point to why organizations should continually invest in areas throughout their business to increase cyber efficiency and overall growth. Specifically, organizations should focus on hiring and developing cyber talent, executing thorough digital planning, and collaborating with extended ecosystems, all while incorporating cyber into strategic business initiatives. For more information, please visit Global Future of Cyber Survey, 4th Edition.