AI Moves Faster than Security, CISOs Say Resilience is Way Forward

Inside the 2025 Absolute Security CISO Survey

AI is transforming everything — from how people work, to how enterprises operate, to how adversaries attack.

With organizations embracing AI, Absolute Security commissioned a survey of 500 U.S.-based CISOs, which revealed alarming and unexpected findings. Notably, we found that as AI increasingly upends the digital business environment, legacy cybersecurity tools and strategies may no longer be enough to ensure security and business continuity.

Conducted ahead of RSAC 2025 through Censuswide, the survey gauges how CISOs are responding to the rapid rise of generative AI, the shifting government approach to regulation, and foreign-developed platforms like DeepSeek.

The findings are clear: support for deregulation is high, concern around AI-driven risk is growing, and traditional security approaches are giving way to resilience-first strategies.

CISOs Welcome AI Deregulation: Recognize Risk Tradeoffs

According to the survey, a sweeping majority (79 percent) agree with the Trump Administration’s recent Executive Order (EO)^[1] calling for AI regulations that stall innovation to be revoked.

Yet this optimism comes with risk. Sixty-one percent of respondents admit that deregulation is making their jobs harder, which is to protect their organizations against risk and threats. This may be a warning sign that AI is outpacing security teams, opening a gap that could widen further with additional policy rollbacks, which 70 percent of CISOs anticipate.

DeepSeek: An Emerging Threat Worth Regulating

Among the most troubling findings: 69 percent of CISOs believe DeepSeek will lead to an increase in cyberattacks. Already, 65 percent have banned it outright within their organizations.

When it comes to this China-based generative AI platform, security leaders are asking for help. Seventy-seven percent believe the U.S. government should regulate DeepSeek, using the same approach it took with TikTok. This suggests a growing appetite for targeted protections even as general tech deregulation continues.

Shadow AI: A Certain Breach

AI adoption is high within the polled CISOs’ organizations, with 89 percent reporting widespread use of generative tools, with nearly half (44 percent) admitting they don’t fully understand where or how these are being used. A loss of visibility into AI will eventually cause a data breach, said 71 percent of CISOs.

Resilience: The New Imperative

These concerns are driving a critical shift in mindset among Security and Risk Management (SRM) leaders. Now, 83 percent of CISOs report that cyber resilience is more important than traditional cybersecurity measures, with 90 percent saying they’ve implemented a resilience strategy.

Resilience: Defined

Talking about the need for Resilience is one thing, understanding what it is, why it’s needed, and how to achieve it is another.

Resilience is the ability to ensure your entire business remains fully operational, protected against threats and risk, and able to quickly recover continuity following IT incidents, technical disruptions, ransomware attacks, and other threats.

Resilience: Why It’s Needed

By 2028, IT spending will exceed $5 trillion,^[2]  with cybersecurity accounting for close to $300 billion.^[3] Most of these investments are essential to doing business in the global digital ecosystem, but all are vulnerable to threats and technical failures that can lead to devastating financial and reputational losses. 

By some estimates, in 2024 ransomware inflicted as much as $20 billion^[4] in damages globally. In our survey, CISOs reported the average cost of a ransomware attack on their organizations was $4.5 million per incident. Threats aren’t the only thing SRM leaders need to be concerned about, as fragile security software and technical complexity can also drive extreme losses. The CrowdStrike BSOD incident alone is estimated to have cost impacted businesses as much as $5 billion.^[5]  

Faced with inherent software fallibility and vulnerabilities, along with more extreme attacks, means that organizations will at some point see their environments upended by a threat, breach, or incident that negatively impacts their operations and bottom lines. A decision to accept or ignore this certainty will mean the difference between experiencing a mere inconvenience or catastrophe.

Acceptance of this cold reality has led Resilience^[6] to emerge as a new strategic imperative.

Resilience: How to Achieve It

We’ve identified the concerns, quantified costs, and defined the solution – Resilience. The question now is how to bring it from theory into practice.

As a Security and Risk Management (SRM) leader, this means taking a fundamentally new approach to how you view and manage security and risk across your organization. You can no longer just rely on building out strong prevention and detection capabilities, you must also think about how you can support a return to continuity following a disruption – as breaches, ransomware, and technical incidents are all inevitable.

Here are six core steps you can take to operationalize Resilience, to ensure your organization can withstand and recover from today’s most disruptive cyber and IT threats.

1. ‍Get Ahead of Risk. Automate critical functions that identify and remediate risk before it is exploited by threat actors or becomes subject to technical failures. Deploy vulnerability scanning and patching solutions that automatically detect and remediate OS and software vulnerabilities and misconfigurations for Windows, Mac, Linux, and every business application and security control you have deployed.‍
2. Maximize Security Control Performance. Business applications, security controls, and operating systems need to perform at full capacity. When you consider that these controls serve as the front line of defense to your operations and as a primary means by which business is enabled, it is clear that you need to underpin them with resilience capabilities that keep them always-on and protected against risk.‍
3. Enforce Compliant Connections. To keep your network secure and available, deploy solutions that offer visibility, control, and enforcement of policies across network access points. Ensure you can monitor and provide alerts for suspicious traffic, block unauthorized applications and access attempts, and protect sensitive information against unauthorized users.
4. ‍Prepare for Recovery. Breaches, attacks, ransomware, and technical incidents are all inevitable. Sooner or later, you are going to face a situation that has disrupted your operations, the length of time your business goes down will depend largely on how prepared you are for this certainty. Make sure you have solutions in place that can remotely rehydrate your devices, even when the OS and other security and management tools are crashing, compromised, or corrupted.‍
5. Secure Your Endpoints. Deploy solutions that provide unbreakable remote visibility and control over your PC fleets. Make sure you know where every device is located, the networks they are connecting to, what users are doing with them, and have the ability to remotely freeze your devices and delete data.‍
6. Consolidate and Integrate. A single, integrated platform approach can deliver all these capabilities to not only embed resilience into your environment but also to simplify management and reduce overall costs. The platform approach also makes it easier and faster for customers to activate new capabilities as they are developed to address new use cases, which are always emerging in the modern threat landscape.

RSAC 2025

We realize that the survey findings and guidance offered in this blog represent a starting point. If you are attending RSAC, we invite you to join Absolute Security to learn more about the results of this survey and how CISOs and other SRM leaders are advancing Resilience in their businesses.

• Visit our Booth: #3428, Moscone South or book a meeting there with our SMEs in advance
• On Monday, April 28, at the W, starting at 4:30 PM PDT, join us for a fireside chat with Jen Easterly, Former Director of the Cybersecurity and Infrastructure Security Agency (CISA), and a CISO panel discussion, cocktail, food, and networking event
• Can’t make it to RSAC this year? Book a demo and meeting anytime

^[1] The White House, Executive Order: REMOVING BARRIERS TO AMERICAN LEADERSHIP IN ARTIFICIAL INTELLIGENCE

^[2] Gartner, Forecast: Enterprise IT Spending by Vertical Industry Market, Worldwide, 2022-2028, 4Q24 Update

^[3] Gartner, Forecast: Information Security, Worldwide, 2022-2028, 4Q24 Update

^[4] Cybersecurity Ventures: Global Ransomware Damage Costs Predicted To Exceed $275 Billion By 2031

^[5] InformationWeek: CrowdStrike Outage Drained $5.4 Billion From Fortune 500: Report 

^[6] Gartner, Leadership Vision for 2025: Security and Risk Management, Jan. 13, 2025