What’s important to the CISO in 2025

Cybersecurity and privacy

Align cyber investments to business strategy

As a CISO, you’re expected to lead the C-suite on cyber risk management and resilience implementation. Yet CISO involvement in business activities impacted by cybersecurity is still falling short. This disconnect could factor into gaps in readiness and adequate investment to address vulnerabilities and threats. Only 21% of executives usually allocate cyber budget to the top risks to the organization.

To gain executive buy-in, consistently measure and quantify risk in a way that resonates with your C-suite and stakeholders, communicate risks from a business perspective, and demonstrate the direct impact a robust cybersecurity plan can have on your company’s growth trajectory and overall risk profile.

Additional ways to align cyber investments to business strategy

Cybersecurity and privacy

Cybersecurity: The role of CISO in today’s business strategy

Tune into the podcast and explore the importance of cybersecurity in the C-suite and how CISOs are evolving beyond their traditional roles.

Cybersecurity and privacy

Bridging the gaps to cyber resilience: The C-suite playbook

Learn why cyber resilience is crucial with expanding attack surfaces and shifting regulations in PwC's latest survey.

Technology

It’s not the tech, it’s you: How to create measurable outcomes

Find out how to create measurable outcomes and value through digital transformation.

Digital risk

Cyber risk quantified. Cyber risk managed

Quantifying the financial risks of different cyber threats can increase the bang for the cyber buck: it enables you to direct resources to the greatest risks.

Source: PwC's 2025 Global Digital Trust Insights

Regulation and compliance

Team with the C-suite and board to foster cyber transparency

To build trust with shareholders and customers, regulators are requiring businesses to be more transparent about how they manage and govern cyber risks. With this scrutiny, the C-suite can work with the CISO to align cyber capabilities with business goals and deliver accurate reporting, while the board takes a more active cyber risk oversight role.

However, increasing regulatory complexity and challenges aligning standards across multiple agencies makes achieving transparency more difficult. A strong partnership between the CISO, C-suite and board is key.

CISOs can frame cyber risks as business risks, collaborating with risk, financial, technology and legal teams to simplify and contextualize your company’s cyber posture and keep the board well-informed. This shared understanding also supports more defensible reports to regulators.

Additional ways to team with the C-suite

Regulation and compliance

Unpacking the first wave of form 10K cyber disclosures

What companies reported, what it means (so far) and next steps. What can these form 10K filings tell us about cybersecurity disclosures?

Regulation and compliance

Cyber reporting for critical infrastructure

Discover the implications of proposed updates to CIRCIA and its requirements on covered entities.

Regulation and compliance

Risk and compliance reimagined: Unlock hidden savings and performance

Learn how organizations can cut costs and improve quality by reimagining risk management and compliance programs.

Risk management

Overseeing cyber risk: the board's role

Examine four key areas where boards can take a more active oversight role to support cyber risk management.

Source: PwC's 2025 Global Digital Trust Insights

Digital oversight and cybersecurity

Create a cloud and digital transformation security plan

Are your cybersecurity capabilities ready to meet your company’s transformation needs? Modernizing platforms and adopting a cloud-first approach can deliver powerful business results, but security should come first. CISOs can balance innovation with security by planning and implementing foundationally strong cyber practices to close gaps and prevent vulnerabilities.

Success starts with a clear integration plan. Work with your company’s technology leaders to set and prioritize security and transformation goals, building security into every step from start to finish.

Additional ways to translate cyber risk to the board

Digital oversight and cybersecurity

Building the AI-powered business: 4 ways cloud leaders redefine success

Organizations will soon be AI-first and cloud powered. Learn how these companies are already reaping the benefits of their investments.

Digital oversight and cybersecurity

Staying above the cloud on risks and controls

Implement cloud transformation strategies for your company while navigating risk and compliance implications.

Generative AI

Managing the risks of generative AI

What do risk leaders need to know to harness trusted generative artificial intelligence? Hint, it starts with governance.

Risk management

NIST post-quantum cryptography standards: Key questions and actions for implementation

Learn more on the new post-quantum cryptography standards — and how organizations must integrate these algorithms to protect against future quantum threats.

Source: 2025 Global Digital Trust Insights

Data security

Enhance data trust and protection measures

Data is the engine for business innovation, transformation and growth. Advances in generative AI (GenAI) have unlocked the potential for faster insights, lifting barriers to scalable analysis through automation and operational enhancements. To seize this transformative upside, data quality, security and governance are imperative to mitigate accuracy, privacy and trust risks. Companies proactively investing in tools and practices to better manage and safeguard their data are a step ahead.

Align with your data leaders to reassess your data governance protocols and priorities. Focus on identifying critical data elements, where they are stored, and verify controls are in place for data quality and security. This is an opportunity to drill down on data accuracy and possible exposure or loss that could compromise customer trust and regulatory compliance.

Additional ways to enhance data trust

Data security

Managing the risks of generative AI

Generative AI's rapid integration into life and business poses profound risks. Learn more in our playbook for risk executives.

Governance

Good governance for AI: 5 real-world insights for risk professionals

Learn why AI governance matters and the key elements for risk, compliance, legal and security leaders.

Data governance

Trust, risk, and opportunity: overseeing a comprehensive data and privacy strategy

While companies use vast amounts of data, find out why it's key to mitigate the risk that comes with new opportunities by protecting data privacy.

Source: PwC's 2025 Global Digital Trust Insights