This year, CISOs continue to manage a complex technology and cybersecurity environment. As platforms, assets, and third party vendors continue to grow, security threats are expanding at the same time. The challenge for CISOs is to help grow the business while managing the risks.
Like CIOs, CISOs are managing expectations from organizational leaders that are eager to find practical, demonstrable value from AI. As business leaders, CISOs are focused on driving growth and improving overall operational resilience.
Nearly 1,200 CISOs across Gartner C-level Communities shared their key priorities and challenges in our annual survey – here’s what they reported.
Focusing on Cyber Resilience and Security Operations
Cyber resilience was added as a functional priority to the survey options this year and immediately became the top choice for CISOs. This potentially speaks to the need for security leaders to have robust response strategies in the event of attacks and build their organizational resilience and ability to recover quickly. Security operations has also grown in importance in 2025, while most other focus areas have regularly appeared among CISOs’ top priorities for the past few years.
Driving Growth Is Top Enterprise Priority
As enterprise leaders, CISOs are focused on driving growth in 2025, and this is the first time in recent surveys that growth has been their top focus area. Security leaders continue to cite cost optimization as an enterprise priority, which moved up the list this year. Similar to growth, increasing revenue is a priority of increasing importance for CISOs in this year’s survey.
Security Spending Remains Flat
Forty-six percent of CISOs say that their operating budget is the same as last year, and 39% of security leaders have an increased budget. Their planned spending on technology and services is similar with 43% reporting that their spending is the same year over year, and an almost equal percentage – 42% of CISOs – saying they plan to spend more.
Investing in IAM, MFA & Zero Trust
Forty-three percent of CISOs plan to invest in Identity and Access Management (IAM), Multi-Factor Authentication (MFA) and Zero Trust, which is closely aligned to their second highest priority for the year. Thirty-nine percent of security leaders plan to spend on data loss prevention, which increased from 33% last year, and 35% on generative and traditional AI tools and solutions.
Each year, we survey members of Gartner C-level Communities on their top priorities, challenges and goals for the year ahead. Our proprietary Leadership Perspective Survey enables us to develop event topics and sessions based on the real-time needs of security leaders. Apply now to join your regional CISO community, or if you are already a member, sign in to the app to find and register for upcoming events in your community.
Based on 1,150+ CISO responses from Gartner C-level Communities’ proprietary Leadership Perspective Survey, March 2025.
By CISOs, For CISOs™
Join the conversation with peers in your local CISO community.
