Proofpoint: AI Pressures Drive CISOs Toward Burnout Highs

Amid the rapid evolution in the landscape of digital security, there is a concerning trend for Chief Information Security Officers (CISOs) worldwide.

According to Proofpoint's fifth annual Voice of the CISO report, 76% of these figures foresee substantial cyberattacks impacting their organisations within the coming year.

Despite the heightened awareness and understanding of cyber threats, the report – which surveyed 1,600 CISOs across 16 countries – reveals a startling gap between their confidence levels and their preparedness.
A significant 58% of these security leaders acknowledge their organisations' vulnerabilities in responding effectively to major cyber incidents.

"This year's findings reveal a growing disconnect between the confidence and capability among CISOs," says Patrick Joyce, Global Resident CISO at Proofpoint.

The significance of human error

The role of human error in cybersecurity is prevalent in the report, with departing employees continuing to be a significant risk to data protection.

A staggering 92% of CISOs link data breaches to employees exiting the organisation, a notable rise from 73% the previous year.

Human error remains the top vulnerability, despite 68% of security leaders believing their teams understand cybersecurity best practices.

"Nearly a third of organisations still lack dedicated insider risk resources to help bridge the gap between knowledge and behaviour," ProofPoint states in its 2025 report.

This persistent issue is further complicated by the fact that 66% of CISOs are willing to pay ransoms to secure data and restore systems, emphasising the complex challenges CISOs face in safeguarding their digital infrastructures.

Gen AI: A double-edged sword

AI stands as both an opportunity and a daunting challenge within cybersecurity strategies globally.

While 64% of global CISOs identify enabling Gen AI tool use as a strategic priority over the next two years, 80% of US-based CISOs express concern over potential customer data loss via public Gen AI platforms.

The transition from restriction to governance in the adoption of AI is evident as 67% of organisations implement usage guidelines and 68% explore AI-driven defensive measures.

Yet, enthusiasm for AI appears to be waning; more than half of the surveyed CISOs have restricted employee use of Gen AI tools.

"AI has moved from concept to core, transforming how both defenders and adversaries operate," Ryan Kalember, Chief Strategy Officer at Proofpoint, explains.

Misalignment in the boardroom

As AI continues to redefine operational strategies, the alignment between CISOs and corporate boards has significantly weakened, dropping to 64% from 84% last year.

This shift indicates an increasing recognition of cyber risk as a strategic business priority rather than just a technical problem.
Additionally, the stress of CISO roles has reached alarming levels, with 66% reporting excessive expectations and 63% admitting to experiencing or witnessing burnout.

"As Gen AI adoption accelerates both opportunity and threat, CISOs are being asked to do more with less, navigate unprecedented complexity, and still safeguard what matters most," Patrick says.

Despite protective measures for CISOs against personal liability being in place at 65% of organisations, a third report insufficient resources, highlighting ongoing challenges in achieving cybersecurity objectives.