The CISO Role Keeps Getting Heavier
Help Net Security, Friday, February 27th, 2026
Personal liability is becoming a routine part of the CISO job. In Splunk's 2026 CISO Report, titled From Risk to Resilience in the AI Era, 78% of CISOs said they are concerned about their own liability for security incidents, up from 56% last year.
The role carries personal exposure alongside operational accountability, and that shift is influencing how security leaders approach risk, documentation, and board communication.
The mandate continues to grow. Nearly all respondents said AI governance and risk management fall under their responsibility. Oversight of generative and other AI systems has joined established duties in detection, response, compliance, and reporting. Many CISOs are responsible for setting internal guardrails around how AI tools are used, what data they can access, and how outputs are reviewed before use in production environments.