About 87% of cybersecurity leaders fear personal liability risks

Nearly four out of five say CISO roles are growing more complex.

About 87% of Singaporean Chief Information Security Officers (CISOs) report concern regarding personal liability during cyber incidents, according to data from Splunk’s 2026 CISO Report.

The report also found that 85.7% of Singapore-based respondents said their roles have increased in complexity and difficulty since appointment.

The Cyber Security Agency of Singapore and local regulators continue to state that cybersecurity constitutes a senior leadership responsibility rather than solely an IT issue.

This shift comes as CISOs absorb duties involving artificial intelligence (AI) governance, third-party risk, and DevSecOps, whilst facing scrutiny, fear of liability, and the burden of managing legacy systems and supply chains, Splunk said.

The report, which surveyed 650 CISOs globally, shows that 95% of respondents identify the sophistication of threat actor capabilities as the primary risk to organisations.

Prominent security breaches, such as the UN3886 telco sector espionage campaign, involve persistent threats designed to evade detection.

AI adoption serves as a primary strategy for threat detection, with 92% of CISOs stating that AI enables teams to review more security events and 89% reporting improved data correlation.

Amongst CISOs using agentic AI, 39% reported detection speeds more than double those of organisations still exploring the technology.

However, 86% of CISOs fear agentic AI will increase the sophistication of social engineering attacks, whilst 82% believe it will accelerate the speed and complexity of persistence mechanisms.

Global concern regarding personal liability rose to over 75% of CISOs, up from 50% the previous year. This pressure coincides with workforce challenges, as two-thirds of security teams experience burnout due to high alert volumes, false positives, and tool fatigue.

CISOs are prioritising human capital to address skills gaps, including upskilling existing staff, hiring full-time employees, and engaging contractors.

The data indicates a need for shared accountability and visibility across digital estates, as organisations reporting joint ownership of security initiatives cite higher value from budgets and improved data access.

Unified visibility across on-premise and cloud environments enables CISOs to base decisions on evidence and resilience metrics, the report added.

Metrics such as incident reduction, Mean Time to Detect, and Mean Time to Respond are the primary tools used to communicate outcomes to leadership.

Cross-departmental data sharing remains constrained by privacy concerns, storage costs, and the absence of shared data views.