CCI staff share recent surveys, reports and analysis on risk, compliance, governance, infosec and leadership issues. Share details of your survey with us: editor@corporatecomplianceinsights.com.
51% of US boards recruited AI specialists in past year
More than half of business leaders and board members say AI should be driving long-term strategic planning, with 51% reporting their boards having recruited AI specialists in the past 12 months and another 30% planning to do so in the next year, according to a survey from advisory Think & Grow.
The survey of more than 750 directors, non-executive directors, independent advisers, venture capitalists, private equity professionals, founders, CEOs and C-level executives also examined board composition. Almost all (98%) of those surveyed said they believe board composition must evolve as businesses grow. For the first time in 2025, women and non-white men now hold more than half of board seats at the United States’ largest companies, though about 10% of directors across all public companies are from racially and ethnically diverse backgrounds.
Independent directors are becoming younger, with the average age of first-time independent directors dropping to 53 years in 2023, down from 59 years five years earlier. The shift is driven by the need for advisers well-versed in AI and more in tune with ESG-related issues. About half of respondents (51%) indicated that non-executive directors are “very important,” while 48% stated that independent advisers are “very important.”
73% of US CISOs report significant cyber incident in past six months
Nearly three-quarters of US chief information security officers (CISOs) reported a significant cyber incident at their companies in the past six months, yet internal pressures are proving more challenging than external threats, according to a survey from cybersecurity company Nagomi Security.
The survey of 100 US-based CISOs across major industries found that 87% say pressure in their role has increased over the past year. Two-thirds report feeling burned out weekly or daily, and 40% considered leaving their role altogether. Some 44% of CISOs say expectations from boards and executives are now their greatest source of stress, surpassing external threats at 33%.
Other key findings:
- Some 90% of CISOs say their role may be at risk to some degree if a breach were to occur, including 20% who feel extremely at risk and 40% who feel moderately at risk.
- Agentic AI is cited by 59% as their leading near-term threat, with nearly 20% of recent incidents already AI-related.
- While 82% feel confident quantifying risk, 54% lack standardized, business-relevant metrics to report to boards.
AI implementation outranks economic concerns in survey of business risk
Half of US business executives now rank AI implementation as their top business risk, surpassing concerns about economic slowdowns (48%) and supply chain disruption (43%), according to a survey from business services provider Vistra.
The survey of 251 senior decision-makers at US mid-market companies found that among leaders already using third-party AI systems, nearly half (49%) identify data security as their most urgent risk and 55% cite data protection as their biggest compliance concern. Despite these concerns, the vast majority (72%) of respondents report using AI for strategic decision-making, while just 1% say their companies have not yet adopted AI.
Market volatility is accelerating investment decisions, with 66% of respondents reporting this effect and more than one-third describing the pace as “significant.” Technology and digital transformation are the number one investment priority for 84% of respondents. Some 85% identify AI implementation as a primary driver of growth over the next three years.
Other key findings:
- Top AI use cases include cybersecurity threat detection (73%), supply chain risk management (69%) and automated regulatory compliance (67%).
- Nearly half (45%) of executives say they would leave their company if it lags significantly behind in AI adoption, with another 30% saying it would affect their long-term loyalty.
- Regulatory shifts including ESG, financial regulations and new AI rules were the top policy concern for 28% of executives, edging ahead of tariffs and trade policies (27%).
Only 28% of internal audit leaders confident in ability to audit AI risks
Just 28% of internal audit leaders express confidence in their teams’ ability to effectively audit AI risks, while 63% of organizations have not yet defined a formal risk appetite or governance framework for AI use, according to a survey from software company AuditBoard.
The survey of 213 global internal audit leaders found that only 39% say AI will significantly transform the profession within five years, despite the technology’s rapid adoption. Budget and staffing constraints persist, with 43% of respondents reporting no change in their 2025 budgets compared to 2024 and 18% reporting reductions. Staffing levels followed a similar pattern, with 57% maintaining flat full-time headcounts despite expanding mandates.
More than half of respondents aspire to be recognized as trusted advisers, yet fewer than a quarter currently feel their departments are perceived in this way. When asked which human skills technology cannot currently replace, respondents identified professional skepticism and inquisitiveness (65%), relationship-building and communication (60%), ethical judgment (45%) and critical thinking (41%) as the top capabilities.
