CISOs Driving Growth Through Cyber Resilience, But AI and Supply Chain Visibility Cause Lingering Gaps

February 12, 2026 – LevelBlue, the world’s largest pure-play provider of managed security services, has released its latest research report, Persona Spotlight: CISO (Chief Information Security Officer), part of the company’s ongoing research into how cybersecurity leaders are navigating an increasingly complex threat landscape while supporting sustainable business growth. The report builds on insights from LevelBlue’s 2025 Futures Report: Cyber Resilience and Business […]

Artificial Intelligence | Cyber Resilience | Supply Chain

Posted: Thursday, Feb 12

KBI.Media
$
CISOs Driving Growth Through Cyber Resilience, But AI and Supply Chain Visibility Cause Lingering Gaps

CISOs Driving Growth Through Cyber Resilience, But AI and Supply Chain Visibility Cause Lingering Gaps

February 12, 2026 – LevelBlue, the world’s largest pure-play provider of managed security services, has released its latest research report, Persona Spotlight: CISO (Chief Information Security Officer), part of the company’s ongoing research into how cybersecurity leaders are navigating an increasingly complex threat landscape while supporting sustainable business growth. The report builds on insights from LevelBlue’s 2025 Futures Report: Cyber Resilience and Business Impact and finds that, while high-profile attacks have put cybersecurity top of mind for businesses, CISOs must become more comfortable with emerging areas of security to defend against new and evolving threats.

Are CISOs Prepared to Defend Against Today’s Cyber Threats?

Nearly two-thirds (60 per cent) of CISOs say they are highly competent in cyber resilience, core security operations, and collaboration with the broader business, underscoring how the role has evolved beyond traditional defense. In fact, 61 per cent report that their adaptive cybersecurity approach lets the business take greater risks in innovation.

However, confidence drops sharply when it comes to AI-driven threats. Only 53 per cent of CISOs say they feel prepared to defend against AI-authorised adversaries, even though 45 per cent expect AI-powered or deepfake attacks to impact their organisations within the next 12 months.

Is Cybersecurity Seen as a Shared Responsibility?

Encouragingly, cybersecurity is no longer seen as an isolated function. More than half (52 per cent) of senior executives are less likely than they were a year ago to treat cybersecurity as a silo, signaling growing recognition of enterprise-wide responsibility.

Still, internal alignment remains a major challenge:

only 45 per cent of CISOs believe business risk appetite is effectively aligned with cybersecurity risk management
just 37 per cent say cybersecurity budgets are embedded into projects from the start
nearly two-thirds (60 per cent) cite governance teams’ lack of understanding of cyber resilience as a key barrier to progress, along with unclear ownership.

How are CISOs Pushing Cybersecurity Deeper Into the Business?

To overcome these challenges, CISOs are pushing cybersecurity deeper into the business and seeing early results. More than half (55 per cent) say cybersecurity is increasingly treated as a shared leadership responsibility, with defined KPIs and metrics. Meanwhile, 57 per cent report effective communication between security teams and the wider organisation.

Even so, only 43 per cent say their organisation has a truly effective cybersecurity culture, underscoring the need for continued investment in education, governance, and accountability.

What Is a Top Blind Spot for CISOs?

Despite heightened regulatory scrutiny and a growing number of supply chain–based attacks, the report reveals a troubling disconnect:

only 31 per cent of CISOs believe their greatest security risk could originate from the software supply chain
just 25 per cent say assigning confidence levels to suppliers is a priority for improving supply chain visibility.

This lack of visibility leaves organisations vulnerable to cascading risks beyond their direct control.

Kory Daniels, Chief Security & Trust Officer, LevelBlue, said, “CISOs are no longer just protecting the business, they are actively letting it. Organisations that invest in cyber resilience are better positioned to scale AI, innovate faster, and pursue new opportunities. But to fully unlock that value, leaders must close critical gaps in AI security readiness, software supply chain visibility, and executive alignment.”

What Can CISOs Improve Cyber Resilience?

Based on the findings, LevelBlue recommends that organisations:

strengthen executive alignment to connect cyber resilience strategy with measurable business value
deepen business–security collaboration to identify integration gaps and accelerate progress
leverage external expertise to build momentum and address specialised challenges
prioritise software supply chain risk by identifying urgent exposures and driving focused improvements.

To download the full report, visit our website. For more information on LevelBlue and its managed security, consulting, and threat intelligence services, please visit www.levelblue.com.

About LevelBlue

LevelBlue reduces risk and builds lasting resilience so organisations can innovate and advance their mission with confidence. As the world’s most analyst-recognised and largest pure-play managed security services provider, LevelBlue elevates client outcomes that matter: stronger defense, faster response, and sustained business continuity. LevelBlue combines AI-powered security operations, advanced threat intelligence, and elite human expertise to provide the most comprehensive portfolio of strategic advisory, managed security, offensive security, and incident response services. Learn more at levelblue.com.