Cyber Spending Set to Soar

How industry experts expect this budgeting surge to impact cybersecurity initiatives.

General Cyberattack
January 15, 2026

According to the 2025 KPMG Cybersecurity Survey, 99 percent of security leaders plan to increase their cybersecurity budgets over the next two to three years. This near-universal commitment to increased spending, with the majority (54 percent) anticipating significant increases of six to 10 percent, signals a major pivot. 

We could finally be entering a period when cybersecurity is no longer a cost center, but a critical business imperative and driver of resilience. Key indicators from the survey include:

  • Sustained Budget Growth. Even with the projected spending surge, leaders still face hurdles in securing additional funding, with 52 percent citing competing priorities for budget allocation which include data security and privacy, IAM, and cloud security. This signals a need for leaders to focus on managing this spend more strategically.
  • The AI Arms Race. The rise of AI is a dual catalyst. While 38 percent see AI-powered attacks as a major challenge in the next two to three years, 70 percent are already dedicating more than 10 percent of their budgets to AI-related cyber initiatives. They also reported that AI will have the greatest impact in proactively identifying and stopping threats with fraud prevention (57 percent), predictive analytics (56 percent) and enhanced detection (53 percent).
  • A War for Talent. The boom is creating fierce competition for skilled professionals, as 53 percent cite a lack of qualified candidates as a high-impact challenge, forcing them to increase compensation (49 percent), boost internal training (49 percent), and rely more on external partners (25 percent) to fill critical gaps.
  • Strategic Investment Beyond IT. The survey shows that 42 percent are making identity and access management a top budget priority over the next two to three years, closely following data security, privacy and cloud security. This reflects a growing recognition that as organizations scale cloud and AI, stronger identity governance and access controls are critical to protecting sensitive data and systems and to building a more resilient security posture.

Industry stakeholders weighed in on the topic, offering the following perspectives. 

Seth Spergel, Managing Partner at Merlin Ventures 

"Budgets are tight, and CISOs know that. The degree of impact varies by CISO, but we see AI already impacting CISOs hiring decisions and their plans for upcoming budget. Security, much like every market segment, is seeing a big impact from AI-infused software products, and CISOs expect to  gain efficiencies from the next generation of software. 

"In some cases, an uncertain economy means reducing lower-value roles. But, generally speaking, there is still so much to do that few CISOs will willingly give up staff. We see the growth opportunity around a hybrid model of talented cybersecurity practitioners being extended by AI capabilities. There are still very sensitive tasks and decisions that organizations cannot fully trust to AI, but we can now bring those human operators much more complete data very quickly with the help of these AI tools.

"AI agents, while creating efficiencies and opportunities for cybersecurity executives, also create a whole load of new risks for organizations, and CISOs are still struggling to keep up with the evolving threats they bring. That’s going to keep them busy, and pushing for budget, for the foreseeable future." 

Ram Varadarajan, CEO at Acalvio 

"The cybersecurity labor model is being quietly rebalanced. Organizations are not eliminating people, they are reducing reliance on manual analysis in favor of automation that operates at machine speed. 

"In 2026, cybersecurity stops being a people-scaling problem and becomes an intelligence-scaling problem. AI-driven attacks force AI-driven defense. Teams stay lean, budgets get smarter, and machines take on the work humans were never meant to do at machine speed.

"I don’t expect most CISOs to significantly grow their teams in 2026. Not because risk is shrinking, but because headcount no longer scales against the threat. The constraint isn’t budget or intent. It’s speed. When attacks unfold at machine pace, adding more humans doesn’t materially change outcomes. Teams will stay relatively flat while the nature of the work shifts.

"Macroeconomic pressure is forcing organizations to be far more precise about where they spend. Security budgets won’t disappear, but they will be scrutinized. Spending that improves preemptive defense reaction time, reduces noise, and demonstrably lowers risk will win. Spending that simply adds operational drag or manual effort will struggle to justify itself." 

Robb Reck, Chief Information, Trust, and Security Officer at Pax8 

"The uncertain economy is driving tighter evaluations of ROI on any security spend. Risk reduction remains the top priority, but CISOs are done with vendor promises, they want proof. Companies that can point to real customers achieving measurable results will win existing budget from current vendors who are not capturing the performance improvements from AI and automation. 

"AI isn't replacing cybersecurity professionals in 2026 - it's augmenting them. However, CISOs may still be hesitant to hire. Many companies are slowing hiring while they wait to see how AI agents will actually perform. The candidates who are getting hired? Those who lead with an AI-first mindset and can articulate how they'll drive transformation, not just use the tools."

Diana Kelley, CISO at Noma Security 

"Most of the CISOs I speak with expect to hold team size roughly steady, with only marginal, as-needed growth. This is not because risk is declining, but because boards are pushing for cost efficiencies driven by automation and tighter alignment to business outcomes. 

"As is often the case, security teams are being asked to do more with the same number of people. Where I do see headcount growth is in cloud security and identity, while traditional SOC expansion is flattening. Economic uncertainty is driving many CISOs to expect flat to modestly higher budgets, alongside increased expectations from CFOs and boards to demonstrate measurable risk reduction. 

