The CISO-CFO disconnect: why security and finance struggle on cyber investment

Security and finance think they’re aligned. The data says otherwise.

97% of security leaders say their priorities match business goals. 74% say they collaborate with finance early and often. Yet when it’s time to approve budgets, the process stalls.

Finance wants quantified risk reduction and clear ROI. Security reports on program maturity and compliance metrics. Both teams think they’re communicating—but they’re speaking different languages entirely.

This research surveyed 300 CISOs, directors of cybersecurity, CFOs, and finance leaders to understand where collaboration breaks down and what actually fixes it.

You’ll learn:

• Why 60% of security leaders aren’t confident their investments align with actual business risk
• What finance actually needs to see before approving security budgets (hint: it’s not maturity scores)
• How to translate security metrics into the cost-benefit language finance understands
• Why C-suite engagement matters: CISOs who talk to CFOs report 63% higher alignment versus those who only engage at the director level
• The real reason security struggles to get funding—and how to fix the language barrier