Core Insights - The 2025 CISO Benchmark Report by RH-ISAC emphasizes the retail and hospitality sectors' increasing focus on proactive cybersecurity strategies [1][2] Industry Trends - Ransomware, third-party supply chain attacks, and phishing are identified as the top three threats facing the retail and hospitality sectors [2] - Business continuity and disaster recovery have become the top cybersecurity initiatives for 2025, indicating a shift towards proactive risk management [3] - Smaller organizations are improving their cyber maturity, narrowing the gap with larger companies [3] Financial Insights - Cybersecurity budgets are consistently increasing year-over-year, reflecting a growing commitment to security [3] - There is a reported 25% improvement in average NIST CSF maturity scores from 2024 to 2025, indicating stronger processes [5] - A 12% rise in CISOs reporting directly to senior business leadership suggests that cybersecurity is increasingly recognized as a critical business factor [5] - An 11% increase in spending on third-party security services has been noted, with penetration testing and security operations centers being the most commonly outsourced services [5] Staffing and Collaboration - Nearly 40% of organizations plan to expand their full-time cybersecurity staff, indicating growth in security staffing [5] - There is a growing emphasis on collaboration, collective intelligence, and early warning systems to enhance attack detection and prevention [5]