Portnox survey reveals CISO’s views on job security, Zero Trust, MFA, and more

Oct. 8, 2024
The survey of hundreds of CISOs at large enterprises paints a picture of a cybersecurity world under siege heading into 2025.

Portnox, a provider of cloud-native, Zero Trust access control solutions, today unveiled the results of its latest survey, “CISO Perspectives for 2025,” revealing critical insights into the challenges faced by Chief Information Security Officers (CISOs) at large enterprises.

The survey, which polled 200 CISOs from companies with annual revenues exceeding $500 million, highlights growing concerns around the effectiveness of Zero Trust, the limitations of Multi-Factor Authentication (MFA), and the looming threat to job security amidst an increasingly complex cybersecurity landscape.

The results present a stark picture of a cybersecurity world under siege, where security leaders must constantly balance ironclad defenses with user-friendly experiences while navigating regulatory demands and soaring cyber insurance premiums. 

Key Survey Findings:

Job Security on the Line. Nearly all CISOs (99%) are worried about losing their positions if a breach occurs, with a striking 77% of CISOs being very or extremely concerned. This underscores the immense pressure they face in protecting their organizations. 

MFA Under Fire. While MFA has become a cornerstone of many organizations' security strategies, 85% of CISOs expressed concerns that it’s not keeping up with increasingly sophisticated attacks. Common issues include password fatigue, insider threats, and phishing exploits. 

Passwordless Gaining Steam. Passwordless authentication represents the agreed upon method for stronger security, but only 7% of organizations have fully implemented it, citing cost, complexity, and employee resistance as key barriers.

NAC Investment is Growing. CISOs unanimously agree that Network Access Control (NAC) is a critical component of any Zero Trust framework they put in place. Reliance on NAC is growing, as more than 4 in 5 are increasing their investment in the next year.

Zero Trust Skepticism. Every CISO surveyed (100%) agreed that Zero Trust Network Access (ZTNA) has not fully lived up to its promise, with many organizations still in the early stages of adoption.

Compliance Challenges. As regulations like NIS2 loom, 90% of CISOs feel overwhelmed by constantly shifting compliance demands, making it difficult to ensure they’re always up to date.

Cyber Insurance Gaps. With 58% of CISOs unsure whether their cyber insurance policies adequately cover critical threats such as supply chain attacks, many organizations are left exposed to potentially devastating risks.

Breaches Remain a Top Concern. Despite the challenges, 86% of CISOs are laser-focused on preventing breaches. However, many concede that their current defenses may not be enough to withstand today’s advanced threats. 

“CISOs today are under immense pressure to do more with less, while the stakes have never been higher,” said Denny LeCompte, CEO of Portnox. “The survey results underscore a clear reality: security leaders need tools that not only protect their organizations but also provide peace of mind in an increasingly hostile environment.

To view the full data from the survey, including a complete breakdown of respondent demographics please visit: www.portnox.com/2025-ciso-perspectives-report-data/

Methodology

The Portnox Survey was conducted by Wakefield Research (www.wakefieldresearch.com) among 200 US CISOs at companies with a minimum annual revenue of $500m with representative quotas set for company size, between August 29th and September 9th, 2024, using an email invitation and an online survey.

Results of any sample are subject to sampling variation. The magnitude of the variation is measurable and is affected by the number of interviews and the level of the percentages expressing the results. For the interviews conducted in this particular study, the chances are 95 in 100 that a survey result does not vary, plus or minus, by more than 6.9 percentage points from the result that would be obtained if interviews had been conducted with all persons in the universe represented by the sample.