PwC's 2025 Global Digital Trust Insights Survey Highlights Critical Gaps in Cyber Resilience
The investigation revealed that organizations are more concerned about threats in areas where they feel less prepared, particularly cloud vulnerabilities and third-party risks. As cloud adoption accelerates, companies struggle to take appropriate security measures. Meanwhile, reliance on external suppliers further complicates the cybersecurity landscape, making organizations vulnerable to violations beyond their immediate control. It is alarming that these challenges are compounded by the lack of alignment between cybersecurity teams and broader business strategies. Less than half of senior managers indicated that their Chief Information Security Officers are systematically involved in key processes such as strategic planning, technology deployment and board-level discussions.
One of the most striking results is the disparity in confidence levels among senior managers. The CEOs reported greater confidence in their organizations’ ability to meet regulatory requirements in relation to ISOC, particularly with regard to new regulations on artificial intelligence, resilience and protection of critical infrastructure. This disconnection suggests that cybersecurity concerns are often confused or misunderstood at the executive level. PwC stresses that aligning perspectives among C-suite executives is essential for effective cyber security governance. Organizations should ensure that civil society organizations and other technology leaders play a leading role in developing trade strategies to address vulnerability in a comprehensive manner.
The PwC report also highlights the increasing regulatory pressure from organisations, particularly in the areas of artificial intelligence and critical infrastructure. Governments around the world are imposing stricter compliance requirements to address the growing risks. For example, artificial intelligence systems, which are increasingly part of commercial operations, pose unique security challenges. Organizations must not only protect these systems, but also ensure that complex regulatory frameworks are respected. In addition, critical infrastructure sectors such as energy, finance and health care are being examined more closely, requiring advanced resilience measures to protect themselves from shocks or potential attacks.
The conclusions underline the urgent need for organizations to integrate cybersecurity into all strategic decisions. PwC advocates a multifaceted approach that includes promoting collaboration among senior management, setting priorities for ongoing risk assessment and investing in advanced cyber security technologies. Improved training programmes and awareness-raising campaigns can also help bridge the gap between technical teams and leaders, ensuring a unified approach to risk management. In addition, PwC suggests adopting a “cero trust” architecture and using predictive analysis to proactively identify and mitigate threats before climbing.
The PwC survey paints a sober picture of the cybersecurity landscape around 2025. Despite significant advances in technology and outreach, many organizations are still not ready to address the increasing complexity of cyber attacks. By prioritizing collaboration, integrating cybersecurity into strategic planning, and addressing disparities in leadership opportunities, companies can build resilience and protect their digital assets. As the regulatory environment continues to evolve, proactive action to address future challenges and build confidence in an increasingly interconnected world will be essential.
About The Author
