CISOs face growing personal and criminal liability as cyberattacks targeting vulnerabilities in IoT and OT devices increase. Global regulations now require stricter cyber risk management, transparency, and compliance, with 20% of breaches in 2025 linked to device vulnerabilities. CISOs are expected to provide accurate asset inventories, honest reporting, prompt breach disclosure, and the management of third-party risks. Organizations are updating policies, boosting legal support, and enhancing security oversight to adapt.
