About
Login
Get Started
Portnox Survey

2026 CISO Perspectives Report Data

To access a full analysis of the results, click here.

Key Data Insights

Stay tuned to this page for more data from the CISO Perspectives for 2026 survey over the next couple of weeks.

CISO Perspectives for 2026
92%
of CISOs are implementing passwordless authentication.
Up from 70% in 2024.
CISO Perspectives for 2026
96%
of CISOs believe that MFA can’t keep up with today’s threat landscape.
MFA fatigue and phishing bypasses top the list of concerns.
CISO Perspectives for 2026
52%
of CISOs cite reduced risk of password phishing & reuse as the #1 benefit.
Followed by productivity (41%) and user experience (39%).
CISO Perspectives for 2026
93%
of CISOs report perception of NAC has improved over the past 12 months.
Leading to more investment.
CISO Perspectives for 2026
98%
cite cloud-based NAC as influential in changing their view.
NAC is no longer considered legacy technology.
CISO Perspectives for 2026
97%
of CISOs say NAC is essential to zero trust implementation.
Similar to last year.
CISO Perspectives for 2026
87%
of organizations are ramping up NAC budgets.
Up from 83% in 2024.
CISO Perspectives for 2026
93%
of organizations plan to replace VPN technology by 2027.
67% plan to by end of 2026.
CISO Perspectives for 2026
77%
believe zero trust will require major stack updates.
This perception has grown since 2024 (49%).
CISO Perspectives for 2026
55%
of CISOs still fear job loss after a breach.
Down from 77% last year.
CISO Perspectives for 2026
78%
expect AI to significantly increase security workload despite productivity gains.
CISO Perspectives for 2026
78%
have no formal strategy to manage AI-generated identities.

Survey Data

Questions included in the CISO Perspectives survey (see methodological notes below).

Which of the following describes where your organization currently stands with the implementation of Passwordless Authentication?
14%
We have completed our implementation
27%
We have begun implementing
52%
We are planning to implement
7%
We are open to but have not begun planning
2%
We haven’t considered this
0%
We considered it and are not planning on it
When you hear of a high-profile security breach or hack, how likely do you think it is due to a compromised password or authentication?
13%
Extremely likely
45%
Very likely
41%
Somewhat likely
2%
Not too likely
0%
Not likely at all
What complaints do employees have about your organization's security measures?
50%
It interferes with or slows their work
46%
They use tedious processes
43%
It takes too long to get a resolution to issues
42%
Password changes are too frequent
36%
They’re not adequately trained on how to use them
36%
They are difficult to understand
Which of the following do you consider the top three benefits of using Passwordless Authentication?
52%
Reduced risk of password reuse, phishing, and other exploits
39%
Enhanced security
39%
Improved employee experience
33%
Stronger access control
41%
Improved employee productivity
32%
Lowered IT support costs
29%
Reduction in compliance issues
How concerned are you that security provided by Multi-Factor Authentication does not do enough to protect employees?
11%
Extremely concerned
41%
Very concerned
47%
Somewhat concerned
2%
Not very concerned
0%
Not at all concerned
How strongly do you agree or disagree with this statement: MFA can't keep pace with evolving threats.
27%
Strongly agree
69%
Somewhat agree
4%
Somewhat disagree
1%
Strongly disagree
How strongly do you agree or disagree with the following statement: Network Access Control (NAC) is a critical component of any zero trust framework.
33%
Strongly agree
65%
Somewhat agree
2%
Somewhat disagree
1%
Strongly disagree
How has your overall perception of NAC (Network Access Control) changed over the past 12 months?
19%
Significantly more positive
74%
Somewhat more positive
5%
No change
3%
Somewhat more negative
0%
Significantly more negative
How strongly do you agree or disagree with the following statement: Cloud-based NAC solutions have been the most influential factor in changing my view of NAC.
26%
Strongly agree
72%
Somewhat agree
2%
Somewhat disagree
1%
Strongly disagree
How much do you agree or disagree with the following statement? It is impossible for even the most agile company to keep up to date with every regulation in a rapidly changing landscape.
28%
Strongly agree
67%
Somewhat agree
6%
Somewhat disagree
1%
Strongly disagree
Which of the following, if any, are you not 100% sure your current cyberinsurance would cover? Select all that apply.
43%
Supply chain attacks
41%
Regulatory fines and penalties
36%
Data restoration costs
35%
Intellectual property theft
34%
Insider threats
34%
Incident response costs
32%
Ransomware payments
26%
Phishing attacks
1%
Other
How often does your organization evaluate new solutions to lower cyberinsurance premiums?
7%
All the time
34%
Often
51%
Sometimes
9%
Rarely
1%
Never
Looking ahead, how much new work or how many new tasks do you expect will be created for your IT or security teams as a result of security risks or vulnerabilities related to your organization's use of AI (including AI models or agents)?
19%
A significant amount
59%
A moderate amount
23%
A small amount
0%
None at all
Does your organization currently have a strategy for incorporating AI identities into its zero trust security architecture? AI identities include autonomous AI agents, bots, or machine-based actors that access, process, or transmit data within your organization's systems.
22%
Yes, we have a strategy in place
59%
We are in the process of developing a strategy
19%
We are discussing the need but have not started developing a strategy
1%
No, we do not currently have a strategy for this

Explore the 2026 CISO Perspectives Report

Gain insight into how today’s CISOs are navigating the shifting cybersecurity landscape — from advancing passwordless authentication, NAC and zero trust initiatives, to modernizing legacy remote access and handling AI entities across security operations. This survey reveals how security leaders are prioritizing innovation and resilience in an era of rapid change.

Download the Report
Methodological Notes:

The Portnox Survey was conducted by Wakefield Research (https://www.wakefieldresearch.com) among 200 US CISOs at companies with a minimum annual revenue of $500m with representative quotas set for company size, between August 29th and September 9th, 2024, using an email invitation and an online survey. Results of any sample are subject to sampling variation. The magnitude of the variation is measurable and is affected by the number of interviews and the level of the percentages expressing the results. For the interviews conducted in this particular study, the chances are 95 in 100 that a survey result does not vary, plus or minus, by more than 6.9 percentage points from the result that would be obtained if interviews had been conducted with all persons in the universe represented by the sample.

To view the full data from the survey, including a complete breakdown of respondent demographics, click here.

NEW REPORT: CISOs' Perspectives on Cybersecurity in 2026

Learn More
X