This article outlines some of the insights of PwC’s 2025 Global Digital Trust Insights report, highlighting significant gaps in cyber resilience among businesses. Despite the growing awareness of cyber threats, only 2% of organisations have fully implemented comprehensive cyber resilience measures. This lack of preparedness leaves many companies vulnerable to disruptions and data breaches. The report emphasises that cybersecurity should be an integral part of business strategy rather than a reactive measure. It also points out that modern technologies like generative AI (GenAI) are expanding the attack surface, increasing vulnerabilities and necessitating advanced defence mechanisms and AI governance.
Leadership plays a crucial role in enhancing cybersecurity, yet there is a notable disconnect between Chief Information Security Officers (CISOs) and other business leaders. Only 46% of CISOs are involved in major business decisions, which creates a gap in strategic planning and leaves organisations exposed. The report calls for better integration of CISOs into the decision-making process to ensure proactive cybersecurity measures. Additionally, regulatory compliance is driving investments in cybersecurity, but there is a confidence gap between CEOs and CISOs regarding their ability to meet these demands, particularly in areas like AI and resilience regulations.