Splunk’s 2026 CISO Report reveals rising accountability, AI-driven resilience, and the expanding strategic role of security leaders
The release of The CISO Report: From Risk to Resilience in the AI Era by Cisco and Splunk signals a defining moment for global cybersecurity leadership. Based on insights from 650 Chief Information Security Officers worldwide, the report captures a profession undergoing rapid transformation — driven by AI acceleration, rising threat sophistication, and mounting regulatory pressure.
CISOs today are no longer confined to managing security incidents. Nearly all respondents report expanded responsibilities spanning AI governance and enterprise-wide risk management, while more than four in five now oversee secure software development practices. The mandate has broadened — and so have the stakes.
AI has emerged as both a powerful enabler and a formidable threat multiplier. While 92% of CISOs say AI allows their teams to review more security events and 89% report improved data correlation, concerns remain high. Eighty-six percent fear agentic AI will increase the sophistication of social engineering attacks, and 82% anticipate greater deployment complexity in persistence mechanisms. The message is clear: AI is essential for resilience, but governance must evolve in tandem.
Beyond technology, the human factor remains paramount. Security leaders are prioritising upskilling, talent retention, and cross-functional accountability to combat burnout and close capability gaps. High alert volumes, false positive,s and tool fatigue continue to strain teams, reinforcing the need for unified platforms and clearer data visibility.
Regional markets such as the UAE offer a compelling lens on digital transformation. Strong governance frameworks, sovereign data mandates and ambitious AI investment are reshaping the cybersecurity agenda across sectors.
The following interview excerpts feature insights from Ahmed El Saadi, Vice President – Middle East, Africa, Turkey, Romania & CIS at Splunk, who shares perspectives on the UAE’s digital evolution, the expanding CISO mandate, AI’s growing influence on security strategy and practical guidance for building resilient, cost-efficient data infrastructure.
Interview Excerpts
How do you assess the UAE’s progress in positioning itself as a Digital First nation?
The UAE represents a blueprint for strong cybersecurity hygiene. Policy-making, governance frameworks and public-private partnerships are all aligned to support secure digital transformation. Digital investment in the UAE is expected to reach nearly $20 billion over the next three years across IT, telecoms, and IoT. AI spending alone is forecast to reach $1.9 billion by 2026. Such ambitious adoption requires cybersecurity to be embedded from the outset — across frameworks, governance, technolog,y and talent. AI expansion further reinforces cybersecurity’s importance. As digital adoption grows, security must scale in parallel to maintain resilience and trust.
What is the most significant shift highlighted in this year’s Splunk CISO Report 2026?
The most significant shift identified in the report is the rapid expansion of the CISO’s role. Based on insights from more than 650 CISOs globally, 96% state that their responsibilities now extend far beyond traditional cybersecurity oversight to include AI governance and enterprise-wide risk management. Security leaders are increasingly embedded in strategic business decision-making, as AI adoption for revenue growth, productivity optimisation, and faster go-to-market initiatives requires robust governance frameworks. CISOs are now central to shaping those frameworks. Their remit has also expanded into DevSecOps, ensuring that security is embedded into application development from the earliest stages rather than being addressed retrospectively.
With the rise of agentic AI, does the market have enough skills to support this shift?
AI is expected to augment human expertise rather than replace it, with approximately 60% augmentation anticipated through AI-enabled capabilities. Technologies such as large language models allow professionals to interact with systems using natural language, reducing reliance on deep coding specialisation. However, the rapid pace of AI-driven innovation and the growing volume of use cases mean continuous upskilling and reskilling will be essential. Demand for talent is likely to outpace supply for some time. Vendors, including Splunk, carry a responsibility to support this transition through enablement programmes, structured adoption tracks and sustained workforce development initiatives.
Why is AI becoming central to cybersecurity strategy?
Threat sophistication is increasing at an unprecedented pace, with 95% of CISOs reporting more advanced cyber threats. At the same time, 92% believe AI enables their teams to review more security events, while 60% say it improves and augments cybersecurity operations. Attackers are leveraging AI techniques to accelerate and refine their methods, compelling defenders to adopt AI-driven capabilities in response. AI allows security teams to correlate data more effectively, prioritise high-risk incidents and reduce detection and response times.
“The shift moves cybersecurity from a volume-based model to a quality-driven strategy, delivering deeper insights and more precise threat mitigation.”
Are CISOs facing increased pressure due to this expanded role?
The role has become significantly more demanding, bringing greater personal liability and regulatory accountability. CISOs are now responsible not only for cybersecurity posture but also for AI governance and broader risk oversight, adding to operational complexity. Burnout remains a pressing issue, with 98% citing high alert volumes as a primary stressor, 94% pointing to false positives and many highlighting tool fatigue from managing multiple disconnected systems. While AI can help reduce noise and streamline workflows, it does not eliminate the accountability and personal risk associated with the role. The CISO position has evolved into one of the most strategically important and high-pressure roles within the organisation.
Is upskilling becoming a priority for CISOs?
Upskilling has become a strategic imperative. Focus areas include AI governance frameworks, advanced risk mitigation strategies, AI-enabled security operations and embedding governance directly into operational processes. Continuous education is critical to remain effective in a rapidly evolving threat environment, and organisations are increasingly investing in both structured training and practical capability development to ensure their security leaders and teams remain ahead of emerging risks.
What advice would you give organisations seeking a strong data infrastructure with controlled investment?
Organisations should prioritise breaking down operational silos, as multiple departments often rely on separate tools and fragmented datasets, slowing detection and response. A unified data platform can reduce duplication, streamline workflows, and improve overall efficiency. Centralising data visibility is equally important, since resilience begins with a comprehensive view of security, IT operations, and DevOps environments within a single ecosystem. Finally, a cross-functional partnership is essential. Modern CISOs must operate as business collaborators rather than purely policy enforcers, fostering open communication across the C-suite to support AI governance, risk management and shared accountability. Unified platforms combined with collaborative governance models help reduce complexity, accelerate response times and deliver sustainable operational value.
