CISOs, in recent years, have seen their jobs evolve from technical roles to leadership positions driven by the rising importance of cybersecurity and the accelerating complexities and sophistication of cyberattacks.
According to an IBM's
blog post, “the role has moved from primarily being a technical role to more of a business leader. Instead of implementing cybersecurity, CISOs now focus on helping the organization’s leaders understand the importance of cybersecurity and lead the strategic thought for the organization’s cyber strategy.”
Their pay also is rising. A 2025 IANS Research report reveals that a few CISOs of larger companies were earning
more than $1 million year.
In a report this week, researchers with cybersecurity platform vendor Trellix highlighted that CISOs are “expected to manage risk and resilience, board-level communication, cross-functional alignment, and long-term planning in an environment of relentless change.”
They face an increasingly challenging cyberthreat landscape, with threat groups using AI in their attacks and collaborating more, at times blurring the lines between financially motivated bad actors and nation-state organizations, the Trellix researchers wrote in the latest edition in the San Jose, California-based vendor’s
Mind of the CISO reports.
However, even as their status rises and the threats they face grow, CISOs continue to face hurdles when trying to act on threat intelligence, they wrote. Of the 500 global CISOs interviewed for the report, 98% said they face such barriers, creating challenges in keeping up with evolving threats (according to 45% of them), integration issues (39%), and regulatory constraints (38%).
Threat Intelligence Barriers
“When applied strategically, threat intelligence can empower CISOs to make faster, better-informed decisions, anticipate risk before it materializes, and build resilience into the core of their operations,” the researchers wrote. “However, the reality for many is still far from this ideal. Threat intelligence often remains siloed, underused, or reactive, and disconnected from broader strategic planning.”
According to the report, the evolving threat landscape includes ransomware, the rising use of AI in attacks, and nation-state threats, with 85% of CISOs saying their companies’ cybersecurity budgets are influenced by the volume of nation-state threats. In addition, 87% said their cybersecurity strategies are influenced by geopolitical tensions like nation-state threats.
The blurring line among threat actors found by Trellix echoes what Google’s Mandiant group
wrote in a report in February, which noted that U.S. foreign adversaries – particularly China, Russia, North Korea, and Iran – turning to tools used financially motivated criminal actors for threat groups they support.
“The vast cybercriminal ecosystem has acted as an accelerant for state-sponsored hacking, providing malware, vulnerabilities, and in some cases full-spectrum operations to states,” Google wrote.
Rising Cyberthreats
The pressure is now on CISOs, with Trellix researchers noting that global threat detection of advanced persistent threat (APT) jumping 45% at the beginning of the year. CISOs need to stay ahead of these “adversaries who are becoming more organized, well-resourced, and faster, partially due to the growing use of AI,” John Fokker, head of threat intelligence at Trellix, said in a statement.
About 89% of CISOs said they’re frequently asked about these threats by their CEO or their board.
Threat intelligence is key to protecting organizations from such threats, the researchers wrote, though it’s less about the amount of intelligence and more about how it’s used. Strategies need to be more proactive and less reactive. About 94% of CISOs said threat intelligence is crucial for identifying and mitigating emerging threats, but most said their companies’ approaches to collecting, analyzing, and monitoring the intelligence needs to improve.
AI, Automation, and Collaboration
AI and automation can help cybersecurity professionals keep pace with adversaries, with one-third of CISO’s pointing to AI-driven analytics, and 37% pointing to increased automation as tools that would help them be more effective.
In addition, 95% said that being part of a community or network security pros sharing threat intelligence would improve their ability to prepare for threats, and 89% saying a CISO community that share insights and experiences would help them make high-level decisions.
“CISOs are being asked to do more, with greater urgency, and under increasingly complex conditions,” the researchers wrote. “The role is no longer just technical – it’s strategic. Yet many of today’s most pressing challenges can’t be solved by tools alone. They require shared experience, honest discussion, and the kind of practical insight that only comes from peers who’ve faced the same pressures – this is where threat intelligence and CISO communities come in.”
MSSPs Can Help
MSSPs can add to this, according to Brian Brown, head of CISO engagement at Trellix. CISOs face a range of challenges when acting on threat intelligence, including integration issues, and budget constraints, a shortage of skilled staff, and the changing threat landscape.
“MSSPs and MSPs have an opportunity to help CISOs overcome these specific challenges with their offerings and services by indicating how they augment resource gaps both in skills and budget areas, leverage a larger collective intelligence perspective for activities such as threat hunting and proactive protection to help address the evolving threat landscape, and provide assistance around TI integration to see better utilization," Brown told MSSP Alert.
