Software now holds the majority share of cybersecurity spending, surpassing hardware, outsourcing, and personnel costs. Organizations are facing challenges from gen AI attacks that operate swiftly, contrasting with the lengthy Mean Time to Identify (MTTI) of 181 days as reported by IBM’s Cost of a Data Breach Report.
Three major threats are reshaping the cybersecurity landscape, turning what once provided protection into vulnerabilities. Gen AI enables attackers to create personalized phishing emails at an alarming rate, while NIST’s quantum deadline poses a risk of decryption to valuable data. Additionally, deepfake fraud has seen a drastic increase, bypassing biometric authentication in most cases, forcing security leaders to rethink their defense strategies.
The consolidation of platforms is eliminating integration costs for enterprises managing multiple tools. Security teams are urged to focus on streamlining their tools to enhance efficiency and effectiveness. The average detection time remains high, while attacks continue to happen within milliseconds.
Security budgets are on the rise, with a significant percentage of leaders expecting substantial increases in the coming year. The surge in spending reflects the ongoing battle against gen AI attacks that target employees with personalized campaigns. Regional differences in budget expectations highlight variations in threat landscapes and responses.
Software remains a dominant force in cybersecurity budgets, with a focus on runtime defenses becoming critical in 2026. Protecting the inference layer of AI model development is crucial, as it is considered the frontline of cybersecurity. Cloud security, on-premises technology, and security awareness training are among the top investment priorities for CISOs.
The advancement of quantum computing poses a new risk for enterprises, with the potential for quantum-enabled decryption threatening encrypted data. Security leaders are advised to prioritize adopting Post-Quantum Cryptography (PQC) standards to safeguard sensitive data. The exponential growth of machine identities is fueling a credential crisis, leading to an increased focus on machine identity management.
The divestment of legacy tools is accelerating, with a shift towards more integrated platforms that offer enhanced visibility and management. Security leaders are urged to divest from outdated security tools and focus on platforms that provide comprehensive solutions. Consolidating security at AI’s inference edge is highlighted as crucial for maintaining control over cybersecurity threats.