"The pressure is not simply 'spend less,' but 'prove value.'

"Let’s face it. AI is already reshaping cyber work, and 2026 will accelerate that shift. AI agents are reducing demand for some entry-level roles, such as basic alert triage, log review, and first-pass investigations. At the same time, AI is increasing demand for higher-context roles involving agentic system design, advanced prompt engineering, context-based threat modeling, and human-in-the-loop oversight of agentic systems. 

"This is why CISOs see AI changing the mix of skills and roles on their teams, not eliminating security organizations wholesale. Human judgment remains critical, especially where agentic AI systems interact with identity, access, and production environments."

Dave Tyson, Chief Intelligence Officer at iCOUNTER 

"We’re seeing a massive shift in cyber spend toward the need for continuous monitoring of the extended ecosystem. Detecting threats in near real time allows mitigation to occur before a risk event impacts you. It is a different kind of hunt, but in today’s connected ecosystem, it is becoming a fundamental requirement. 

"Many solutions already automate components of threat hunting, and agentic AI will undoubtedly advance this further. However, as a former CISO for several large organizations, I believe it is unlikely to become fully automated for two key reasons.

  1. Training AI agents requires significant volumes of structured data and extensive optimization time.
  2. Business context is essential to prioritize threats effectively. Teaching AI-driven systems to understand which assets are most critical, and under what circumstances, is a monumental challenge.

"I expect that new and innovative approaches will continue to emerge. Automatically quarantining endpoints or assets is a valuable tactic, but this primarily addresses symptom management. The greater business value lies in identifying the root cause: why the security defenses failed, whether the strategy was sound, and what made the system vulnerable in the first place." 

Rich Seiersen, Chief Risk Technology Officer at Qualys

"This year, CISOs were faced with overwhelming noise: noise confronts the defender on three fronts: Telemetry, Tools, Technology. Add to that the rapid pace of AI growth, both from a consumer and a B2B perspective. 

"People are using AI for everything without your permission, including crafting core enterprise content or getting overzealous AI help with first-party development. This is the exponentiation of high-risk shadow IT brought to you by consumer-facing AI. Then there are the corporate AI initiatives that mesh on-premises stuff with SaaS via the “Model Control Protocol” (MCP). 

"Leaders no longer want mere observation. They wish to know how assets, risks, threats, and business value correlate and interact. And where the biggest bang for their buck exists in eliminating risk across various attack paths. More than that, they want non-destructive action taken to eradicate high-impact risks."

Related Stories
Utility Metamorworks
Cybersecurity
5G’s Speed Advantage Can Backfire on Security Teams
Encryption
Cybersecurity
Addressing the Factory Floors' Weakest Security Point
People Cyber Metamorworks
Cybersecurity
Breaking the Federal Cybersecurity Compliance Bottleneck
Insider Threat Leo Wolfert
Cybersecurity
How Cybercriminals Identify, Nurture Insider Threats
More in Cybersecurity
Cybersecurity
Automotive Ransomware Attacks More Than Doubled in 2025
More AI, expanded autonomous technologies and evolving threat actors are elevating cyber risks.
Automobile Cockpit, Various Information Monitors And Head Up Displays
Cybersecurity
SBOM Regs Rolled Back
The two Biden-era memoranda required agencies to obtain software security attestations before deployment.
Us Binary Flag Mirsad Sarajlic
Cybersecurity
Threats Targeting Employee Credentials Surge 389 Percent
Credentials are being stolen in as little as 14 minutes.
Protection Background Technology Security 524882074 701x502 (1)
Cybersecurity
Shadow AI Threats Grow
Productivity pressures are pushing many to bypass safeguards, increasing exposure to data leaks.
Insider Threat Leo Wolfert
Cybersecurity
Report Shows AI-Enabled Threats As Top Concern
AI could help hackers take greater advantage of visibility shortcomings.
Computer Crime Concept 516607038 2125x1416 (1)
Cybersecurity
The Domino Effect of a Data Breach
Here are some strategies to detect breaches faster and limit their capacity for damage.
Coding
Cybersecurity
AI Won’t Replace the Cybersecurity Workforce, But It Will Redefine It
AI is framed as a multi-faceted solution, but the conversation often goes off course.
Ai Your Photo
Cybersecurity
Security Breach: Strengthening Your Weakest Links
All the little things can kill a cybersecurity strategy, but there are ways to tie them all together.
Ep157
Cybersecurity
The Rise of Identity and Data Security Dependency
Predictions on what will shape industrial cybersecurity in 2026 and beyond.
Protection Background Technology Security 524882074 701x502 (1)
Cybersecurity
Securing the Edge in AI-Enabled Smart Factories
Growing data needs have manufacturers between a rock and a hard place.
Sase Supatman
Cybersecurity
How AI Is Transforming Cybersecurity Threats in 2026
Social engineering, deep fakes and more will benefit from the evolution of artificial intelligence.
Deepfake Orhan Turan
Cybersecurity
Inside The Mind of a Hacker
The report details how hackers are moving to a more collaborative, AI-enhanced approach.
General Cyberattack
Page 1 of 55
Next Page