Cyber security resilience at a global tipping point

Who we areNews & publicationsLatest news

Cyber security resilience at tipping point

28 October 2025
Forvis Mazars Group, the international leader in audit and assurance, tax, and advisory services, today releases its latest study on cyber security as preparedness falters amid surging threats.
  • Two thirds (64%) of leaders believe their organisation’s data is completely protected.
  • Less than half of C-suite executives (46%) feel completely prepared for EU cyber legislation such as NIS2 and DORA.
  • Yet only 28% of leaders include ensuring compliance with data protection laws in their top two priorities.
  • The top two business priorities for data management and governance are introducing or improving systems and processes to ensure data quality (34%), and developing an overall data strategy for the business (32%).
  • Only one in five executives report spending more than 20% of their IT budget on cyber security.

Read the full report

Timing of the release of this annual study is significant for businesses, especially for those looking to expand, as increasing threats start to impact even the largest organisations and leave them more exposed. This latest report from Forvis Mazars outlines the best ways businesses can stay resilient in the face of disruption and as they adapt to new legislation and prioritise transformation plans.

At the start of the year, the number of C-suite leaders who said they believe their organisation’s data is completely protected actually grew two points (from 62% in 2024 to 64%) – a stat the firm expects to reduce in the coming year following a stream of new security threats reported in the media with lengthy and costly clean ups by some of the world’s best known brands.

Findings also now reveal that less than half of C-suite executives (46%) worldwide feel completely prepared for EU legislation in relation to cyber security. Yet only 28% of leaders included ensuring compliance with data protection laws in their top two business priorities for data management and governance in 2025.

Instead, leaders are focusing on the introduction or improvement of systems and processes to ensure data quality, and developing an overall data strategy for the business as their top two data management and governance priorities – 34% and 32% respectively.

Jan Matto, Partner and Group Head of Cyber Security at Forvis Mazars, comments: “To prevent cyber-attacks, we encourage C-suite leaders to adopt a risk-based approach that prioritises critical assets, integrates third-party risk management and turns compliance into a competitive advantage as cyber maturity becomes a key factor in tenders, partnerships and trust. Embedding security into every initiative, training employees beyond specific tools and measuring resilience in business terms past technical metrics are critical to maintaining secure systems.”

With only one in five executives reporting to spend more than 20% of their IT budget on cyber security, there is a reasonable question on whether this is now enough and the expectation that this could increase in 2026 as investments in emerging technologies grow.

Matto continues: “Successful and seamless integration of AI is essential in today’s climate as leaders aim to cut through the competition with their expansion plans and the digital transformation of their businesses. Executives investing here need to consider the risks in terms of cyber security that can be equally detrimental, and include protection measures alongside the integration of new technologies and improvements to existing systems or infrastructure. This will set clearer governance frameworks and balance innovation with security to counter threats.”

The study also examines the somewhat less reported risks from quantum computing, its impact on security and how organisations can prepare by building cryptographic inventories, prioritising critical data, assessing supply chain readiness and planning for migration to quantum-safe encryption.

– ENDS –

About the study     

Findings for the cyber security study are captured from the insights and data of over 1,700 C-suite leaders around the world as part of our latest C-suite barometer: outlook 2025. Examining the views, challenges and strategic priorities of executives, this independent research was conducted in Q4 of 2024 with C-suite leaders at for-profit organisations with annual revenues of over $1 million across more than 35 countries. 

Press contacts

Heather McMaster, Group Head of PR and Content  
Heather.McMaster@mazars.co.uk / +44 (0) 20 7063 4165  

Rosa Mejia Banks, Group PR and Content Officer  
Rosa.Mejia-Banks@mazars.co.uk / +44 (0) 20 7063 4934  

Key contact