CSOs face increasing pressure to remain silent about security breaches, with 69% reporting such directives from employers, up from 42% two years ago. This trend is attributed to corporate reputation concerns overriding regulatory compliance. Regulatory scrutiny from laws like GDPR and others is intensifying, yet CISOs often have to navigate conflicts between legal responsibilities and business interests. Many experience career repercussions for disclosure, leading to ethical dilemmas amid incidents involving significant data theft or missed compliance.
