report – CIO.works

State CISO Confidence Drops From 48% to 22%, NASCIO-Deloitte 2026 Study Finds

By CIO / Blog / risk management, cybersecurity, CISO, report

The 2026 NASCIO-Deloitte Cybersecurity Study reveals a significant drop in state CISO confidence, falling from 48% in 2022 to 22%, due to increased cyber threats, reduced federal support, aging infrastructure, and AI-enabled attacks. The study highlights the need for whole-of-state cybersecurity governance, AI risk frameworks, reassessment of federal program dependencies, and implementation of effectiveness metrics to help rebuild confidence in public-sector cybersecurity programs.

https://www.cybersecurity-insiders.com/state-ciso-confidence-nascio-deloitte-2026-study/

Linux Foundation Report Finds Greatest Obstacle for AI Adoption and Innovation Is a Security Readiness Crisis

By CIO / Blog / risk management, AI, report

The Linux Foundation's 2026 State of Tech Talent Report identifies a security readiness crisis as the greatest obstacle to AI adoption and innovation, with security and privacy concerns rising sharply from 17% in 2024 to 48% in 2026. Despite these challenges and a significant capacity gap in AI security and risk management reported by 57% of organizations, AI is driving technical job growth and organizations are prioritizing upskilling existing employees to bridge talent gaps, yielding substantial business benefits over hiring new staff.

https://www.linuxfoundation.org/press/linux-foundation-report-finds-greatest-obstacle-for-ai-adoption-and-innovation-is-a-security-readiness-crisis

More Money Is Going to Physical Security, but It’s Often CISOs That Oversee It: EY

By CIO / Blog / budget, cybersecurity, CISO, report

A recent EY survey reveals that organizations are increasing budgets for physical security, with nearly 80% allocating more funds, sometimes up to 50%, amid rising board oversight. However, many place responsibility for physical security with Chief Information Security Officers (CISOs), blending physical and cybersecurity, which can lead to under-resourcing physical protection; EY recommends centralizing security functions, clarifying accountability, and expanding security preparedness through integrated threat intelligence and realistic crisis simulations.

https://www.facilitiesdive.com/news/more-money-is-going-to-physical-security-but-its-often-cisos-that-overse/820077/

Majority of Chief Information Security Officers (CISOs) Consider Paying Cybercriminals to End Ransomware Attacks, According to New Absolute Security Research

By CIO / Blog / ransomware, report, breach

A new Absolute Security report reveals that 58% of Chief Information Security Officers (CISOs) would consider paying cybercriminals to end ransomware attacks, with operational downtime ranked as the most significant impact. The study also found that ransomware attacks often originate on endpoint devices, recovery times can be extensive—some taking up to two weeks—and many organizations still lack remote recovery capabilities despite widespread availability.

https://www.businesswire.com/news/home/20260512727565/en/Majority-of-Chief-Information-Security-Officers-CISOs-Consider-Paying-Cybercriminals-to-End-Ransomware-Attacks-According-to-New-Absolute-Security-Research

New Report Shows How AI Gives Cybersecurity Competitive Advantage

By CIO / Blog / AI, cybersecurity, report

A new World Economic Forum report reveals that artificial intelligence (AI) is the key driver transforming cybersecurity, with 94% of cyber leaders recognizing its defining role and 77% of organizations already employing AI in their cyber operations. The report highlights that strategic AI deployment enhances vulnerability detection, accelerates response times, and reduces breach costs, providing organizations a competitive edge in the escalating race against AI-empowered cyber threats.

https://www.weforum.org/press/2026/05/new-report-shows-how-ai-gives-cybersecurity-competitive-advantage/

EY/IIF Third Annual Global Insurance Risk Management Survey

By CIO / Blog / report, growth, risk management, strategy

The EY/IIF Global Insurance Risk Management Survey reveals a shift in insurance risk management, emphasizing its role as a strategic driver of transformation and growth. Key themes include the dominance of cyber risk, the importance of resilience, and the evolving role of CROs as strategic partners.

https://www.iif.com/Publications/ID/6532/EYIIF-Third-Annual-Global-Insurance-Risk-Management-Survey

73% of CISOs Unprepared for the Next Big Cyber Attack, Incident Response Readiness Report Reveals

By CIO / Blog / incident response, cybersecurity, CISO, report

Sygnia's 2026 CISO Survey reveals that 73% of senior cybersecurity leaders feel unprepared to effectively execute incident response in the event of a significant cyberattack, despite widespread adoption of formal IR plans. Key challenges include organizational friction, visibility gaps across IT and OT environments, and a rapidly expanding threat landscape driven by AI, underscoring the critical need for improved executive alignment, comprehensive visibility, and strategic integration of AI to enhance cyber readiness.

https://www.sygnia.co/press-release/sygnia-released-ciso-survey-2026/

What CIOs Are Most Looking to Replace with AI Today

By CIO / Blog / productivity, AI, report

A 2026 survey of 141 CIOs reveals that customer service management (26%), finance operations (21%), and project management (20%) are the software categories most prone to AI-driven vendor replacement, driven by AI’s ability to streamline coordination and workflow visibility. Meanwhile, 54% of CIOs are pursuing vendor consolidation, with 45% of AI budgets replacing existing software spend, signaling a shift where AI adoption often comes at the expense of traditional tools, although deeply integrated platforms like ERP and general productivity suites remain relatively protected due to high switching costs.

https://www.saastr.com/cioreplaceai/

Teleport Report Finds Over-Privileged AI Systems Linked to Fourfold Rise in Security Incidents

By CIO / Blog / AI, cybersecurity, threats, report

A report by Teleport found that enterprises granting excessive access permissions to AI systems experience 4.5 times more security incidents than those restricting AI access, highlighting identity management's lag behind AI adoption. Based on interviews with 205 security leaders, the study shows that broad AI access correlates with higher incident rates, often due to static credentials and lack of automated governance controls, emphasizing the need for unified, machine-speed identity management to mitigate risks.

https://www.infoq.com/news/2026/03/teleport-ai-report/

Companies Know AI Is Essential for Cyber Defense but Aren’t yet Seeing Returns

By CIO / Blog / AI, cybersecurity, report

A new EY survey reveals that while nearly all cybersecurity leaders see AI as essential for defense and are deploying it, most have yet to realize significant returns from agentic AI security tools. The survey highlights companies' progress in adopting AI governance frameworks but notes that full integration into corporate culture is limited, stressing the need for robust governance and human oversight to maximize AI’s benefits and manage risks effectively.

https://www.cybersecuritydive.com/news/cybersecurity-ai-agentic-governance-ey-survey/815311/