The ISACA global State of Cybersecurity Survey has been conducted for a decade. Although 10 years is a relatively long time for a comparatively new profession, some of the challenges reported from the survey have not changed much over these 10 years. Although this year’s survey data show fewer exploitations attributed to nonmalicious insiders, effective insider-threat and cybersecurity training and awareness programs alone do not protect enterprises in today’s everchanging threat landscape. Moreover, data reveal major unawareness in the type of cyberinsurance that enterprises carry, which may result in inflated confidence by senior leadership about what these policies cover. Finally, this year’s survey results affirm that the use of AI in security operations is still novel; however, the involvement of security professionals in the development, onboarding, and implementation of AI is astonishingly low. Most concerning is the lack of involvement in the development of a policy that governs the use of AI technology within respondent enterprises.