10 strategies for CISOs to make Security Awareness Month 2025 programs impactful, moving beyond compliance to lasting behavior change.

Ross Young has spent two decades at the forefront of cybersecurity, from CIA officer to enterprise CISO. He’s the co-host of CISO Tradecraft, creator of the OWASP Threat and Safeguard Matrix (TaSM), and a recognized leader who has served as CISO in Residence at Team8, CISO of Caterpillar Financial, instructor at Johns Hopkins University, and divisional CISO at Capital One. Ross also brings over a decade of frontline experience from the CIA, NSA, and the Federal Reserve Board.

CISOs are exploring how to use AI to modernize security operations centers from agentic AI for incident response to workflow automation—but they must ensure security without amplifying risk.

Our research shows CISOs are consolidating tools into platforms and leaning on MSSPs, with nearly 70% using platforms and 68% relying on MSSPs.

How security leaders can address encryption risks, legacy systems, and regulatory pressure to better prepare for the Quantum Age.

Security leaders are navigating budget pressures in 2025 as new benchmark data shows investments in security software and services continue despite overall budget constraints.