- T-Mobile users can now try Starlink's satellite service for free - here's how
- The best USB-C cables for the iPhone 15 in 2025: What the experts recommend
- This Sony Bravia is my pick for best TV for the money - and all 5 size options are on sale
- Your Google Pixel 9 is getting a free audio upgrade - and it can't come sooner
- VMware Product Release Tracker (vTracker)
CISOs Dramatically Increase Boardroom Influence but Still Lack Soft Sk
CISOs are gaining ground in the boardroom, but many of their C-suite peers believe there’s still work to be done to improve their business and soft skills, according new research by to Splunk.
The Cisco company surveyed 500 CISOs or equivalent and 100 board members globally to compile The CISO Report 2025.
It revealed that 82% of security leaders now report directly to the CEO, up from 47% in 2023. A further 83% said they participate in board meetings “somewhat often” or “most of the time.”
Board respondents also reported excellent or very good working relationships with the CISO in areas like setting and aligning on strategic cybersecurity goals, and communicating progress against milestones.
Read more on boardroom politics: UK Boards Are Growing Less Concerned About Cyber-Risk.
However, the report also highlighted persistent gaps between security leaders and their boardroom peers.
More board members than CISOs want their heads of security to develop skills such as:
- Business acumen (55% versus 40%)
- Emotional intelligence (45% vs 35%)
- Communication (52% vs 47%)
Additionally, Splunk revealed a standoff over budget in many organizations.
Some 29% of CISOs said they receive adequate budget to accomplish their goals, compared to 41% of board members who think the function has enough funds. These attitudes are borne out of personal experience: almost a fifth (18%) of CISOs claimed they were unable to support a business initiative because of budget cuts in the past year, and 64% said that lack of support led to a cyber-attack.
Time to Align
Splunk CISO, Michael Fanning, argued that bringing both groups together will require educating boards about cybersecurity and helping CISOs understand how to position security as a business enabler.
“As cybersecurity becomes increasingly central to driving business success, CISOs and their boards have more opportunities to close gaps, gain greater alignment, and better understand each other in order to drive digital resilience,” he added.
“For CISOs, that means understanding the business beyond their IT environments and finding new ways to convey the ROI of security initiatives to their boards. For board members, it means committing to a security-first culture and consulting the CISO as a primary stakeholder in decisions that impact enterprise risk and governance.”
A Trend Micro report from 2024 revealed that many CISOs face a persistent credibility gap with their boardroom peers.
It claimed 79% have felt boardroom pressure to downplay the severity of cyber-risks facing their organization, with a third having been dismissed “out of hand” by their board.
