Join our FREE personalized newsletter for news, trends, and insights that matter to everyone in America

Newsletter
New

Cisos Pressured To Stay Silent About Cyber Attacks Need Evidence-led Governance For Protection

Card image cap

CISOs are facing growing pressure to stay quiet about cyber incidents despite stricter regulatory demands for transparency. That’s one of the findings from Splunk’s 2026 CISO report, which shows that one in five security leaders have been pressured by their organization not to report incidents or compliance issues.

The situation is proving to be so problematic that almost eight in ten (78%) are now concerned about their own liability for security incidents, a sharp spike compared to last year (56%).

What’s more, a similar number (79%) reported that their roles have become more complex, with nearly half (43%) now given new responsibilities in areas such as fraud and financial crime investigations. Almost all (96%) of 650 CISOs questioned as part of the global survey are now also responsible for AI governance and risk management, making them the de facto AI policy leaders at their organizations.

But perhaps most worrying of all is that stand-out figure that one in five (20%) CISOs have even been pressured not to report a security incident or a compliance issue by their organizations.

CISOs concerns about liability amid pressure to stay silent

This tension highlights a growing contradiction in modern cybersecurity: CISOs are being asked to take greater responsibility for cyber resilience and transparency, while in some cases also facing pressure not to disclose incidents.

Further to this, the tension caused by internal pressures and personal responsibility has built up to such an extent that a quarter (26%) of CISOs have considered quitting the cybersecurity industry altogether.

But as concerning as these survey results are, they could soon be about to get worse. If the role of CISO was not already demanding enough, new draft laws could be about to make things even harder.

The Cyber Security and Resilience (Network and Information Systems) Bill, currently making its way through the UK Parliament is set to place even greater pressure on organizations to correctly identify, assess and disclose cyber incidents.

For CISOs, the challenge will be navigating the increasingly fine line between reporting too much and reporting too little. Organizations that fail to disclose significant incidents, or even near misses that could cause disruption, may face fines, yet reporting incidents prematurely before the full picture is clear could mean operational, financial and reputational consequences.

This places CISOs in a difficult position: they are being asked to defend against attacks, while also making high-stakes reporting decisions quickly, often while investigations are still unfolding and facts remain unclear.

This balancing act is likely to become one of the defining challenges of modern cyber governance.

A new era of cyber accountability

A recent blog published by the National Cyber Security Centre (NCSC) warned that cyber threats have become an urgent priority and that business leaders need to act now to help strengthen the UK’s collective cyber resilience.

For many CISOs, making sure they stay on the right side of the law will depend on whether they're able to find the reporting sweet spot.

One approach might be to take a ‘rather be safe than sorry’ approach. But over-reporting events that may even be false alarms can unnecessarily damage market confidence in your organization.

Similarly, underreporting incidents – or worse, brushing them under the carpet as some CISOs are being pressured to do – can dent reputations and risk long-term loss of trust.

Why evidence-led governance matters more than ever

That’s why – in the face of growing regulatory scrutiny and increasing internal pressure – CISOs need more than just better visibility. They need the ability to defend their decisions with evidence.

It goes without saying that they need to identify threats quickly. But they also need to be able to provide proof that incidents were assessed appropriately, escalated correctly, and reported transparently.

That is why evidence-led governance is now critical. Organizations need systems that create clear and robust audit trails showing what happened, when it happened, who was involved in decision-making, and what information was available at the time. That means having the ability to document and evidence that decision-making process from start to finish.

Not only that, when security teams can correlate activity across networks, endpoints, cloud environments, and operational systems in real time, they are in a far stronger position to determine whether an incident crosses the threshold for disclosure.

When you have CISOs admitting that they have effectively been 'leaned on' not to report incidents, you know that something is wrong. And it’s time for CISOs to put measures in place to protect themselves from whatever may be just around the corner.

And that’s only possible with strong governance, clear workflows, transparent audit trails – and the evidence to support that decision-making.

We've featured the best antivirus software.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit