Bridging the Cyber Resilience Gap: Insights from PwC’s 2025 Global Digital Trust Insights Report
In an era where digital transformation is accelerating at an unprecedented pace, the importance of cyber resilience has never been more pronounced. However, a recent report by PwC, the 2025 Global Digital Trust Insights, reveals a significant disconnect between the perceptions of cybersecurity among top security executives and C-suite leadership. This gap poses a critical challenge for organizations striving to navigate the complexities of cyber risk in today’s digital landscape.
The Disconnect: Cybersecurity Perceptions
The report, based on a survey of over 4,000 business and technology executives across 77 countries, highlights a stark contrast in how cybersecurity is prioritized by different leadership tiers. More than two-thirds of technology leaders view cybersecurity as their foremost risk for mitigation, while only 48% of business leaders share this sentiment. This disparity raises questions about the alignment of priorities within organizations and the potential implications for overall cyber resilience.
The Role of the CISO: A Missed Opportunity?
One of the most concerning findings from the report is the limited involvement of Chief Information Security Officers (CISOs) in strategic planning and decision-making processes. Less than half of the executives surveyed indicated that their CISOs were heavily engaged in reporting to the board or overseeing technology deployment. This lack of integration can hinder the organization’s ability to effectively address cyber risks and respond to emerging threats.
Matt Gorham, leader of PwC’s Cyber & Privacy Innovation Institute, emphasizes the importance of communication between security executives and the C-suite. He notes that the gap in perceptions may stem from security and IT leaders not effectively conveying the day-to-day operational challenges and vulnerabilities to the leadership team. This misalignment can lead to a lack of urgency in addressing cyber risks at the highest levels of the organization.
Diverging Priorities: Cloud Security vs. Business Modernization
The report also sheds light on the differing priorities between technology leaders and business executives. For tech leaders, cloud security emerges as the top investment priority, followed closely by data protection and trust. In contrast, nearly half of business executives identified data protection as their primary business concern, with technology modernization following closely behind. This divergence in focus can create friction in resource allocation and strategic initiatives, further complicating the organization’s approach to cyber resilience.
Regulatory Compliance: A Growing Concern
As regulatory frameworks surrounding cybersecurity continue to evolve, the report highlights a growing gap between CISOs and C-suite executives regarding compliance capabilities. This is particularly evident in the context of regulations related to artificial intelligence (AI) and critical infrastructure. With the Securities and Exchange Commission (SEC) recently adopting rules requiring businesses to disclose material cyber incidents and associated strategies, the need for cohesive communication and alignment between security and business leaders has never been more critical.
The Pressure to Downplay Cyber Risk
Adding to the complexity of the situation, a report released by Trend Micro in May indicates that CISOs are facing pressure from corporate boards to downplay the severity of cyber risks. This pressure can lead to a culture of complacency, where the true nature of cyber threats is not adequately acknowledged or addressed. Such an environment can leave organizations vulnerable to attacks and undermine their overall cyber resilience.
Conclusion: A Call for Alignment and Action
The findings from PwC’s 2025 Global Digital Trust Insights report serve as a wake-up call for organizations to reassess their approach to cybersecurity. Bridging the gap between security executives and the C-suite is essential for fostering a culture of cyber resilience. This requires open communication, a shared understanding of risks, and a commitment to prioritizing cybersecurity as a core business imperative.
As organizations continue to navigate the complexities of the digital landscape, it is imperative that they align their cybersecurity strategies with business objectives. By fostering collaboration between technology leaders and C-suite executives, organizations can enhance their ability to mitigate cyber risks, comply with evolving regulations, and ultimately safeguard their digital assets in an increasingly interconnected world.