Cyber resilience lagging despite budget increases

The average cost of a data breach across respondents stands at $3.3m.

Nearly 80% of organisations expect to increase their cyber budgets in the coming year, according to PwC's 2025 Global Digital Trust Insights survey. 

The survey, which polled 4,042 business and tech executives from 77 countries, revealed that only 2% of companies have implemented full cyber resilience, despite 66% of tech leaders ranking cyber risk as their top priority for the next 12 months. 

The average cost of a data breach across respondents stands at $3.3m.

As digital platforms expand, 67% of respondents note that generative AI (GenAI) has widened its attack surface over the past year. 

The top cyber threats — cloud-related risks (42%), hack-and-leak operations (38%), third-party breaches (35%), and attacks on connected products (33%) — are the areas where security teams feel least prepared.

Sean Joyce, PwC’s Global Cyber & Privacy leader, emphasised the need for accountability at all levels of the organisation to strengthen cyber resilience, urging companies to adopt new technologies and foundational cybersecurity principles.

Despite these concerns, organisations are increasing investment in both GenAI and cybersecurity. 

Over the past year, 78% have boosted GenAI investments, whilst 72% have enhanced risk management in AI governance. Challenges remain, however, particularly with existing systems (39%) and a lack of standardised policies (37%).

Looking ahead, 77% of organisations expect to raise their cyber budgets, with business leaders prioritising data protection (48%) and tech leaders focusing on cloud security (34%). 

Nearly 30% of companies anticipate budget increases between 6% and 10%, whilst 20% expect increases of over 11%. 

Customer trust (57%) and brand integrity (49%) are key drivers of cybersecurity investment, with 96% of organisations citing increased regulations as another factor boosting spending.