Proofpoint, a cybersecurity and compliance company, has released its fifth annual Voice of the CISO 2025 report, revealing that India’s cybersecurity leaders face the highest global risk levels, with 90% of CISOs anticipating a material cyberattack in the next year—the most among 16 countries surveyed.
The report highlights the growing strain on India’s CISOs amid rising data loss, insider threats, and the rapid adoption of GenAI tools. An alarming 99% of Indian CISOs reported losing sensitive data in the past year—well above the global average of 66%. Nearly all (96%) link at least some of this data loss to departing employees, underscoring that human risk remains a persistent weak link in cybersecurity.
AI-driven tools, while transformative, have added complexity. 64% of Indian CISOs see enabling GenAI use as a strategic priority, even as 74% worry about customer data loss via public GenAI tools and chatbots. Most (74%) organisations in India now restrict or block GenAI usage, though a majority are simultaneously building governance frameworks and exploring AI-powered defences.
“Rising data loss, readiness gaps, and human risk continue to undermine resilience,” said Patrick Joyce, Global Resident CISO at Proofpoint. “As GenAI accelerates both opportunity and threat, CISOs are being asked to do more with less in an increasingly complex threat landscape.”
Bikramdeep Singh, Country Manager at Proofpoint India, added, “Our findings show that Indian CISOs see their organisations as the most at risk globally. The combination of escalating insider threats, data exposure, and AI misuse makes proactive defence and human-centric security essential.”
Other key India findings include:
74% of CISOs admit their organisations are unprepared to respond to a cyberattack.
70% would consider paying a ransom to restore systems or prevent data leaks.
67% cite human error as the top cybersecurity risk.
72% report alignment with boards on cybersecurity priorities, with operational disruption now a top board concern.
68% have faced burnout or excessive pressure in the past year, with many calling for greater support and liability protection.
Ryan Kalember, Chief Strategy Officer at Proofpoint, noted that AI has become “a dual force—empowering defenders while expanding the attack surface. The modern CISO must now balance innovation, ethics, and resilience like never before.”
The Voice of the CISO 2025 report underscores a defining year for India’s cybersecurity landscape—one where CISOs must navigate the twin challenges of AI-driven transformation and escalating human risk to protect the digital future.
