Splunk research reveals that cybersecurity leaders feel their roles are becoming more complex as companies embrace AI and face more sophisticated threats.
As companies implement artificial intelligence into their systems and daily operations, cybersecurity leaders are taking on a broader role. A new report based on a survey of 650 chief information security officers (CISOs) finds that many CISOs are now working on a broader range of tasks. These include managing cyber risks, guiding the use of AI, and helping businesses respond to the steadily increasing number of online threats.
The findings are from “The CISO Report: From Risk to Resilience in the AI Era,” released by Cisco through its Splunk division. This study examines how security leaders are adjusting their operations as AI tools become more prevalent across the enterprise.
“CISOs are operating in a storm, at the center of constant change. Role responsibilities are expanding, threats are evolving, and AI is accelerating everything,” said Michael Fanning, CISO at Cisco Splunk. “This expanded role brings an extraordinary level of pressure and personal responsibility. We’re not just managing technology; we’re managing risk, people, and the digital resilience that drives important business outcomes.”
AI enters security workflows
Many security teams are starting to use AI to help review large amounts of security data. According to the study, 92% of CISOs say AI helps their teams review more security events. Approximately 89% report improved links between different data points when AI tools assist with analysis.
Threat activity remains a top concern. Approximately 95% of respondents say increasing skill of threat actors is the biggest risk they face. In response, many companies are planning to improve their threat detection and response systems. Approximately 78% are also looking to strengthen identity and access controls, and 68% plan to invest in AI tools for cybersecurity operations.
Some organizations are testing agent-based AI systems that can perform tasks with reduced human input. Among CISOs already using these systems, 39% say their reporting speed has more than doubled. Only 18% of those still exploring this technology report similar benefits.
Many respondents believe that these systems expand the amount that data security teams can review. The same percentage, 82%, expect their teams to connect events and speed up the way they respond to threats.
At the same time, many leaders remain cautious about the risks associated with AI. About 86% believe that AI could make social engineering attacks more convincing. Additionally, 82% are concerned that attackers could use AI to build more powerful and complex ways to stay inside their networks.
Roles with greater risk
The report also shows how the CISO’s job has changed in recent years. Nearly four out of five respondents say their jobs have become much more complex.
Personal risks are also increasing. More than three-quarters of CISOs are now concerned about personal liability in the event of a major security breach. Just over half shared that concern last year.
Monitoring by AI is also part of the role. Nearly all respondents say their CISO helps guide AI risk and governance. More than four out of five also oversee secure software development practices.
Even with new tools, many security leaders believe that talent is the key to closing the skills gap. Their plans focus on training current staff, hiring new employees, and bringing in outside contractors as needed.
This approach reflects the view that human judgment remains important for tasks such as threat hunting and incident analysis.
Security teams also rely on support from other senior leaders. Collaborating with other executives can help secure funding, share security data, and guide major projects. Many CISOs say this shared responsibility leads to better results.
Pressure within security teams
The report also points to stress within many security groups. Nearly two-thirds of respondents say their teams are facing moderate to high levels of burnout.
Several factors contribute to that burden. High alert volume tops the list, cited by 98% of CISOs. 94% of cases result in false alarms. Tool fatigue, where teams have too many security systems to manage, affects 79%.
Many organizations are trying to address these issues by consolidating security data into a single view. Security leaders also strive to explain technical risks in simple business terms when speaking with enterprise leaders.
However, there are still hurdles to data sharing. Privacy concerns remain a major barrier, with 91% of respondents citing privacy concerns. Storage costs and limited shared data views also slow progress.
This report suggests that CISOs are now moving closer to the center of business strategy. Their role includes helping companies measure security outcomes, such as reducing incidents and improving detection and response times. These metrics help leaders explain the value of their cybersecurity work to other companies.
