CCI staff share recent surveys, reports and analysis on risk, compliance, governance, infosec and leadership issues. Share details of your survey with us: editor@corporatecomplianceinsights.com.
C-suite cybersecurity disconnect puts business value at risk
A significant gap in cybersecurity perception between chief information security officers and other C-suite executives is leaving organizations vulnerable to threats, according to new research from EY. The survey of 800 US C-level executives found 84% of organizations experienced a cybersecurity incident in the past three years, with affected Russell 3000 companies typically seeing a 1.5% stock price decrease over the following 90 days.
Two-thirds of chief information security officers (CISOs) worry that cybersecurity threats are more advanced than their defenses, significantly more than their C-suite counterparts (56%). This perception gap extends to the source of threats, with CISOs more likely to attribute incidents to cybercriminals (57% vs. 47% of other executives) and inside threats (47% vs. 31%).
The research also reveals disagreement about what’s working in cybersecurity, with CISOs more likely to attribute decreased incidents to AI investments (75% vs. 68%), while other executives favor employee training (77% vs. 69% of CISOs).
Other key findings:
- 68% of CISOs express concern about senior leaders underestimating cybersecurity dangers, compared to 57% of other executives.
- While 21% of organizations currently invest more than 10% of their IT budget in cybersecurity, this figure is expected to nearly double to 38% next year.
- Despite increased investments, the fundamental disconnect in threat perception remains a significant vulnerability.
“Companies need to move beyond a ‘check the box’ mentality and recognize cybersecurity as a strategic investment, not simply a cost center,” said Jim Guinn II, EY Americas cybersecurity leader.
The study was conducted in December 2024 and January 2025 across 10 industry sectors, including health, technology, government, financial services and retail.
Corporate America’s use of renewables lags behind global leaders
US companies are making progress in renewable energy adoption but still have significant ground to cover, with renewable sources accounting for just 29% of their energy consumption, according to new data from Clarity AI. The analysis of MSCI ACWI companies shows American businesses moving in the right direction but trailing countries like Spain (60%) and Brazil (51%).
The US energy landscape remains heavily dependent on fossil fuels, with electricity representing just over 20% of the nation’s energy mix while oil products still account for 47% of total energy consumption. This imbalance presents particular challenges for America’s industrial sector, which faces structural barriers to rapid decarbonization.
American financial services and IT companies are leading the domestic transition, following global patterns where these highly electrifiable sectors have nearly doubled their renewable energy use since 2020. However, the US heavy industry, manufacturing and real estate sectors continue to struggle with the technical challenges of electrifying fuel-based processes.
“These industries are structurally more challenging to decarbonize, yet are critical for achieving net-zero emissions by 2050,” said Andrés Olivares, senior manager of product research and innovation at Clarity AI, which provides sustainability data and insights to investors and corporations.
The analysis examined renewable energy consumption data from 2020 to 2024, with a focus on companies included in the MSCI ACWI index.
