Site Search Site Search

Menu

Menu

Menu

Menu

Menu

Menu

Featured

Tax & Legal Alerts

Exploring reconstruction investment opportunities in Ukraine

Menu

Menu

Menu

Loading Results

2025 Global Digital Trust Insights Survey

Building cybersecurity through C-suite collaboration: insights for Transportation & Logistics

2025 Global Digital Trust Insights Survey: insights for Retail
  • Industry
  • March 11, 2025
only 2%

have implemented cyber resilience actions across their organisation in all areas surveyed

< 50%

of CISOs are involved to a large extent in key business activities

13%

point gap in confidence between CISOs/CSOs and CEOs in their AI and resilience compliance

The necessity for stronger digital resilience and cybersecurity is growing against a rapidly-changing European threat landscape. As technology becomes more complex with the artificial intelligence (AI) boom at the forefront, businesses are prioritising strengthening cybersecurity and modernising to be better prepared to face threats. Chief Information Security Officers (CISOs) are also getting more involved in strategic planning.

PwC's report "2025 Global Digital Trust Insights" highlights crucial gaps that companies should address to attain cyber resilience.

2025 Global Digital Trust Insights Survey Insights for Transportation and Logistics

Key findings from the transportation and logistics include:

  • Risk Mitigation Priorities: In 2025, organizations in this sector are focusing on mitigating cyber risks (56%), digital and technology risks (51%), and inflation (49%).

  • Key Concerns: The primary concerns for these organizations include attacks on connected products (44%), hack-and-leak operations (41%), and cloud-related threats (39%).

  • Preparation Gaps: Many organizations feel least prepared to tackle cloud-related threats (35%), social engineering threats like deepfakes and disinformation (34%), software supply chain compromises (31%), and data breaches (31%).

  • Investment Focus: Priority investment areas include data protection and trust (58%), technology modernization, including cyber infrastructure (42%), and ongoing security training (33%).

  • Generative AI Utilization: Companies in this sector are increasingly exploring generative AI (GenAI) for threat detection and response (48%), enhancing Security Operations Centres (SOCs) (43%), and malware and phishing detection (33%).

  • GenAI Challenges: Key challenges involve the misuse of GenAI by employees (43%) and the lack of standardized internal policies and training resources (both at 40%).

  • Cyber and Privacy Strategies: In 2025, organizations aim to improve customer and employee experiences (34%), accelerate incident response times, and build leadership confidence in managing threats (both at 33%).

  • Challenges in Risk Quantification: Quantifying the financial impact of cyber risk poses difficulties for 49% of respondents, mainly due to legal or regulatory concerns that could lead to legal exposure. Data issues, including poor quality and inconsistency, affect another 49%, while 46% report uncertainty about the scope of risk quantification outputs. 

  • Leadership Engagement: CEOs are typically engaged in cyber and privacy issues after significant industry breaches (39%), when contacted by regulators for incident reporting or enforcement actions (38%) or following a major breach in their own organizations (37%).

CEE findings from the 2025 Global Digital Trust Insights Survey

Boardroom priority and cyber budgets up

Businesses are planning to increase their cyber budgets next year—in EMEA (73%) and globally (77%). We see a similar, growing trend in CEE—65% of companies in our region also plan to increase their cyber budgets. 

There is also a clear cybersecurity imperative. More organisations see cyber as a means to generate competitive advantage. Cybersecurity resilience must be a key priority, not just for tech leaders, but for the business as a whole. Prioritising cybersecurity is essential if businesses are to:

  • Safeguard their data and systems

  • Retain trust with their consumers and stakeholders

  • Mitigate the financial, operational and reputational costs of unpreparedness.

However, there is a disconnect between CISOs and CEOs about their organisations’ readiness, including its ability to comply with cyber regulations, the need for faster incident response times and progress in implementing technology for cyber defence. Less than half of CISOs in CEE are involved to a large extent in strategic planning on cyber investments and in oversight of tech deployments. 

“For many years, cybersecurity was often perceived as more of a governance and cost function. However, it is now transforming into a clear business value-add function for the customer. Our clients, particularly in financial services, are demanding stability, operational continuity and robust data protection. This shift elevates cybersecurity to a critical board-level discussion. ”

Marek Chlebicki, PwC Partner and CEE Technology Risk Assurance Leader

Cybersecurity is top-of-mind—yet only 2% of businesses have implemented firm-wide cyber resilience

Cyber risks are top of mind, with 53% of CEE leaders ranking cyber as the top risk their organisation is prioritising for mitigation over the next 12 months (globally: 57%).

As many as 49% of CEE businesses measure the financial impact of cyber risks, while this metric stands at 70% for EMEA, highlighting the need for faster convergence of a quantitative approach in the CEE region.

Despite cyber risks being a priority for businesses, only 2% of businesses globally have implemented firm-wide cyber resilience. This leaves a glaring vulnerability—without enterprise-wide resilience, companies remain dangerously exposed to the increasing threats that could compromise their entire operation.

