The latest CISO Report from Splunk reveals that nearly all CISOs now shoulder the responsibility of AI governance and risk management, reflecting the growing complexity of their roles in a rapidly evolving threat landscape.
Respondents who said the challengevwas moderate or significant Source: 2026 CISO report, Splunk
The report, involed 650 global CISOs, emphasises that 95% of CISOs perceive the escalating sophistication of cyber threat actors as their greatest risk. Enhancing threat detection and response capabilities is a top priority for 92% of respondents, followed closely by strengthening identity and access management at 78% and investing in AI cybersecurity tools at 68%.
This focus aligns with the needs of organisations in Asia, where the rapid adoption of digital services has heightened exposure to cyber threats.
The integration of agentic AI in security operations has shown promise, with 89% of CISOs reporting improved data correlation and 82% believing that AI will increase the number of security events reviewed.
Moreover, those who have adopted agentic AI fully cite a more than double increase in reporting speed compared to those still exploring its capabilities.
However, despite the optimism surrounding AI, concerns about its potential for enhancing social engineering attacks loom large. A significant 86% of CISOs fear that agentic AI could bolster the sophistication of such attacks, posing challenges for maintaining user trust and security.
The report also highlights a shift in responsibilities, indicating that 79% of CISOs feel their roles have become significantly more complex. More than three-quarters express concerns about personal liability for security incidents, underlining the high stakes involved in today’s cyber landscape.
This is particularly relevant in Asia, where cybersecurity regulations are tightening and organisations must prioritise compliance to mitigate risks.
"CISOs know they can’t solve the problem with technology alone; security relies on highly creative, seeker-mindset analysts and threat hunters to keep pace with equally creative attackers." Michael Fanning, CISO at Splunk
The findings suggest that while technology plays a critical role, CISOs continue to prioritise human capital. Upskilling existing staff, hiring new talent, and engaging contractors are key strategies to address the growing skills gap in cybersecurity.
To combat burnout—a major issue affecting two-thirds of security teams—CISOs are looking to consolidate security data and communicate clearly with non-technical leadership. The report underscores the importance of collaboration across the C-suite to enhance resilience and drive value in cybersecurity investments.
Fanning predicts that the days of security being viewed as a cost center are fading as CISOs increasingly reframe their function as a business enabler essential for growth.
"CISOs that expand their influence to shape strategy, manage technology, and oversee governance (particularly when it comes to AI) will squarely establish security as a core driver of business success," he concludes.
