“What’s occupying a ton of time for CISOs at present is competing priorities,” he says. “The risk surroundings is such that they’re spending a substantial amount of time prioritizing all they should do, they usually’re doing it at a time once we face a major expertise scarcity so that they’re attempting to cowl your complete gamut with much less assist than they’d want. That’s the essence of what CISOs battle with at present — simply prioritizing the big portfolio of points they’ve.”
10. Getting threat proper
To prioritize work, CISOs want to know what issues most to the enterprise and what dangers are most consequential to the group. But many nonetheless battle with these duties, says Chris Simpson, director of Nationwide College’s Heart for Cybersecurity.
Analysis confirms this stays a difficulty for CISOs: In keeping with the Proofpoint survey, boardroom alignment with CISOs decreased from 84% in 2024 to 64% in 2025.
“Cybersecurity is there to assist the enterprise, so CISOs have to know the enterprise’ threat tolerance, which is able to drive selections on what to implement and threat mitigation methods. It’s one thing CISOs are all the time engaged on,” Simpson says.
