Organizations are taking on cybersecurity risks by bolstering budgets and tightening response actions, according to Deloitte’s latest survey, titled The Promise of Cyber, which finds that cybersecurity is becoming a significant part of overall business strategies.

The survey revealed that businesses are increasing the responsibility and strategic influence assigned to chief information security officers (CISOs), promoting further involvement from the board on cybersecurity-related matters, and turning to measures like artificial intelligence (AI). According to new data, there is a greater urgency for securing cyber systems with 25 percent of respondents from cyber-mature businesses reporting 11 or more cybersecurity incidents in the past year, a 7 percent increase of incidents compared with the 2023 survey.

Data analyzers say that the best way to combat cyberattacks is to increase tech-savvy CISOs and increase education on the threat of AI-generated cybersecurity risks. The survey found that approximately one-third of respondents had seen a significant increase in CISO involvement during strategic conversations about tech-related capabilities in the past year.

Additionally, over the last decade CISOs have traditionally reported to the chief information officer (CIO), however, new data is showing these concerns are being transferred to CEOs, as 20 percent of decision-makers revealed their CISOs now report directly to their CEO.

Investment in cybersecurity is on the rise with 48 percent of respondents saying that cloud security is their top priority, followed by 41 percent in Generative AI and 41 percent in data analytics. 

Nearly 40 percent of respondents said they are using AI capabilities in their cybersecurity programs to a large extent.

"The rise of AI and other evolving technologies has significantly transformed the threat landscape,” said Emily Mossburg, Deloitte Global cyber leader. “As threats become more sophisticated and impactful to core business, CISOs are increasingly required to adopt a more strategic role driving cross business risk prioritization and mitigation.

Mossburg continued, “The close relationship between CISOs and CEOs is a testament to the role security plays in a business’s long-term success. Today, CISOs are not only protectors against outside threats, but key players helping their organization find success by integrating cyber considerations in the strategic decision-making process.”

Respondents are increasingly seeing cybersecurity as an essential component of their enterprise tech stack, budgeting strategies and future business plans, according to the survey. 

The top three goals of boosting cybersecurity initiatives among respondents are protecting intellectual property, improving threat detection and response, and increasing efficiency and agility. 

Overall, 83 percent of respondents said measures like qualitative risk assessments and benchmarking are an integral part of their overall cybersecurity strategy. Meanwhile, 58 percent of respondents noted they expect to begin integrating cybersecurity spending with budgets for other programs, such as digital transformation initiatives, IT programs and cloud investments.

“This year’s report highlights how the connection between cybersecurity and business outcomes continues to grow stronger, enabling cyber to have greater impacts in achieving organizational objectives” added Mossburg. “The increased reliance organizations have on their technology-driven programs is evolving the CISO roles and their cyber initiatives into essential components in driving business growth in a tech-powered future.”