E65 - 110 CISOs Told Us What Keeps Them Up at Night

By FIR Risk Advisory | Cybersecurity Fraud Intelligence

Weekly Risk Intelligence Brief  

Source: Team8 — 2025 CISO Village Survey (110 CISOs surveyed)

The 30-Second Brief  

Team8 surveyed 110 CISOs for their annual priorities report. The headline: AI has taken over the security agenda. The #1 pain point is no longer ransomware or cloud misconfiguration — it’s securing AI agents (39%). Two of the top three priorities are AI-related. And 67% of enterprises are deploying agentic AI in 2025.

Meanwhile, budgets are tightening — only 52% saw increases (down from 70% in 2024). CISOs are being asked to do more with less, in a threat landscape that’s accelerating faster than their resources.

The CISO Priority Stack  

Top 9 Pain Points (Ranked by 110 CISOs)  

1. Securing AI Agents — 39%
2. Governing AI Usage — 36%
3. Data Leakage Prevention — 33%
4. AI-Augmented SOC Automation — 28%
5. Infrastructure Vulnerability Management — 24%
6. Third-Party Risk Management — 23%
7. Secure Products by Design — 21%
8. Human Risk Management — 21%
9. Securing AI-Generated Code — 20%

Five of the top nine priorities are directly AI-related. This isn’t a trend. It’s a structural shift in what CISOs are being asked to defend.

INTEL [TREND]: AI dominates the 2025 CISO priority stack — 5 of the top 9 pain points are AI-related. Securing AI agents (39%) and governing AI usage (36%) are now the top two concerns, surpassing traditional threats. Security teams that haven’t built AI governance capabilities are already behind.

The Budget Squeeze  

• 52% of CISOs reported budget increases — down from 70% in 2024
• 60% prefer best-of-breed specialized tools over monolithic platforms
• Agility is beating consolidation as the preferred procurement strategy

INTEL [TREND]: Security budgets are tightening (52% increase vs. 70% last year) while the threat surface expands. CISOs are responding by favoring specialized, agile tools (60%) over platform consolidation. This signals a shift away from single-vendor strategies toward best-of-breed approaches optimized for specific threat vectors.

Three AI Defense Fronts  

1. AI Agents — The New Attack Surface

67% of enterprises are deploying agentic AI in 2025. These autonomous tools introduce risks CISOs haven’t faced before: misalignment, lateral movement, privilege escalation, and actions taken without human approval. Securing AI agents isn’t an add-on to existing security — it requires new frameworks.

INTEL [VULNERABILITY]: 67% of enterprises are deploying agentic AI in 2025, but AI agent security is the #1 CISO pain point (39%). Agentic AI introduces novel risks — autonomous lateral movement, privilege escalation, and misalignment. Organizations deploying AI agents need dedicated security frameworks, not retrofitted endpoint controls.

2. Shadow AI — The Innovation-Control Gap

43% of CISOs block all external AI tools. 30% allow usage with monitoring. The gap between those two approaches is where shadow AI lives — and it’s expanding. Employees are using AI tools whether security approves or not.

INTEL [SECTOR ALERT]: 43% of CISOs block external AI tools entirely while 30% allow monitored usage. The remaining organizations have limited visibility. Shadow AI environments are expanding as the innovation-control gap widens. Visibility-first approaches outperform control-only strategies.

3. AI for Defense — SOC Transformation

77% of CISOs expect AI to replace SOC tasks by end of 2025. AI-augmented security operations are moving from pilot to production — SOC automation, vendor risk management, access provisioning, and pentesting.

INTEL [GLOBAL RECOMMENDATION]: 77% of CISOs expect AI to replace SOC tasks in 2025. AI-augmented security operations are transitioning from experimental to operational. If your SOC isn’t evaluating AI-driven triage, vendor risk scoring, and automated access reviews, you’re falling behind the 110 CISOs in this survey.

The Human Factor  

68% of breaches are caused by humans. AI-driven behavioral telemetry and risk coaching are emerging as the response — not just awareness training, but continuous behavioral monitoring that identifies risky patterns before they become incidents.

What Leaders Should Do Now  

1. Build an AI governance framework — Governing AI usage (36%) and securing AI agents (39%) are the top two CISO priorities. If you don’t have an AI governance function, create one.

2. Audit agentic AI deployments — 67% are deploying in 2025. Map every AI agent, its permissions, data access, and autonomous action boundaries.

3. Modernize DLP for AI — Data leakage prevention (33%) in an AI world means monitoring what data flows into AI tools, not just out of your network.

4. Favor agility over consolidation — 60% prefer specialized tools. Evaluate best-of-breed solutions for AI-specific threat vectors rather than waiting for platform vendors to catch up.

5. Invest in visibility, not just control — Blocking AI tools (43%) creates shadow AI. Monitoring with guardrails (30%) produces better outcomes than prohibition.

The Bottom Line  

The 2025 CISO agenda has been rewritten by AI. Five of the top nine priorities didn’t exist three years ago. Budgets are shrinking. Threats are accelerating. And 67% of enterprises are deploying autonomous AI agents that their security teams aren’t fully equipped to govern.

The CISOs who thrive in this environment won’t be the ones who block AI. They’ll be the ones who govern it — with frameworks, visibility, and agility that match the pace of adoption.

Find all editions on FIR Risk Tuesday | GitHub