What worries organisations most is what they’re least prepared for. In general, technology leaders prioritise improving cloud, data and network security in 2025 to mitigate these cyber risks. CEE businesses also look to invest substantially in application security and awareness programmes, while EMEA is advancing towards GenAI to find innovative solutions.

At the same time, global research highlights differing priorities: business executives are primarily concerned with inflation, while tech executives focus on cyber risks due to their closer connection to the cyber threat landscape.

"Cybersecurity is a global concern, particularly crucial for Ukraine amidst the ongoing war. The use of advanced technologies in military operations and the information space has escalated cyber threats. For business and tech executives, aligning priorities to balance cyber risk management with economic challenges is essential. By integrating the cyber agenda into the broader business strategy, organizations can effectively safeguard assets and enhance resilience.”

Anton Tseshnatii, Leading Risk Assurance Expert at PwC Ukraine

“Secure AI”—“AI for Security”

“Secure AI”: Business and technology leaders have a mandate to leverage AI-driven capabilities to find innovative ways to serve their customers and increase operational efficiency. These imperatives mean that AI-enabled business solutions are on the rise and need to be secured. AI is already starting to accelerate new innovations and automate processes in ways we would have thought unimaginable only a few years ago. It is improving our productivity and helping us reimagine the customer experience.

“AI for Security”: Even though new and emerging technologies may increase the attack surface area, organisations are leveraging AI for cyber resilience. In CEE, 43% of companies will prioritise threat detection and response in the use of GenAI for defence over other cyber capabilities/areas in the next 12 months.

On average, 42% of CEE businesses and 52% of EMEA businesses increased their investments in emerging technologies (such as GenAI) for cybersecurity in the last 12 months.

There are clear challenges for CEE leaders in applying GenAI solutions in areas such as the implementation of data governance in their organisations, alongside the technical and knowledge requirements.

“While each organisation is different, they usually seek to harness the potential of generative AI to enhance data analysis and customer insights. However, this must be achieved responsibly. Companies must develop a clear security framework and comprehensive governance for AI. A key priority is to establish strategies, principles and operating models to unlock the power of AI in a responsible way.”

Laura Duncan, PwC Partner, Cybersecurity, UK

Regulatory environment—increased costs but also benefits perceived

As many as 73% of companies in CEE state that regulations have a moderate to significant impact on increasing their cyber investments.

While the CEE region is facing a challenging regulatory environment, CEE leaders expressed high confidence in complying with the Digital Operational Resilience Act (DORA) (43%), the Network and Information Systems Directive 2 (NIS2) (58%) and the EU AI Act (38%).

Despite the clear belief that cyber regulations are helping the organisation, there’s a measurable difference between CEO and CISO/CSO confidence in their ability to comply with these regulations. CISOs, who are on the front lines of cybersecurity, are less optimistic than CEOs about their organisation’s ability to meet these regulatory requirements. The biggest gaps involve compliance with regulations related to AI, resilience and critical infrastructure requirements.

“All the regulations for financial institutions aim to enhance customer trust. Although there are many upcoming regulations, they share a common spirit. These regulations consistently call for the stringent protection of data, responsible management of customer relationships and robust, well-documented processes. In essence, they challenge us to be well-managed, trustworthy and accountable organisations.”

Enkelejd Zotaj, CIO, Luminor Group, Estonia

About the survey

The 2025 Global Digital Trust Insights is a survey of 4,042 business and technology leaders conducted from May to July 2024.

Respondents operate in a range of industries, including industrials and services (21%), tech, media, telecom (20%), financial services (19%), retail and consumer markets (17%), energy, utilities and resources (11%), health (7%), and government and public services (4%).

Respondents are based in 77 countries globally. There were 230 survey participants in Central and Eastern Europe from countries such as the Czech Republic, Poland, Hungary, Slovakia, Bulgaria, Romania, Serbia, Ukraine, Estonia, Latvia and other countries.

The Global Digital Trust Insights Survey was previously known as the Global State of Information Security Survey (GSISS). Now in its 27th year, it’s the longest-running annual survey on cybersecurity trends. It’s also the largest survey in the cybersecurity industry and the only one that draws participation from senior business executives, not just security and technology executives.

PwC Research, PwC’s global Centre of Excellence for market research and insight, conducted this survey.

Bridging the gaps to cyber resilience: The C-suite playbook

Sign up to get the full playbook and access more of the latest findings for 2025

Contact us

Oleksiy Katasonov

Oleksiy Katasonov

Partner, Transportation & Logistics Industry Leader, PwC in Ukraine

Tel: +380 44 354 0404

Email
Anton Tseshnatii

Anton Tseshnatii

Director, Risk Assurance, PwC in Ukraine

Tel: +380 44 354 0404

Email
Follow us on social media

© 2015 - 2025 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.