CISO Challenges in Managing Cybersecurity Risk Amid AI and Expanding Attack Surfaces
Chief Information Security Officers (CISOs) are facing increasing complexity in managing cybersecurity risk as organizations become more reliant on managed service providers (MSPs), integrate artificial intelligence (AI) into business processes, and contend with expanding attack surfaces. Nearly half of organizations reported a cyberattack or data breach involving a third-party in the past year, highlighting the growing importance of robust vetting and governance processes for service providers. At the same time, the rapid adoption of AI has elevated cybersecurity to a top priority at the board level, with CISOs now expected to communicate risk and strategy more effectively to executive leadership. However, internal conflicts, unclear authority, and misaligned incentives between CISOs and other business leaders are often more damaging to incident response than the cyberattacks themselves, according to recent industry surveys.
The threat landscape is intensifying, with a 20% year-on-year increase in high-severity vulnerabilities and attackers leveraging generative AI to exploit both new and old weaknesses. Security teams are under pressure to manage a greater volume of serious issues without corresponding increases in staff or budget, leading to operational strain. Effective vulnerability management now requires clear governance, defined scope, and continuous evaluation, while CISOs must balance technical risk reduction with business alignment and shared responsibility across the organization. As AI accelerates both attack and defense, CISOs are urged to rethink traditional risk management processes and foster stronger leadership alliances to ensure resilient cybersecurity postures.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
1 event from the most recent confirmed update back to the earliest known activity.
Story first reported
Initial story creation
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
5 references tracked. Mallory keeps watching after this page renders.
Do CISOs need to rethink service provider risk?
csoonline.com
Open source70% of CISOs say internal conflicts more damaging than cyberattacks
csoonline.com
Open sourceVulnerability Management – Process Perspective
blog.nviso.eu
Open sourceThe State of Exposure Management in 2025: Insights From 3,000+ Organizations
bleepingcomputer.com
Open sourceCISOs Finally Get a Seat at the Board's Table — But There's a Catch
darkreading.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Evolving CISO Security Priorities Amid AI and Automation Challenges
Chief Information Security Officers (CISOs) are facing an increasingly complex cybersecurity landscape, driven by rapid technological advancements and the proliferation of artificial intelligence (AI) and automation. According to CSO’s 2025 Security Priorities Study, 76% of security leaders report that determining the most suitable security solutions for their organizations has become more complicated. The study also highlights that 57% of organizations have struggled to identify the root causes of security incidents in the past year, underscoring the growing sophistication of cyber threats. CISOs are now responsible for a broader range of duties, including developing cyber strategies, managing risk, and addressing the unique challenges posed by AI-enabled technologies. A significant portion, 67%, must also contend with security issues that extend beyond their local regions, reflecting the global nature of modern cyber risks. Persistent challenges such as employee awareness, budget constraints, talent retention, and process complexity continue to hinder progress. Protecting sensitive and confidential data remains a top priority, with 48% of leaders focusing on this area, followed by securing cloud environments and simplifying IT security infrastructure. The integration of AI into security operations is both a necessity and a challenge, as organizations seek to leverage new tools while managing the risks associated with disruptive technologies. CISOs are increasingly looking to consolidate security tools and maximize the value of existing platforms to stretch limited budgets. The evolving threat landscape, marked by a surge in attack volume and severity, demands that security teams adapt quickly and efficiently. The pressure to scale cybersecurity operations is heightened by high-profile incidents affecting major retailers and manufacturers, resulting in significant financial losses and operational disruptions. The sheer volume of threat intelligence generated by these attacks can overwhelm security operations centers (SOCs), making it difficult to extract actionable insights. As a result, CISOs are prioritizing the development of strategies that enable their teams to respond effectively to both current and emerging threats. The need for robust AI governance frameworks is becoming more apparent, as organizations recognize the importance of establishing clear guidelines for AI deployment and oversight. Security leaders are also focusing on enhancing employee training and awareness to mitigate human-related risks. The complexity of the modern security environment requires a holistic approach that balances technological innovation with sound risk management practices. As CISOs navigate these challenges, collaboration with external partners and the adoption of automation are seen as critical enablers for future resilience. Ultimately, the evolving role of the CISO reflects the broader transformation of cybersecurity from a technical function to a strategic business imperative.
Apr 6, 2026
CISO Risk Management and Security Strategy Challenges in 2025
Chief Information Security Officers (CISOs) are facing unprecedented pressure as cybersecurity threats intensify, regulatory demands increase, and hybrid infrastructure becomes the norm. Despite rising budgets and the adoption of advanced technologies such as AI, CISOs report that risk reduction is not keeping pace with the evolving threat landscape. Studies highlight that hybrid environments, while improving resilience and compliance, introduce operational complexity, visibility gaps, and identity management challenges. Security leaders are increasingly focused on business continuity, regulatory compliance, and the need for rapid incident detection and response, but many feel overwhelmed by the volume of incidents and the expectation of inevitable breaches. The growing complexity of security operations is compounded by the need for better coordination, communication, and leadership readiness. CISOs are under pressure to shrink the gap between detection and investigation, with many expressing concerns about burnout and the potential for nation-state attacks. The integration of AI and automation is reshaping both threats and defenses, but organizations still struggle to translate increased investment into tangible improvements in risk posture. The shift to hybrid infrastructure and the adoption of new security models are driving a fundamental reset in security strategy, making resilience a structural requirement rather than a long-term goal.
Mar 21, 2026
AI-Driven Cybersecurity Risks and Strategies for Enterprise Defense
Artificial intelligence is rapidly transforming both the threat landscape and defensive strategies in cybersecurity, prompting CISOs and security leaders to rethink their approaches. A global study by Gigamon found that 86% of CISOs now view metadata and packet-level data as essential for detecting threats in complex hybrid cloud environments, but 97% admit to making trade-offs that leave visibility gaps. The rise of AI-driven attacks is fueling demand for real-time visibility and observability tools, with 75% of CISOs regarding public cloud as their highest security risk and 73% considering moving workloads back to private clouds. Security teams are investing heavily in AI-specific security tools, with 73% of companies spending over $1 million annually, yet 70% cite the rapid pace of AI development as their top concern. Recent high-profile breaches, such as those at LexisNexis Risk Solutions and McLaren Health Care, illustrate the increasing scale and sophistication of attacks, often amplified by AI. AI is accelerating the reconnaissance phase of attacks, enabling adversaries to map environments and identify vulnerabilities with unprecedented speed and precision, though human direction remains necessary for effective exploitation. The proliferation of AI-generated code, including through practices like 'vibe coding,' introduces new risks as less experienced developers may overlook security fundamentals, leading to insecure applications. Agentic AI systems, which act autonomously or on behalf of users, present urgent challenges in authentication, authorization, and identity management, with experts calling for scalable frameworks and robust credentials to prevent security lapses. CISOs are urged to build security into the design phase of software development, leveraging platform-native controls and enforcing policies like Row Level Security to minimize risk. The integration of AI into security operations is seen as both an opportunity and a challenge, requiring adaptive access solutions, post-quantum cryptography, and continuous monitoring. As AI reshapes digital transformation, organizations must balance the benefits of rapid innovation with the imperative to secure their environments against increasingly sophisticated, AI-powered threats. The consensus among experts is that security must evolve in tandem with AI capabilities, emphasizing proactive risk management, cryptographic agility, and a culture of security awareness across all levels of the organization.
Mar 21, 2026