PWC.com reported that “Yet despite widespread awareness of the challenges, significant gaps persist. To safeguard their organisations, executives should treat cybersecurity as a standing item on the business agenda, embedding it into every strategic decision and demanding C-suite collaboration.” The PWC report entitled “Findings from the 2025 Global Digital Trust Insights” (https://www.pwc.com/us/en/services/consulting/cybersecurity-risk-regulatory/library/global-digital-trust-insights.html) included these comments:
PwC’s 2025 Global Digital Trust Insights survey of 4,042 business and tech executives from across 77 countries revealed significant gaps companies must bridge before achieving cyber resilience.
- Gaps in implementation of cyber resilience: Despite heightened concerns about cyber risk, only 2% of executives say their company has implemented cyber resilience actions across their organisation in all areas surveyed.
- Gaps in preparedness: Organisations feel least prepared to address the cyber threats they find most concerning, such as cloud-related risks and third-party breaches.
- Gaps in CISO involvement: Fewer than half of executives say their CISOs are involved to a large extent with strategic planning, board reporting and overseeing tech deployments.
- Gaps in regulatory compliance confidence: CEOs and CISOs/CSOs have differing levels of confidence in their ability to comply with regulations, particularly regarding AI, resilience and critical infrastructure.
- Gaps in measuring cyber risk: Although executives acknowledge the importance of measuring cyber risk, fewer than half do so effectively, with only 15% measuring the financial impact of cyber risks to a significant extent.
Obviously very concerning news! What do you think?
First published at https://www.vogelitlaw.com/blog/only-2-of-organizations-have-implemented-adequate-cyber-resilience