Hey there, looking for some cutting-edge insights delivered straight to your inbox? Get our exclusive weekly newsletters tailored for enterprise AI, data, and security leaders. Don’t miss out, subscribe now!
“In today’s ever-changing landscape of volatility, security and risk leaders are facing the challenge of managing existing spending while adapting to new budgetary requirements,” according to Forrester’s 2026 Budget Planning Guide. This shift signifies a significant change in how organizations allocate cybersecurity resources.
Recent data reveals that software now accounts for 40% of cybersecurity spending, surpassing hardware at 15.8%, outsourcing at 15%, and even personnel costs at 29% by 11 percentage points. Organizations are now up against gen AI attacks that execute in milliseconds, a stark contrast to the Mean Time to Identify (MTTI) of 181 days reported in IBM’s Cost of a Data Breach Report.
The cybersecurity landscape is changing rapidly, with three major threats reshaping the field. Gen AI is enabling attackers to create a staggering 10,000 personalized phishing emails per minute using scraped LinkedIn profiles and corporate data. Additionally, NIST’s 2030 quantum deadline poses a significant risk, threatening the decryption of $425 billion worth of currently protected data. Deepfake fraud has surged by 3,000% in 2024, successfully bypassing biometric authentication in 97% of attempts, prompting a fundamental reevaluation of defensive strategies.
Caption: Software now dominates 40% of cybersecurity budgets in 2025, with a significant 11 percentage point lead over personnel costs at 29%. Organizations are enhancing their security measures to combat gen AI threats that operate at lightning speed. Source: Forrester’s 2026 Budget Planning Guide
AI Scaling Hits Its Limits
Power caps, rising token costs, and inference delays are reshaping enterprise AI. Join our exclusive salon to discover how top teams are:
- Turning energy into a strategic advantage
- Architecting efficient inference for real throughput gains
- Unlocking competitive ROI with sustainable AI systems
Secure your spot to stay ahead: https://bit.ly/4mwGngO
As security teams grapple with 75 or more tools, they are losing a staggering $18 million annually to integration and overhead costs alone. The average detection time remains at 277 days, while attacks are executed in mere milliseconds.
Gartner’s forecast predicts that interactive application security testing (IAST) tools will witness an 80% decline in market share by 2026. Security Service Edge (SSE) platforms, which initially promised streamlined convergence, are now adding to the complexity they aimed to reduce. Meanwhile, standalone risk-rating products inundate security operations centers with alerts lacking actionable context, leading analysts to spend 67% of their time on false positives, as per IDC’s Security Operations Study.
The math doesn’t add up. Analysts need 90 seconds to evaluate each alert, yet they receive a staggering 11,000 alerts daily. With each additional security tool deployed, visibility reduces by 12% and increases attacker dwell time by 23 days, as highlighted in Mandiant’s 2024 M-Trends Report. Complexity has become the greatest vulnerability in enterprise cybersecurity.
Platform vendors have long advocated for consolidation, leveraging the chaos and complexity resulting from app and tool sprawl. George Kurtz, CEO of CrowdStrike, emphasized the importance of execution in competing with platforms in today’s fast-paced market conditions. He stated, “The difference between a platform and platformization is execution. Immediate value delivery is crucial while working towards a unified vision that eliminates complexity.”
CrowdStrike’s Charlotte AI streamlines alert triage, saving SOC teams over 40 hours per week by accurately classifying millions of detections at a 98% accuracy rate. This efficiency is equivalent to the output of five experienced analysts, powered by Falcon Complete’s expert-labeled incident corpus.
“Our Falcon Complete team has been instrumental in this feat,” mentioned Elia Zaitsev, CTO at CrowdStrike. “With their manual handling of millions of detections and high-quality human-annotated dataset, we achieved over 98% accuracy. We understand that adversaries are leveraging AI for faster attacks, and with Charlotte AI, we empower defenders to match their pace, enhancing efficiency and real-time threat response.”
CrowdStrike, Microsoft’s Defender XDR with MDVM/Intune, Palo Alto Networks, Netskope, Tanium, and Mondoo now offer bundled XDR, SIEM, and auto-remediation capabilities, transforming SOCs from reactive forensics to real-time threat mitigation.
Security budgets surge by 10% as gen AI attacks outpace human defense
Forrester’s guide indicates that 55% of global security technology decision-makers anticipate significant budget increases within the next year. While 15% expect increases exceeding 10%, 40% foresee rises between 5% and 10%. This upward trend reflects an unbalanced battleground where attackers leverage gen AI to target thousands simultaneously with personalized campaigns based on real-time data.
Attackers are capitalizing on the benefits provided by adversarial AI, combining speed, stealth, and highly personalized attacks to maximize their impact. Mike Riemer, Field CISO at Ivanti, predicts a turning point in 2025 as defenders begin to harness AI’s full potential for cybersecurity purposes.
Caption: 55% of security leaders anticipate budget increases of over 5% in 2026. Organizations in Asia Pacific lead with 22% expecting increases above 10%, compared to just 9% in North America. Source: Forrester’s 2026 Budget Planning Guide
Regional differences in spending highlight variations in threat landscapes and the responses of CISOs. Organizations in Asia Pacific lead with 22% anticipating budget increases exceeding 10%, while 9% in North America expect similar growth. Cloud security, on-premises technology, and security awareness training are the top investment priorities globally.
Software dominates budgets as runtime defenses become critical in 2026
Security leaders emphasize the importance of safeguarding the inference layer in AI model development, considering it the frontline of future cybersecurity. This layer is vulnerable to prompt injection, data exfiltration, and model manipulation, necessitating millisecond-scale responses rather than delayed investigations.
Forrester’s latest CISO spending guide highlights a significant shift in cybersecurity spending priorities, with cloud security leading at 12% in spending increases, closely followed by investments in on-premises security technology at 11%, and security awareness initiatives at 10%. These priorities reflect the urgency felt by CISOs to bolster defenses precisely at the critical moment of AI model inference.
“At
