SecurityBrief US - Technology news for CISOs & cybersecurity decision-makers
United States

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Stressed business executive at desk with glowing computer screens warning symbols cybersecurity threats
#
Risk & Compliance
#
AI
#
Cybersecurity

US CISOs face mounting stress as cyber incidents & AI threats rise

Fri, 7th Nov 2025
Author image
By Shannon Williams, Journalist

New research has revealed high levels of pressure and strain among Chief Information Security Officers (CISOs) in the United States as cyber incidents and organisational expectations mount.

Widespread incidents

A survey conducted for the 2025 CISO Pressure Index by Nagomi Security found that 73% of US-based CISOs reported experiencing a significant cyber incident within the past six months. The report indicates a challenging landscape for security leaders, with incidents continuing despite the presence of extensive security tool stacks.

The survey of 100 CISOs highlights an increase in internal pressure, with 87% saying that the level of strain in their role has risen over the past year. Two-thirds of respondents reported feeling burned out on a weekly or daily basis, while 40% have considered leaving their positions because of these challenges.

Internal pressures surpass external threats

The research reveals that board expectations are now a greater source of pressure for CISOs than external threats, with 44% citing this as their main stressor compared to 33% who pointed to threats from outside the organisation. The data suggests a change in the fundamental realities of the CISO role, with only 58% of CISOs saying that the security incidents they faced were ones their tools should have prevented, highlighting concerns about the effectiveness and integration of technology solutions.

Tool complexity continues to be an issue, with 65% of CISOs overseeing more than 20 security tools, and 13% managing over 50. Despite this, more than half (56%) report their tools do not integrate fully, and 57% believe half or fewer of these tools deliver measurable return on investment.

Accountability and blame

The findings also shine a light on CISOs' growing sense of personal accountability and risk. Seventeen percent of surveyed CISOs stated they always feel personally blamed for security incidents regardless of the root cause, while 39% said they often feel blamed even when the incident falls outside their direct control. Furthermore, 90% felt their roles could be at risk in the event of a breach, with 20% feeling extremely at risk and 40% feeling moderately at risk.

"CISOs are managing nonstop risk with limited support and even less time. They're expected to be strategic leaders and first responders all at once. The best way to support them is to share accountability across the business, make outcomes clearer, and give them the space to focus on what actually reduces risk," said Emanuel Salmona, co-founder and CEO of Nagomi Security.

Expectations from boards and executives remain high, as 82% of CISOs indicated they felt confident quantifying risk, but 54% admitted to a lack of standardised, business-relevant metrics to present to stakeholders. Boards most commonly request trendlines in risk reduction (51%), quantified business impact of incidents (47%), and metrics on incident-response performance (40%).

AI as both threat and cost-saving measure

Agentic Artificial Intelligence (AI) has become a leading concern for CISOs, with 59% citing it as the main near-term threat and nearly one in five recent incidents being AI-related. Meanwhile, 82% of CISOs say they face pressure from leadership to use AI as a means to reduce staffing costs, adding to the complexity of their roles.

The report demonstrates a widening gap between the level of responsibility CISOs hold and the control they have over digital risks and resources. CISOs are being asked to balance strategic guidance and operational incident response, often with limited resources and high accountability.

Nagomi Security's 2025 CISO Pressure Index was compiled from a quantitative survey covering a range of industries to document sources of pressure and the evolving requirements of security leadership.

Alongside the report, Nagomi Security announced a new docuseries entitled Holding the Line, which will profile security leaders and explore the evolving pressures faced by CISOs. The company will also host mindfulness sessions for CISOs, aimed at creating spaces where security leaders can address the challenges of their roles, promote alignment, and discuss new approaches to accountability within organisations.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
DivisionHex launches new framework to streamline exposure management
HP predicts surge in AI-driven cyber threats & cookie theft by 2026
Hack The Box launches AI cyber range & unveils red team certification
Dynatrace expands AWS integrations & wins LATAM partner award
Informatica expands AWS integration to boost enterprise AI agents

Top stories

Check Point updates Quantum firewall to secure AI use
Gallagher Security maps global growth & 2026 focus
Orq.ai raises EUR €5m to scale enterprise AI agents
How to detect fake players in online gaming
Bodd secures AUD $15 million to drive global 3D scanning growth