The Annual SaaS Security Survey Report: 2025 CISO Plans & Priorities

Complete the form to receive the report via email

The CSA Annual SaaS Security Survey, commissioned by Adaptive Shield, surveyed over 450 IT and security professionals from large organizations from various industries and locations to better understand the industry’s priorities and plans around SaaS security.

In an era where SaaS platforms power a wide spectrum of industries and the threat of SaaS breaches looms large, SaaS security is on the radar, more than ever.

Survey Key Findings

SaaS security is more important than ever

Despite economic instability and workforce reductions, organizations drastically increased investment in SaaS security, with 39% of organizations increasing their SaaS cybersecurity budget compared to last year, and 56% increasing their SaaS security staff.

Companies are establishing dedicated SaaS security teams

For the first time, the survey identified the existence of SaaS-specific security roles in 70% of organizations: 57% of respondents have a SaaS security team of at least two dedicated full-time employees and another 13% have allocated a dedicated full-time staffer.

Organizations managed to improve their key SaaS security capabilities

Full visibility into the SaaS stack has nearly doubled since last year, leaving companies in much better positions when it comes to preventing breaches and detecting threats. Seventy percent of organizations report having moderate to full visibility into their SaaS applications.

Most SaaS security challenges stem from using the wrong tool

Organizations are still struggling to manage misconfigurations, connected apps, and visibility into security risks. Many of these challenges stem from using tools such as CASB and Manual Audits. Companies who have adopted SaaS Security Posture Management (SSPM) are more than twice as likely to have full visibility into their SaaS stack compared to those who utilize other tools and manual processes in their strategy.

Despite challenges, SaaS security investment is paying off

The challenges presented clearly demonstrate that organizations are taking SaaS security seriously. In fact, the survey identified a positive trend: 25% of respondents experienced a SaaS security incident in the past two years, compared with 53% last year. The most common security incidents reported were data breaches(52%) and data leakage (50%), followed by unauthorized access (44%) and malicious applications (38%).

Complete the form to receive the report via email

About Adaptive Shield

The SSPM & ITDR Platform to Secure Your Entire SaaS Stack

Businesses today run nearly every facet of their operations in the cloud. Even though SaaS providers build in native security controls, it's the organization's responsibility to ensure every security setting, user and device with access are correctly configured and hardened according to the company’s security policies.
Adaptive Shield is committed to enabling enterprises to continue adopting SaaS applications while staying safe. Adaptive Shield enables security teams to protect, detect, and respond to threats throughout their entire SaaS stack.

Book A Demo

Awards & Recognition

Check Out Our Resources

Check Out Our Resources

The Ultimate SaaS Security Checklist 2025 Edition